Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(Headers): don't forward secure headers to 3th party #1449

Merged
merged 2 commits into from
Jan 14, 2022

Conversation

jimmywarting
Copy link
Collaborator

@jimmywarting jimmywarting commented Jan 13, 2022

Purpose

Avoid forwarding secure headers such as authorization, www-authenticate, cookie & cookie2 when redirecting to a untrusted site. (so it follows browses origin policy)
(matches Go behavior)

Changes

When the location headers redirects to an other hostname, strip away secure request headers meant for the original destination

Additional

Should patch v2 also (not many can update to esm)


  • I updated ./docs/CHANGELOG.md with a link to this PR or Issue
  • I updated ./docs/v3-UPGRADE-GUIDE
  • I updated readme
  • I added unit test(s)

src/utils/is.js Outdated
Comment on lines 79 to 83
if (!a.endsWith(b)) {
return false;
}

return a[a.length - b.length - 1] === '.';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think about adding the . to the endsWith call?

Suggested change
if (!a.endsWith(b)) {
return false;
}
return a[a.length - b.length - 1] === '.';
return a.endsWith(`.${b}`)

I think that this is much easier to read ☺️

Copy link
Collaborator Author

@jimmywarting jimmywarting Jan 13, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you are making a request to fridas-blog.uk.com and it redirects to uk.com then uk.com should not know about the cookie... cuz the cookie can be tied to fridas-blog.uk.com

a = referer (original request) fridas-blog.uk.com
b = destination (Location) uk.com

a.endsWith('.${b}') === true
b is not the same host or a subdomain of a...

so i guess it can't work...

Copy link
Collaborator Author

@jimmywarting jimmywarting Jan 13, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you are only after something that is sorter and dose the same thing:

export const isDomainOrSubdomain = (a, b) => {
  a = new URL(a).hostname
  b = new URL(b).hostname
  return a === b || (
    a[a.length - b.length - 1] === '.' && a.endsWith(b)
  )
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still don't understand how the two checks are different? As far as I can tell, unless I'm missing something, the two functions below behave the exact same way?

function one (a, b) {
  return a === b || (
    a[a.length - b.length - 1] === '.' && a.endsWith(b)
  )
}

function two (a, b) {
  return a === b || a.endsWith(`.${b}`)
}

The case you are mentioning seems to be handled wrong in the committed code then?

> isDomainOrSubdomain('http://uk.com', 'http://fridas-blog.uk.com')
true

(extra ping @jimmywarting since this is already merged)

Copy link
Collaborator Author

@jimmywarting jimmywarting Jan 15, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, double checked again and you are right... they are equally the same, But there is no mistake in the merged code...

I was blinded by the order of arguments passed down to isDomainOrSubdomain and mixing up whats gets passed down to the function and in which order. i was just so blinded by how Go and follow-redirects also did it using the dot index

But at least there is no rush to change it now... can change it later

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a & b was a stupid variable name...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍

Submitted PR to make the code easier to understand here: #1455

Copy link
Collaborator

@gr2m gr2m left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. Feel free to refactor the isDomainOrSubdomain method to make it easier to read, but it's good as is from my perspective.

src/index.js Outdated Show resolved Hide resolved
@jimmywarting jimmywarting merged commit f5d3cf5 into node-fetch:main Jan 14, 2022
@jimmywarting jimmywarting deleted the fix/secure-headers branch January 14, 2022 14:55
@gr2m
Copy link
Collaborator

gr2m commented Jan 15, 2022

Should patch v2 also (not many can update to esm)

Will you do that yourself or shall we do a follow up issue so we don't forget?

@bitinn
Copy link
Collaborator

bitinn commented Jan 15, 2022

Thx for everyone to get to this, this issue can finally be closed :)

But do note the drawback:

#274

@jimmywarting
Copy link
Collaborator Author

I can fix V2 also

@@ -56,3 +56,20 @@ export const isAbortSignal = object => {
)
);
};

/**
* isDomainOrSubdomain reports whether sub is a subdomain (or exact match) of
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this use the public suffix list instead? https://publicsuffix.org/

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that would be necessary.

* @param {string|URL} original
* @param {string|URL} destination
*/
export const isDomainOrSubdomain = (destination, original) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The names of the variables here don't see to match the values passed in?

if (!isDomainOrSubdomain(request.url, locationURL)) {

Surely locationURL is the destination and request.url is the original?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you are right. it works as intended and how it is suppose to protect you, But the variable names are mixed up

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No rush to get fixed, can create a issue about it if needed

@kentonv
Copy link

kentonv commented Jan 21, 2022

This change may match Go behavior but it differs from browser behavior and deviates from the fetch API spec.

In Chrome, if I do:

fetch(url, {headers: {"Authorization": "foo"}})

and this results in a redirect to a third party, Chrome will forward the Authorization header to the third party, assuming that the third party's CORS policy allows it. Note that the CORS policy of the original URL is irrelevant -- the third party controls the policy here. So, in an attack scenario, the attacker controls the policy, so CORS is not a defense.

AFAICT, Chrome's behavior conforms to the Fetch spec. The Fetch spec only says these headers should be removed on a redirect if they were implicitly added by the user-agent in the first place -- i.e. not when they were explicitly passed to fetch() in the request.headers attribute. Since node-fetch presumably never adds these headers implicitly, it seems like this doesn't apply.

I am concerned that this change could actually break legitimate use cases. Imagine api.example.com is a REST API that requires authorization via an Authorization header. Now imagine example.com decides to rebrand as example.org, using 3xx redirects to redirect all requests to the new domain. API clients coded against the old domain will break.

@jimmywarting
Copy link
Collaborator Author

That may be legit cases...

I have also wonder about the usage of Request.credentials if we somehow could use this in any way. The option same-origin could technically match what we have made in this change and use that as the default. and if credentials is include, then we could allow insecure headers to be forwarded?

Xhr have withCredentials
that has similar options

@kentonv
Copy link

kentonv commented Jan 21, 2022

Request.credentials seems to instruct the browser on whether or not it should automatically add cookies and HTTP basic auth credentials to the request. If the application explicitly specifies an Authorization header, though, I don't think Requset.credentials is meant to have any effect on that. In Chrome, at least, an explicitly-specified Authorization header seems to be redirected even when Request.credentials is same-origin (the default).

@glasser
Copy link
Contributor

glasser commented Jan 21, 2022

@kentonv (Hi!) Just to check, your concern is specifically about Authorization, right? It does seem reasonable to me that cookies should not be sent to a different origin.

@kentonv
Copy link

kentonv commented Jan 21, 2022

Hi @glasser! Long time no see.

TBH, I'm not really sure what this should mean for Cookie. Technically, the fetch() spec does not allow the application to specify this header at all, so for a "conformant" implementation the question is moot. But, of course, that part of the fetch spec really only makes sense for browsers.

What makes sense on the server side? I don't really know because I don't know under what circumstances a server would ever send a Cookie header. I'd expect Node apps are mainly using fetch() to call APIs, and APIs rarely if ever use Cookie.

For Cloudflare Workers (of which I'm the lead engineer), our fetch() implementation does have to allow the Cookie header for the proxying use case: many workers receive a request from a client, rewrite it in some way, and then pass it on to an origin server using fetch(). The Cookie header must come along for that ride -- and it's important that it do so even if the hostname changed in the process. But, in CF Workers, proxied requests always have redirect = "manual", because a redirect response should always be returned back to the original client rather than handled within the worker. So, what happens to Cookie on a redirect is moot for the common case.

A Worker can also make a stand-alone fetch() that is not proxying any existing request, and in that case the default redirect = "follow" applies. But this is again typically used for calling APIs, and I don't know why Cookie would be used at all, so it's hard to say what the right behavior is when redirecting.

FWIW, at present Cloudflare Workers has no special logic whatsoever for Cookie or Authorization -- these are just plain old headers to us.

Of course, for the API use case, it's very common for other headers to contain sensitive information, too. Some APIs use non-standard headers like X-Auth-Key for their secrets. But also if the API uses any special headers at all, who knows what is in them? So it feels weird to me to even try to protect this use case from leaking secrets on a redirect... it seems like it's really the application's responsibility to use manual redirect logic if they don't want the whole request to be forwarded.

So in the absence of more information about real-world use cases, my inclination is to say that there's no reason to treat Cookie specially here. But I can definitely see where it is debatable.

@jimmywarting
Copy link
Collaborator Author

jimmywarting commented Mar 11, 2022

Do you know what alt-sve will do with cookies and other headers if it decided to try another url the next time?

@jroitgrund
Copy link

What is the recommended way of reproducing the old behavior now?

esmadau referenced this pull request in microsoft/dicom-server Jul 14, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.12`
-> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.6.12/3.3.1)
|
[![age](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/compatibility-slim/2.6.12)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/node-fetch/3.3.1/confidence-slim/2.6.12)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

###
[`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

- release "Allow URL class object as an argument for fetch()"
[#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696)
([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716))
([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

###
[`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

- add static Response.json
([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670))
([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

###
[`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

- ReDoS referrer
([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611))
([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

###
[`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

- **Headers:** don't forward secure headers on protocol change
([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599))
([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

###
[`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

- possibly flaky test
([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523))
([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

###
[`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

- always warn Request.data
([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550))
([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

###
[`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

- undefined reference to response.body when aborted
([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578))
([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

###
[`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

- use space in accept-encoding values
([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572))
([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)),
closes
[#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

###
[`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

- don't uppercase unknown methods
([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542))
([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

###
[`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

- handle bom in text and json
([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482))
([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

###
[`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

- add missing formdata export to types
([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518))
([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)),
closes
[#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

###
[`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

- cancel request example import
([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513))
([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

###
[`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

- export Blob, File and FormData + utilities
([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463))
([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

###
[`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication
header information to 3th party host while a redirect occurred

#### What's Changed

- core: update fetch-blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
- docs: Fix typo around sending a file by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
- core: (http.request): Cast URL to string before sending it to NodeJS
core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
- core: handle errors from the request body stream by
[@&#8203;mdmitry01](https://togithub.com/mdmitry01) in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- core: Better handle wrong redirect header in a response by
[@&#8203;tasinet](https://togithub.com/tasinet) in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- core: Don't use buffer to make a blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
- docs: update readme for TS
[@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by
[@&#8203;adamellsworth](https://togithub.com/adamellsworth) in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- core: Fix logical operator priority to disallow GET/HEAD with
non-empty body by
[@&#8203;maxshirshin](https://togithub.com/maxshirshin) in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- core: Don't use global buffer by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
- ci: fix main branch by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
- core: use more node: protocol imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
- core: Warn when using data by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
- docs: Create SECURITY.md by
[@&#8203;JamieSlome](https://togithub.com/JamieSlome) in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
- core: don't forward secure headers to 3th party by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

- [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- [@&#8203;tasinet](https://togithub.com/tasinet) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**:
node-fetch/node-fetch@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

- fix(Body): Discourage form-data and buffer() by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
- fix: Pass url string to http.request by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- Fix octocat image link by
[@&#8203;lakuapik](https://togithub.com/lakuapik) in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- fix(Body.body): Normalize `Body.body` into a `node:stream` by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
- docs(Headers): Add default Host request header to README.md file by
[@&#8203;robertoaceves](https://togithub.com/robertoaceves) in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- Update CHANGELOG.md by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
- Add highWaterMark to cloned properties by
[@&#8203;davesidious](https://togithub.com/davesidious) in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- Update README.md to fix HTTPResponseError by
[@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- docs: switch `url` to `URL` by
[@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- fix(types): declare buffer() deprecated by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- chore: fix lint by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
- refactor: use node: prefix for imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
- Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- Bump mocha from 8.4.0 to 9.1.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
- Referrer and Referrer Policy by
[@&#8203;tekwiz](https://togithub.com/tekwiz) in
[https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
- Add typing for Response.redirect(url, status) by
[@&#8203;c-w](https://togithub.com/c-w) in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
- chore: Correct stuff in README.md by
[@&#8203;Jiralite](https://togithub.com/Jiralite) in
[https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
- docs: Improve clarity of "Loading and configuring" by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
- feat(Body): Added support for `BodyMixin.formData()` and constructing
bodies with FormData by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
- template: Make PR template more task oriented by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
- docs: Update code examples by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

- [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- [@&#8203;davesidious](https://togithub.com/davesidious) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- [@&#8203;dependabot](https://togithub.com/dependabot) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- [@&#8203;c-w](https://togithub.com/c-w) made their first contribution
in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**:
node-fetch/node-fetch@v3.0.0...v3.1.0

###
[`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v2.6.12...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See
[changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300)
for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/microsoft/dicom-server).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41LjMiLCJ1cGRhdGVkSW5WZXIiOiIzNi41LjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@pkit
Copy link

pkit commented Aug 17, 2023

@jroitgrund I suppose the only way is to set redirect: "manual" and then manually follow the redirects with another fetch() call.
It's a bummer that this issue even exists. I will see if it's easy to patch locally and will post it.

@pkit
Copy link

pkit commented Aug 17, 2023

@jroitgrund here's the patch changes the behavior to the old one.
https://gist.github.com/pkit/a65456cd29505c1d12346f8d57a45c2e

kodiakhq bot referenced this pull request in X-oss-byte/Canary-nextjs Oct 8, 2023
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`2.7.0` -> `3.3.2`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2)

##### Bug Fixes

-   Remove the default connection close header. ([#&#8203;1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#&#8203;1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#&#8203;1473](https://togithub.com/node-fetch/node-fetch/issues/1473)

### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

-   release "Allow URL class object as an argument for fetch()" [#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

-   add static Response.json ([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

-   ReDoS referrer ([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

-   **Headers:** don't forward secure headers on protocol change ([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

-   possibly flaky test ([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

-   always warn Request.data ([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

-   undefined reference to response.body when aborted ([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

-   use space in accept-encoding values ([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

-   don't uppercase unknown methods ([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

-   handle bom in text and json ([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

-   add missing formdata export to types ([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

-   cancel request example import ([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

-   export Blob, File and FormData + utilities ([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

#### What's Changed

-   core: update fetch-blob by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
-   docs: Fix typo around sending a file by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
-   core: (http.request): Cast URL to string before sending it to NodeJS core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
-   core: handle errors from the request body stream by [@&#8203;mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
-   core: Better handle wrong redirect header in a response by [@&#8203;tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
-   core: Don't use buffer to make a blob by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
-   docs: update readme for TS [@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by [@&#8203;adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
-   core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@&#8203;maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
-   core: Don't use global buffer by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
-   ci: fix main branch by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
-   core: use more node: protocol imports by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
-   core: Warn when using data by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
-   docs: Create SECURITY.md by [@&#8203;JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
-   core: don't forward secure headers to 3th party by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

-   [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
-   [@&#8203;tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
-   [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
-   [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
-   [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1

### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

-   fix(Body): Discourage form-data and buffer() by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
-   fix: Pass url string to http.request by [@&#8203;serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
-   Fix octocat image link by [@&#8203;lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
-   fix(Body.body): Normalize `Body.body` into a `node:stream` by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
-   docs(Headers): Add default Host request header to README.md file by [@&#8203;robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
-   Update CHANGELOG.md by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
-   Add highWaterMark to cloned properties by [@&#8203;davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
-   Update README.md to fix HTTPResponseError by [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
-   docs: switch `url` to `URL` by [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
-   fix(types): declare buffer() deprecated by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
-   chore: fix lint by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
-   refactor: use node: prefix for imports by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
-   Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
-   Bump mocha from 8.4.0 to 9.1.3 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
-   Referrer and Referrer Policy by [@&#8203;tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
-   Add typing for Response.redirect(url, status) by [@&#8203;c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
-   chore: Correct stuff in README.md by [@&#8203;Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
-   docs: Improve clarity of "Loading and configuring" by [@&#8203;serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
-   feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
-   template: Make PR template more task oriented  by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
-   docs: Update code examples by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

-   [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
-   [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
-   [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
-   [@&#8203;davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
-   [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
-   [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
-   [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
-   [@&#8203;dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
-   [@&#8203;c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0

### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/X-oss-byte/Canary-nextjs).
kodiakhq bot referenced this pull request in X-oss-byte/Nextjs Oct 14, 2023
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`2.7.0` -> `3.3.2`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.6.0` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.6.12/3.3.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.6.12/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.6.12/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

### [`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2)

##### Bug Fixes

-   Remove the default connection close header. ([#&#8203;1736](https://togithub.com/node-fetch/node-fetch/issues/1736)) ([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)), closes [#&#8203;1735](https://togithub.com/node-fetch/node-fetch/issues/1735) [#&#8203;1473](https://togithub.com/node-fetch/node-fetch/issues/1473)

### [`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

-   release "Allow URL class object as an argument for fetch()" [#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696) ([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716)) ([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

### [`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

-   add static Response.json ([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670)) ([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

### [`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

-   ReDoS referrer ([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611)) ([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

### [`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

-   **Headers:** don't forward secure headers on protocol change ([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599)) ([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

### [`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

-   possibly flaky test ([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523)) ([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

### [`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

-   always warn Request.data ([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550)) ([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

### [`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

-   undefined reference to response.body when aborted ([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578)) ([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

### [`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

-   use space in accept-encoding values ([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572)) ([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)), closes [#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

### [`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

-   don't uppercase unknown methods ([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542)) ([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

### [`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

-   handle bom in text and json ([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482)) ([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

### [`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

-   add missing formdata export to types ([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518)) ([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)), closes [#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

### [`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

-   cancel request example import ([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513)) ([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

### [`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

-   export Blob, File and FormData + utilities ([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463)) ([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

### [`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

#### What's Changed

-   core: update fetch-blob by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
-   docs: Fix typo around sending a file by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
-   core: (http.request): Cast URL to string before sending it to NodeJS core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
-   core: handle errors from the request body stream by [@&#8203;mdmitry01](https://togithub.com/mdmitry01) in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
-   core: Better handle wrong redirect header in a response by [@&#8203;tasinet](https://togithub.com/tasinet) in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
-   core: Don't use buffer to make a blob by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
-   docs: update readme for TS [@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by [@&#8203;adamellsworth](https://togithub.com/adamellsworth) in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
-   core: Fix logical operator priority to disallow GET/HEAD with non-empty body by [@&#8203;maxshirshin](https://togithub.com/maxshirshin) in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
-   core: Don't use global buffer by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
-   ci: fix main branch by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
-   core: use more node: protocol imports by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
-   core: Warn when using data by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
-   docs: Create SECURITY.md by [@&#8203;JamieSlome](https://togithub.com/JamieSlome) in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
-   core: don't forward secure headers to 3th party by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

-   [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
-   [@&#8203;tasinet](https://togithub.com/tasinet) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
-   [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
-   [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
-   [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**: node-fetch/node-fetch@v3.1.0...v3.1.1

### [`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

-   fix(Body): Discourage form-data and buffer() by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
-   fix: Pass url string to http.request by [@&#8203;serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
-   Fix octocat image link by [@&#8203;lakuapik](https://togithub.com/lakuapik) in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
-   fix(Body.body): Normalize `Body.body` into a `node:stream` by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
-   docs(Headers): Add default Host request header to README.md file by [@&#8203;robertoaceves](https://togithub.com/robertoaceves) in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
-   Update CHANGELOG.md by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
-   Add highWaterMark to cloned properties by [@&#8203;davesidious](https://togithub.com/davesidious) in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
-   Update README.md to fix HTTPResponseError by [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
-   docs: switch `url` to `URL` by [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
-   fix(types): declare buffer() deprecated by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
-   chore: fix lint by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
-   refactor: use node: prefix for imports by [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in [https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
-   Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
-   Bump mocha from 8.4.0 to 9.1.3 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
-   Referrer and Referrer Policy by [@&#8203;tekwiz](https://togithub.com/tekwiz) in [https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
-   Add typing for Response.redirect(url, status) by [@&#8203;c-w](https://togithub.com/c-w) in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
-   chore: Correct stuff in README.md by [@&#8203;Jiralite](https://togithub.com/Jiralite) in [https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
-   docs: Improve clarity of "Loading and configuring" by [@&#8203;serverwentdown](https://togithub.com/serverwentdown) in [https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
-   feat(Body): Added support for `BodyMixin.formData()` and constructing bodies with FormData by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
-   template: Make PR template more task oriented  by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
-   docs: Update code examples by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in [https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

-   [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
-   [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
-   [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
-   [@&#8203;davesidious](https://togithub.com/davesidious) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
-   [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
-   [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
-   [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
-   [@&#8203;dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
-   [@&#8203;c-w](https://togithub.com/c-w) made their first contribution in [https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**: node-fetch/node-fetch@v3.0.0...v3.1.0

### [`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See [changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300) for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/X-oss-byte/Nextjs).
LUISDASARTIMANHAS referenced this pull request in LUISDASARTIMANHAS/Dime-Bot-Store Dec 25, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0`
-> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

###
[`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2)

##### Bug Fixes

- Remove the default connection close header.
([#&#8203;1736](https://togithub.com/node-fetch/node-fetch/issues/1736))
([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)),
closes
[#&#8203;1735](https://togithub.com/node-fetch/node-fetch/issues/1735)
[#&#8203;1473](https://togithub.com/node-fetch/node-fetch/issues/1473)

###
[`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

- release "Allow URL class object as an argument for fetch()"
[#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696)
([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716))
([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

###
[`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

- add static Response.json
([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670))
([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

###
[`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

- ReDoS referrer
([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611))
([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

###
[`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

- **Headers:** don't forward secure headers on protocol change
([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599))
([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

###
[`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

- possibly flaky test
([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523))
([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

###
[`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

- always warn Request.data
([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550))
([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

###
[`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

- undefined reference to response.body when aborted
([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578))
([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

###
[`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

- use space in accept-encoding values
([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572))
([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)),
closes
[#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

###
[`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

- don't uppercase unknown methods
([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542))
([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

###
[`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

- handle bom in text and json
([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482))
([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

###
[`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

- add missing formdata export to types
([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518))
([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)),
closes
[#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

###
[`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

- cancel request example import
([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513))
([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

###
[`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

- export Blob, File and FormData + utilities
([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463))
([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

###
[`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication
header information to 3th party host while a redirect occurred

#### What's Changed

- core: update fetch-blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
- docs: Fix typo around sending a file by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
- core: (http.request): Cast URL to string before sending it to NodeJS
core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
- core: handle errors from the request body stream by
[@&#8203;mdmitry01](https://togithub.com/mdmitry01) in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- core: Better handle wrong redirect header in a response by
[@&#8203;tasinet](https://togithub.com/tasinet) in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- core: Don't use buffer to make a blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
- docs: update readme for TS
[@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by
[@&#8203;adamellsworth](https://togithub.com/adamellsworth) in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- core: Fix logical operator priority to disallow GET/HEAD with
non-empty body by
[@&#8203;maxshirshin](https://togithub.com/maxshirshin) in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- core: Don't use global buffer by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
- ci: fix main branch by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
- core: use more node: protocol imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
- core: Warn when using data by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
- docs: Create SECURITY.md by
[@&#8203;JamieSlome](https://togithub.com/JamieSlome) in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
- core: don't forward secure headers to 3th party by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

- [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- [@&#8203;tasinet](https://togithub.com/tasinet) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**:
node-fetch/node-fetch@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

- fix(Body): Discourage form-data and buffer() by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
- fix: Pass url string to http.request by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- Fix octocat image link by
[@&#8203;lakuapik](https://togithub.com/lakuapik) in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- fix(Body.body): Normalize `Body.body` into a `node:stream` by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
- docs(Headers): Add default Host request header to README.md file by
[@&#8203;robertoaceves](https://togithub.com/robertoaceves) in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- Update CHANGELOG.md by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
- Add highWaterMark to cloned properties by
[@&#8203;davesidious](https://togithub.com/davesidious) in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- Update README.md to fix HTTPResponseError by
[@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- docs: switch `url` to `URL` by
[@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- fix(types): declare buffer() deprecated by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- chore: fix lint by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
- refactor: use node: prefix for imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
- Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- Bump mocha from 8.4.0 to 9.1.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
- Referrer and Referrer Policy by
[@&#8203;tekwiz](https://togithub.com/tekwiz) in
[https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
- Add typing for Response.redirect(url, status) by
[@&#8203;c-w](https://togithub.com/c-w) in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
- chore: Correct stuff in README.md by
[@&#8203;Jiralite](https://togithub.com/Jiralite) in
[https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
- docs: Improve clarity of "Loading and configuring" by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
- feat(Body): Added support for `BodyMixin.formData()` and constructing
bodies with FormData by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
- template: Make PR template more task oriented by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
- docs: Update code examples by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

- [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- [@&#8203;davesidious](https://togithub.com/davesidious) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- [@&#8203;dependabot](https://togithub.com/dependabot) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- [@&#8203;c-w](https://togithub.com/c-w) made their first contribution
in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**:
node-fetch/node-fetch@v3.0.0...v3.1.0

###
[`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See
[changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300)
for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/LUISDASARTIMANHAS/Dime-Bot-Store).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
LUISDASARTIMANHAS referenced this pull request in LUISDASARTIMANHAS/discord-bot-template-with-node-js-server Dec 31, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0`
-> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

###
[`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2)

##### Bug Fixes

- Remove the default connection close header.
([#&#8203;1736](https://togithub.com/node-fetch/node-fetch/issues/1736))
([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)),
closes
[#&#8203;1735](https://togithub.com/node-fetch/node-fetch/issues/1735)
[#&#8203;1473](https://togithub.com/node-fetch/node-fetch/issues/1473)

###
[`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

- release "Allow URL class object as an argument for fetch()"
[#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696)
([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716))
([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

###
[`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

- add static Response.json
([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670))
([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

###
[`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

- ReDoS referrer
([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611))
([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

###
[`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

- **Headers:** don't forward secure headers on protocol change
([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599))
([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

###
[`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

- possibly flaky test
([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523))
([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

###
[`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

- always warn Request.data
([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550))
([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

###
[`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

- undefined reference to response.body when aborted
([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578))
([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

###
[`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

- use space in accept-encoding values
([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572))
([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)),
closes
[#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

###
[`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

- don't uppercase unknown methods
([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542))
([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

###
[`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

- handle bom in text and json
([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482))
([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

###
[`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

- add missing formdata export to types
([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518))
([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)),
closes
[#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

###
[`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

- cancel request example import
([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513))
([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

###
[`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

- export Blob, File and FormData + utilities
([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463))
([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

###
[`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication
header information to 3th party host while a redirect occurred

#### What's Changed

- core: update fetch-blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
- docs: Fix typo around sending a file by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
- core: (http.request): Cast URL to string before sending it to NodeJS
core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
- core: handle errors from the request body stream by
[@&#8203;mdmitry01](https://togithub.com/mdmitry01) in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- core: Better handle wrong redirect header in a response by
[@&#8203;tasinet](https://togithub.com/tasinet) in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- core: Don't use buffer to make a blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
- docs: update readme for TS
[@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by
[@&#8203;adamellsworth](https://togithub.com/adamellsworth) in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- core: Fix logical operator priority to disallow GET/HEAD with
non-empty body by
[@&#8203;maxshirshin](https://togithub.com/maxshirshin) in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- core: Don't use global buffer by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
- ci: fix main branch by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
- core: use more node: protocol imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
- core: Warn when using data by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
- docs: Create SECURITY.md by
[@&#8203;JamieSlome](https://togithub.com/JamieSlome) in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
- core: don't forward secure headers to 3th party by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

- [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- [@&#8203;tasinet](https://togithub.com/tasinet) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**:
node-fetch/node-fetch@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

