[Snyk] Security upgrade cross-fetch from 3.1.4 to 3.1.5

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: cross-fetch

The new version differs by 13 commits.

• c6089df chore(release): 3.1.5
• a3b3a94 chore: updated node-fetch version to 2.6.7 (Update tslint to version 4.0.0 🚀 #124)
• efed703 chore: updated node-fetch version to 2.6.5
• 694ff77 refactor: removed ora from dependencies
• efc5956 refactor: added .vscode to .gitignore
• da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/module-system/
• 0f0d51d chore: updated minor and patch versions of dev dependencies
• c6e34ea refactor: removed sinon.js
• f524a52 fix: yargs was incompatible with node 10
• 7906fcf chore: updated dev dependencies
• 24bc35a chore: added make browser task
• 6baf09d chore: added closeOnExec param to ./bin/server
• 80c46c1 chore: added exec param to ./bin/server

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[dlafreniere]

fixed in #317