From 3fe04cb2ab1ac48204f2f38208af55207b190a66 Mon Sep 17 00:00:00 2001 From: Guillem Barba Date: Wed, 5 Jul 2023 02:46:42 +0200 Subject: [PATCH] [Snyk] Upgrade cross-fetch from 3.1.4 to 3.1.6 (#2547) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade cross-fetch from 3.1.4 to 3.1.6.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **a month ago**, on 2023-05-14.
Release notes
Package name: cross-fetch from cross-fetch GitHub release notes
Commit messages
Package name: cross-fetch
  • a222017 chore(release): 3.1.6
  • 33a0d90 chore: updated node-fetch to 2.6.11
  • a66f21b fix: fixed ESTree.StaticBlock error
  • bb6403a chore: updated mocha-headless-chrome to 4.0.0
  • bef7bd3 chore: expanded Github Actions to trigger on release branches
  • fc9c16a chore: updated node-fetch to 2.6.9.
  • 24dedb4 chore: improved names of common checks on Github workflow
  • 02a63ca chore: refactored out common checks on Github workflow
  • 15f25c0 chore: upgraded Github actions to v3
  • 5e7b4a4 chore: removed unneeded step from Test specs job
  • 9fb71cf chore: enabled automatic CHANGELOG.md generation
  • ce651ec chore: added node version back to setup-node action
  • 0f55cad chore: removed debug actions
  • 601547d chore: added debug action
  • b279d5c chore: added action to debug payload
  • 92eaaf8 chore: added tag job on CI workflow
  • abbd730 chore: added commitzen
  • 5ffadbe perf: make build runs faster
  • 1b6d20d chore: added Release workflow
  • 0827c35 chore: renamed Github workflows
  • 7e469cb chore: removed release conditions on CI workflow
  • 1e53e26 chore: removed commitlint on CI workflow
  • 17aad4e chore: improved triggers for PR workflow
  • 5d89fa2 chore: added title validation for PR workflow
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/manuelfidalgo/project/6a7f3eb3-67c7-4731-b085-ac1ee0028d81?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/manuelfidalgo/project/6a7f3eb3-67c7-4731-b085-ac1ee0028d81/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/manuelfidalgo/project/6a7f3eb3-67c7-4731-b085-ac1ee0028d81/settings/integration?pkg=cross-fetch&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) Co-authored-by: snyk-bot --- packages/botonic-nlp/package-lock.json | 37 +++++++++++++++++++++++--- packages/botonic-nlp/package.json | 2 +- 2 files changed, 34 insertions(+), 5 deletions(-) diff --git a/packages/botonic-nlp/package-lock.json b/packages/botonic-nlp/package-lock.json index 5ddf3ee3a2..2c103b0cbf 100644 --- a/packages/botonic-nlp/package-lock.json +++ b/packages/botonic-nlp/package-lock.json @@ -2930,11 +2930,21 @@ "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" }, "cross-fetch": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.4.tgz", - "integrity": "sha512-1eAtFWdIubi6T4XPy6ei9iUFoKpUkIF971QLN8lIvvvwueI65+Nw5haMNKUwfJxabqlIIDODJKGrQ66gxC0PbQ==", + "version": "3.1.6", + "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.6.tgz", + "integrity": "sha512-riRvo06crlE8HiqOwIpQhxwdOk4fOeR7FVM/wXoxchFEqMNUjvbs3bfo4OTgMEMHzppd4DxFBDbyySj8Cv781g==", "requires": { - "node-fetch": "2.6.1" + "node-fetch": "^2.6.11" + }, + "dependencies": { + "node-fetch": { + "version": "2.6.11", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.11.tgz", + "integrity": "sha512-4I6pdBY1EthSqDmJkiNk3JIT8cswwR9nfeW/cPdUagJYEQG7R95WRH74wpz7ma8Gh/9dI9FP+OU+0E4FvtA55w==", + "requires": { + "whatwg-url": "^5.0.0" + } + } } }, "debug": { @@ -3854,6 +3864,11 @@ "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", "dev": true }, + "tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + }, "tunnel-agent": { "version": "0.6.0", "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", @@ -3895,6 +3910,20 @@ "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" }, + "webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" + }, + "whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "requires": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "wide-align": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.3.tgz", diff --git a/packages/botonic-nlp/package.json b/packages/botonic-nlp/package.json index 4c8ea4d664..8dd7c5b4ec 100644 --- a/packages/botonic-nlp/package.json +++ b/packages/botonic-nlp/package.json @@ -40,7 +40,7 @@ "@tensorflow/tfjs-node": "^2.8.6", "axios": "^0.24.0", "better-sqlite3": "^7.0.1", - "cross-fetch": "^3.1.4", + "cross-fetch": "^3.1.6", "js-yaml": "4.1.0" }, "resolutions": {