[Snyk] Upgrade cross-fetch from 3.0.0 to 3.1.5

[snyk-bot]

Snyk has created this PR to upgrade cross-fetch from 3.0.0 to 3.1.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 16 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2022-01-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service SNYK-JS-NODEFETCH-674311	520/1000 Why? Has a fix available, CVSS 5.9	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	520/1000 Why? Has a fix available, CVSS 5.9	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: cross-fetch

• 3.1.5 - 2022-01-20
  

  What's Changed

  • chore: updated node-fetch version to 2.6.7 by @ dlafreniere in #124

  New Contributors

  • @ dlafreniere made their first contribution in #124

  Full Changelog: v3.1.4...v3.1.5

• 3.1.4 - 2021-04-02
  

  🐞 fixed typescript errors.

• 3.1.4-alpha.0 - 2021-04-01
• 3.1.3 - 2021-03-30
  

  🐞 fixed typescript compilation error causing #95, #101, #102.

• 3.1.3-alpha.6 - 2021-03-28
• 3.1.3-alpha.5 - 2021-03-28
• 3.1.3-alpha.4 - 2021-03-28
• 3.1.2 - 2021-03-19
  

  🐞 added missing Headers interface augmentation from lib.dom.iterable.d.ts (#97)

• 3.1.1 - 2021-03-18
  

  🐞 fixed missing fetch api types from constructor signatures #96 (thanks @ jstewmon)

• 3.1.0 - 2021-03-13
  

  ⚡️ improved TypeScript support with own fetch API type definitions (thanks @ jstewmon)
  ⚡️ set fetch.ponyfill to true when custom ponyfill implementation is used.
  💡 set the same fetch API test suite to run against node-fetch, whatwg-fetch and native fetch.

• 3.0.6 - 2020-09-11
  

  ⚡️ updated node-fetch to 2.6.1

• 3.0.5 - 2020-06-14
  

  ⚡️ whatwg-fetch is not a prod dependency anymore (#63)
  ⚡️ updated all dev dependencies.

• 3.0.4 - 2019-06-08
  

  🐞 fixed bug that crashed Safari 9 (#49).
  ⚡️ added VaporJS code to the project.

• 3.0.3 - 2019-05-25
• 3.0.2 - 2019-03-27
• 3.0.1 - 2019-02-02
• 3.0.0 - 2018-12-09

from cross-fetch GitHub release notes

Commit messages

Package name: cross-fetch

• c6089df chore(release): 3.1.5
• a3b3a94 chore: updated node-fetch version to 2.6.7 (#124)
• efed703 chore: updated node-fetch version to 2.6.5
• 694ff77 refactor: removed ora from dependencies
• efc5956 refactor: added .vscode to .gitignore
• da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/module-system/
• 0f0d51d chore: updated minor and patch versions of dev dependencies
• c6e34ea refactor: removed sinon.js
• f524a52 fix: yargs was incompatible with node 10
• 7906fcf chore: updated dev dependencies
• 24bc35a chore: added make browser task
• 6baf09d chore: added closeOnExec param to ./bin/server
• 80c46c1 chore: added exec param to ./bin/server
• 7e4b657 chore(release): 3.1.4
• 47bc898 chore(release): 3.1.4-alpha.0
• 3fce389 fix: reverted index.d.ts to its original state (prior 3.1.0)
• ddfe452 chore(release): 3.1.3
• 0a35f69 chore: updated dev dependencies
• 6c7c5d3 chore: removed target from typescript example
• 7c6a3f4 chore(release): 3.1.3-alpha.6
• 4e32613 chore: improved index.d.ts
• d7210dc chore(release): 3.1.3-alpha.5
• 69b7d5b chore: improved typescript example
• f3b2fc4 chore: added no-default-lib directive to index.d.ts and lib.fetch.d.ts

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs