-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(Headers): don't forward secure headers to 3th party #1449
fix(Headers): don't forward secure headers to 3th party #1449
Conversation
src/utils/is.js
Outdated
if (!a.endsWith(b)) { | ||
return false; | ||
} | ||
|
||
return a[a.length - b.length - 1] === '.'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think about adding the .
to the endsWith
call?
if (!a.endsWith(b)) { | |
return false; | |
} | |
return a[a.length - b.length - 1] === '.'; | |
return a.endsWith(`.${b}`) |
I think that this is much easier to read
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you are making a request to fridas-blog.uk.com
and it redirects to uk.com
then uk.com
should not know about the cookie... cuz the cookie can be tied to fridas-blog.uk.com
a
= referer (original request) fridas-blog.uk.com
b
= destination (Location) uk.com
a.endsWith('.${b}')
=== true
b
is not the same host or a subdomain of a
...
so i guess it can't work...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you are only after something that is sorter and dose the same thing:
export const isDomainOrSubdomain = (a, b) => {
a = new URL(a).hostname
b = new URL(b).hostname
return a === b || (
a[a.length - b.length - 1] === '.' && a.endsWith(b)
)
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I still don't understand how the two checks are different? As far as I can tell, unless I'm missing something, the two functions below behave the exact same way?
function one (a, b) {
return a === b || (
a[a.length - b.length - 1] === '.' && a.endsWith(b)
)
}
function two (a, b) {
return a === b || a.endsWith(`.${b}`)
}
The case you are mentioning seems to be handled wrong in the committed code then?
> isDomainOrSubdomain('http://uk.com', 'http://fridas-blog.uk.com')
true
(extra ping @jimmywarting since this is already merged)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, double checked again and you are right... they are equally the same, But there is no mistake in the merged code...
I was blinded by the order of arguments passed down to isDomainOrSubdomain
and mixing up whats gets passed down to the function and in which order. i was just so blinded by how Go and follow-redirects also did it using the dot index
But at least there is no rush to change it now... can change it later
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a & b was a stupid variable name...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice 👍
Submitted PR to make the code easier to understand here: #1455
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. Feel free to refactor the isDomainOrSubdomain
method to make it easier to read, but it's good as is from my perspective.
Will you do that yourself or shall we do a follow up issue so we don't forget? |
Thx for everyone to get to this, this issue can finally be closed :) But do note the drawback: |
I can fix V2 also |
@@ -56,3 +56,20 @@ export const isAbortSignal = object => { | |||
) | |||
); | |||
}; | |||
|
|||
/** | |||
* isDomainOrSubdomain reports whether sub is a subdomain (or exact match) of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this use the public suffix list instead? https://publicsuffix.org/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think that would be necessary.
* @param {string|URL} original | ||
* @param {string|URL} destination | ||
*/ | ||
export const isDomainOrSubdomain = (destination, original) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The names of the variables here don't see to match the values passed in?
if (!isDomainOrSubdomain(request.url, locationURL)) {
Surely locationURL is the destination and request.url is the original?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you are right. it works as intended and how it is suppose to protect you, But the variable names are mixed up
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No rush to get fixed, can create a issue about it if needed
This change may match Go behavior but it differs from browser behavior and deviates from the fetch API spec. In Chrome, if I do:
and this results in a redirect to a third party, Chrome will forward the Authorization header to the third party, assuming that the third party's CORS policy allows it. Note that the CORS policy of the original URL is irrelevant -- the third party controls the policy here. So, in an attack scenario, the attacker controls the policy, so CORS is not a defense. AFAICT, Chrome's behavior conforms to the Fetch spec. The Fetch spec only says these headers should be removed on a redirect if they were implicitly added by the user-agent in the first place -- i.e. not when they were explicitly passed to I am concerned that this change could actually break legitimate use cases. Imagine |
That may be legit cases... I have also wonder about the usage of Request.credentials if we somehow could use this in any way. The option Xhr have withCredentials |
|
@kentonv (Hi!) Just to check, your concern is specifically about Authorization, right? It does seem reasonable to me that cookies should not be sent to a different origin. |
Hi @glasser! Long time no see. TBH, I'm not really sure what this should mean for What makes sense on the server side? I don't really know because I don't know under what circumstances a server would ever send a For Cloudflare Workers (of which I'm the lead engineer), our A Worker can also make a stand-alone FWIW, at present Cloudflare Workers has no special logic whatsoever for Of course, for the API use case, it's very common for other headers to contain sensitive information, too. Some APIs use non-standard headers like So in the absence of more information about real-world use cases, my inclination is to say that there's no reason to treat |
Do you know what alt-sve will do with cookies and other headers if it decided to try another url the next time? |
What is the recommended way of reproducing the old behavior now? |
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.12` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.6.12/3.3.1) | [![age](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/compatibility-slim/2.6.12)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/confidence-slim/2.6.12)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.6.12...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/microsoft/dicom-server). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41LjMiLCJ1cGRhdGVkSW5WZXIiOiIzNi41LjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@jroitgrund I suppose the only way is to set |
@jroitgrund here's the patch changes the behavior to the old one. |
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`2.7.0` -> `3.3.2`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2) ##### Bug Fixes - Remove the default connection close header. ([#​1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#​1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#​1473](https://togithub.com/node-fetch/node-fetch/issues/1473) ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/X-oss-byte/Canary-nextjs).
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`2.7.0` -> `3.3.2`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.6.12/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.6.12/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.6.12/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2) ##### Bug Fixes - Remove the default connection close header. ([#​1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#​1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#​1473](https://togithub.com/node-fetch/node-fetch/issues/1473) ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/X-oss-byte/Nextjs).
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2) ##### Bug Fixes - Remove the default connection close header. ([#​1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#​1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#​1473](https://togithub.com/node-fetch/node-fetch/issues/1473) ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/LUISDASARTIMANHAS/Dime-Bot-Store). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2) ##### Bug Fixes - Remove the default connection close header. ([#​1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#​1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#​1473](https://togithub.com/node-fetch/node-fetch/issues/1473) ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/LUISDASARTIMANHAS/discord-bot-template-with-node-js-server). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>node-fetch/node-fetch (node-fetch)</summary> ### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2) ##### Bug Fixes - Remove the default connection close header. ([#​1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#​1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#​1473](https://togithub.com/node-fetch/node-fetch/issues/1473) ### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1) ##### Bug Fixes - release "Allow URL class object as an argument for fetch()" [#​1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#​1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e)) ### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0) ##### Features - add static Response.json ([#​1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e)) ### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10) ##### Bug Fixes - ReDoS referrer ([#​1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d)) ### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9) ##### Bug Fixes - **Headers:** don't forward secure headers on protocol change ([#​1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7)) ### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8) ##### Bug Fixes - possibly flaky test ([#​1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa)) ### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7) ##### Bug Fixes - always warn Request.data ([#​1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3)) ### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6) ##### Bug Fixes - undefined reference to response.body when aborted ([#​1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99)) ### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5) ##### Bug Fixes - use space in accept-encoding values ([#​1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#​1571](https://togithub.com/node-fetch/node-fetch/issues/1571) ### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4) ##### Bug Fixes - don't uppercase unknown methods ([#​1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf)) ### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3) ##### Bug Fixes - handle bom in text and json ([#​1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11)) ### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2) ##### Bug Fixes - add missing formdata export to types ([#​1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#​1517](https://togithub.com/node-fetch/node-fetch/issues/1517) ### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1) ##### Bug Fixes - cancel request example import ([#​1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f)) ### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0) ##### Features - export Blob, File and FormData + utilities ([#​1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c)) ### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1) #### Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred #### What's Changed - core: update fetch-blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371) - docs: Fix typo around sending a file by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381) - core: (http.request): Cast URL to string before sending it to NodeJS core by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378) - core: handle errors from the request body stream by [@​mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - core: Better handle wrong redirect header in a response by [@​tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - core: Don't use buffer to make a blob by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402) - docs: update readme for TS [@​types/node-fetch](https://togithub.com/types/node-fetch) by [@​adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@​maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - core: Don't use global buffer by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422) - ci: fix main branch by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429) - core: use more node: protocol imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428) - core: Warn when using data by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421) - docs: Create SECURITY.md by [@​JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) - core: don't forward secure headers to 3th party by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449) #### New Contributors - [@​mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392) - [@​tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387) - [@​adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405) - [@​maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369) - [@​JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445) **Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1 ### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0) #### What's Changed - fix(Body): Discourage form-data and buffer() by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212) - fix: Pass url string to http.request by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - Fix octocat image link by [@​lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - fix(Body.body): Normalize `Body.body` into a `node:stream` by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924) - docs(Headers): Add default Host request header to README.md file by [@​robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - Update CHANGELOG.md by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292) - Add highWaterMark to cloned properties by [@​davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - Update README.md to fix HTTPResponseError by [@​thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - docs: switch `url` to `URL` by [@​dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - fix(types): declare buffer() deprecated by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - chore: fix lint by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348) - refactor: use node: prefix for imports by [@​dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346) - Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - Bump mocha from 8.4.0 to 9.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339) - Referrer and Referrer Policy by [@​tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057) - Add typing for Response.redirect(url, status) by [@​c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) - chore: Correct stuff in README.md by [@​Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361) - docs: Improve clarity of "Loading and configuring" by [@​serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323) - feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314) - template: Make PR template more task oriented by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224) - docs: Update code examples by [@​jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365) #### New Contributors - [@​serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268) - [@​lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281) - [@​robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316) - [@​davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162) - [@​thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135) - [@​dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318) - [@​dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319) - [@​c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169) **Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0 ### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0) [Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0) version 3 is going out of a long beta period and switches to stable One major change is that it's now a ESM only package See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/LUISDASARTIMANHAS/template-server-express-node-js). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Purpose
Avoid forwarding secure headers such as authorization, www-authenticate, cookie & cookie2 when redirecting to a untrusted site. (so it follows browses origin policy)
(matches Go behavior)
Changes
When the location headers redirects to an other hostname, strip away secure request headers meant for the original destination
Additional
Should patch v2 also (not many can update to esm)