Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade node-wget-fetch from 1.0.5 to 1.1.3 #15

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade node-wget-fetch from 1.0.5 to 1.1.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 3 versions ahead of your current version.
  • The recommended version was released 9 months ago, on 2022-04-22.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-NODEFETCH-2342118
325/1000
Why? CVSS 6.5
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: node-wget-fetch
  • 1.1.3 - 2022-04-22
  • 1.1.2 - 2022-03-22
  • 1.1.0 - 2020-12-08
  • 1.0.5 - 2020-11-10
from node-wget-fetch GitHub release notes
Commit messages
Package name: node-wget-fetch
  • 857ec9c bug fix to upgrade to node-fetch v3
  • 52e2024 update version and dependences
  • 392cd52 fix: upgrade node-fetch from 2.6.2 to 2.6.4
  • 132072c Update package.json
  • 8330591 fix: upgrade node-fetch from 2.6.1 to 2.6.2
  • 9f0b1c8 coverage tests
  • 297dcf8 corrections, bug fix, test with node js 12x, convert cli to ESM
  • ad70663 added fetch retrying, converted to ESM usage
  • 8b6403c Update package-lock.json
  • dca9d39 bump version, coverage updates

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant