From 832f946224c5556d55333e014e28cfc1ff6285b0 Mon Sep 17 00:00:00 2001
From: wbt <wbt@users.noreply.github.com>
Date: Wed, 6 Apr 2022 14:28:43 -0400
Subject: [PATCH] Update away from vulnerable version of node-fetch

Backporting #124 to the 2.x branch for dependencies stuck on that which can't get a PR for moving on reviewed, e.g. https://github.com/MetaMask/web3-provider-engine/pull/404
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index d678794..26de9b0 100644
--- a/package.json
+++ b/package.json
@@ -61,7 +61,7 @@
     "url": "https://github.com/lquixada/cross-fetch/issues"
   },
   "dependencies": {
-    "node-fetch": "^2.6.1",
+    "node-fetch": "^2.6.7",
     "whatwg-fetch": "2.0.4"
   },
   "devDependencies": {