mirror of
https://github.com/LukeHagar/vercel.git
synced 2025-12-09 21:07:46 +00:00
[cli][client][build-utils][node][static-build] updated node-fetch to fix high severity security vulnerability (#8180)
Update `node-fetch 2.6.1 -> 2.6.7` to fix high severity security vulnerability: Exposure of Sensitive Information to an Unauthorized Actor (https://github.com/advisories/GHSA-r683-j2x4-v87g). `node-fetch` was updated in the root, `api`, `build-utils`, `cli`, `client`, `node`, and `static-build`. ### Related Issues > https://linear.app/vercel/issue/VCCLI-196/update-vercelnode-dep-node-fetch-261-267 ### 📋 Checklist <!-- Please keep your PR as a Draft until the checklist is complete --> #### Tests - [x] The code changed/added as part of this PR has been covered with tests - [x] All tests pass locally with `yarn test-unit` #### Code Review - [ ] This PR has a concise title and thorough description useful to a reviewer - [ ] Issue from task tracker has a link to this PR
This commit is contained in:
Chris Barber
@@ -51,7 +51,7 @@
|
||||
"ignore": "4.0.6",
|
||||
"minimatch": "5.0.1",
|
||||
"ms": "2.1.2",
|
||||
"node-fetch": "2.6.1",
|
||||
"node-fetch": "2.6.7",
|
||||
"querystring": "^0.2.0",
|
||||
"sleep-promise": "8.0.1"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user