fix(deps): update dependency node-fetch to v3

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
node-fetch	^2.7.0 → ^3.0.0

---

Release Notes

node-fetch/node-fetch (node-fetch)

v3.3.2

Compare Source

Bug Fixes

• Remove the default connection close header. (#​1736) (8b3320d), closes #​1735 #​1473

v3.3.1

Compare Source

Bug Fixes

• release "Allow URL class object as an argument for fetch()" #​1696 (#​1716) (7b86e94)

v3.3.0

Compare Source

Features

• add static Response.json (#​1670) (55a4870)

v3.2.10

Compare Source

Bug Fixes

• ReDoS referrer (#​1611) (2880238)

v3.2.9

Compare Source

Bug Fixes

• Headers: don't forward secure headers on protocol change (#​1599) (e87b093)

v3.2.8

Compare Source

Bug Fixes

• possibly flaky test (#​1523) (11b7033)

v3.2.7

Compare Source

Bug Fixes

• always warn Request.data (#​1550) (4f43c9e)

v3.2.6

Compare Source

Bug Fixes

• undefined reference to response.body when aborted (#​1578) (1c5ed6b)

v3.2.5

Compare Source

Bug Fixes

• use space in accept-encoding values (#​1572) (a92b5d5), closes #​1571

v3.2.4

Compare Source

Bug Fixes

• don't uppercase unknown methods (#​1542) (004b3ac)

v3.2.3

Compare Source

Bug Fixes

• handle bom in text and json (#​1482) (6425e20)

v3.2.2

Compare Source

Bug Fixes

• add missing formdata export to types (#​1518) (a4ea5f9), closes #​1517

v3.2.1

Compare Source

Bug Fixes

• cancel request example import (#​1513) (61b3b5a)

v3.2.0

Compare Source

Features

• export Blob, File and FormData + utilities (#​1463) (81b1378)

v3.1.1

Compare Source

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

• core: update fetch-blob by @​jimmywarting in #​1371
• docs: Fix typo around sending a file by @​jimmywarting in #​1381
• core: (http.request): Cast URL to string before sending it to NodeJS core by @​jimmywarting in #​1378
• core: handle errors from the request body stream by @​mdmitry01 in #​1392
• core: Better handle wrong redirect header in a response by @​tasinet in #​1387
• core: Don't use buffer to make a blob by @​jimmywarting in #​1402
• docs: update readme for TS @​types/node-fetch by @​adamellsworth in #​1405
• core: Fix logical operator priority to disallow GET/HEAD with non-empty body by @​maxshirshin in #​1369
• core: Don't use global buffer by @​jimmywarting in #​1422
• ci: fix main branch by @​dnalborczyk in #​1429
• core: use more node: protocol imports by @​dnalborczyk in #​1428
• core: Warn when using data by @​jimmywarting in #​1421
• docs: Create SECURITY.md by @​JamieSlome in #​1445
• core: don't forward secure headers to 3th party by @​jimmywarting in #​1449

New Contributors

• @​mdmitry01 made their first contribution in #​1392
• @​tasinet made their first contribution in #​1387
• @​adamellsworth made their first contribution in #​1405
• @​maxshirshin made their first contribution in #​1369
• @​JamieSlome made their first contribution in #​1445

Full Changelog: node-fetch/node-fetch@v3.1.0...v3.1.1

v3.1.0

Compare Source

What's Changed

• fix(Body): Discourage form-data and buffer() by @​jimmywarting in #​1212
• fix: Pass url string to http.request by @​serverwentdown in #​1268
• Fix octocat image link by @​lakuapik in #​1281
• fix(Body.body): Normalize Body.body into a node:stream by @​jimmywarting in #​924
• docs(Headers): Add default Host request header to README.md file by @​robertoaceves in #​1316
• Update CHANGELOG.md by @​jimmywarting in #​1292
• Add highWaterMark to cloned properties by @​davesidious in #​1162
• Update README.md to fix HTTPResponseError by @​thedanfernandez in #​1135
• docs: switch url to URL by @​dhritzkiv in #​1318
• fix(types): declare buffer() deprecated by @​dnalborczyk in #​1345
• chore: fix lint by @​dnalborczyk in #​1348
• refactor: use node: prefix for imports by @​dnalborczyk in #​1346
• Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by @​dependabot in #​1319
• Bump mocha from 8.4.0 to 9.1.3 by @​dependabot in #​1339
• Referrer and Referrer Policy by @​tekwiz in #​1057
• Add typing for Response.redirect(url, status) by @​c-w in #​1169
• chore: Correct stuff in README.md by @​Jiralite in #​1361
• docs: Improve clarity of "Loading and configuring" by @​serverwentdown in #​1323
• feat(Body): Added support for BodyMixin.formData() and constructing bodies with FormData by @​jimmywarting in #​1314
• template: Make PR template more task oriented by @​jimmywarting in #​1224
• docs: Update code examples by @​jimmywarting in #​1365

New Contributors

• @​serverwentdown made their first contribution in #​1268
• @​lakuapik made their first contribution in #​1281
• @​robertoaceves made their first contribution in #​1316
• @​davesidious made their first contribution in #​1162
• @​thedanfernandez made their first contribution in #​1135
• @​dhritzkiv made their first contribution in #​1318
• @​dnalborczyk made their first contribution in #​1345
• @​dependabot made their first contribution in #​1319
• @​c-w made their first contribution in #​1169

Full Changelog: node-fetch/node-fetch@v3.0.0...v3.1.0

v3.0.0

Compare Source

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See changelog for more information about all the changes.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.