- fix(Body): Discourage form-data and buffer() by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
- fix: Pass url string to http.request by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- Fix octocat image link by
[@&#8203;lakuapik](https://togithub.com/lakuapik) in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- fix(Body.body): Normalize `Body.body` into a `node:stream` by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
- docs(Headers): Add default Host request header to README.md file by
[@&#8203;robertoaceves](https://togithub.com/robertoaceves) in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- Update CHANGELOG.md by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
- Add highWaterMark to cloned properties by
[@&#8203;davesidious](https://togithub.com/davesidious) in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- Update README.md to fix HTTPResponseError by
[@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- docs: switch `url` to `URL` by
[@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- fix(types): declare buffer() deprecated by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- chore: fix lint by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
- refactor: use node: prefix for imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
- Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- Bump mocha from 8.4.0 to 9.1.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
- Referrer and Referrer Policy by
[@&#8203;tekwiz](https://togithub.com/tekwiz) in
[https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
- Add typing for Response.redirect(url, status) by
[@&#8203;c-w](https://togithub.com/c-w) in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
- chore: Correct stuff in README.md by
[@&#8203;Jiralite](https://togithub.com/Jiralite) in
[https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
- docs: Improve clarity of "Loading and configuring" by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
- feat(Body): Added support for `BodyMixin.formData()` and constructing
bodies with FormData by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
- template: Make PR template more task oriented by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
- docs: Update code examples by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

- [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- [@&#8203;davesidious](https://togithub.com/davesidious) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- [@&#8203;dependabot](https://togithub.com/dependabot) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- [@&#8203;c-w](https://togithub.com/c-w) made their first contribution
in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**:
node-fetch/node-fetch@v3.0.0...v3.1.0

###
[`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See
[changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300)
for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/LUISDASARTIMANHAS/discord-bot-template-with-node-js-server).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
LUISDASARTIMANHAS referenced this pull request in LUISDASARTIMANHAS/template-server-express-node-js Jan 24, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [node-fetch](https://togithub.com/node-fetch/node-fetch) | [`^2.7.0`
-> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/node-fetch/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/node-fetch/2.7.0/3.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>node-fetch/node-fetch (node-fetch)</summary>

###
[`v3.3.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.1...v3.3.2)

##### Bug Fixes

- Remove the default connection close header.
([#&#8203;1736](https://togithub.com/node-fetch/node-fetch/issues/1736))
([8b3320d](https://togithub.com/node-fetch/node-fetch/commit/8b3320d2a7c07bce4afc6b2bf6c3bbddda85b01f)),
closes
[#&#8203;1735](https://togithub.com/node-fetch/node-fetch/issues/1735)
[#&#8203;1473](https://togithub.com/node-fetch/node-fetch/issues/1473)

###
[`v3.3.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.3.0...v3.3.1)

##### Bug Fixes

- release "Allow URL class object as an argument for fetch()"
[#&#8203;1696](https://togithub.com/node-fetch/node-fetch/issues/1696)
([#&#8203;1716](https://togithub.com/node-fetch/node-fetch/issues/1716))
([7b86e94](https://togithub.com/node-fetch/node-fetch/commit/7b86e946b02dfdd28f4f8fca3d73a022cbb5ca1e))

###
[`v3.3.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.3.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.10...v3.3.0)

##### Features

- add static Response.json
([#&#8203;1670](https://togithub.com/node-fetch/node-fetch/issues/1670))
([55a4870](https://togithub.com/node-fetch/node-fetch/commit/55a4870ae5f805d8ff9a890ea2c652c9977e048e))

###
[`v3.2.10`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.10)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.9...v3.2.10)

##### Bug Fixes

- ReDoS referrer
([#&#8203;1611](https://togithub.com/node-fetch/node-fetch/issues/1611))
([2880238](https://togithub.com/node-fetch/node-fetch/commit/28802387292baee467e042e168d92597b5bbbe3d))

###
[`v3.2.9`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.9)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.8...v3.2.9)

##### Bug Fixes

- **Headers:** don't forward secure headers on protocol change
([#&#8203;1599](https://togithub.com/node-fetch/node-fetch/issues/1599))
([e87b093](https://togithub.com/node-fetch/node-fetch/commit/e87b093fd678a9ea39c5b17b2a1bdfc4691eedc7))

###
[`v3.2.8`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.8)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.7...v3.2.8)

##### Bug Fixes

- possibly flaky test
([#&#8203;1523](https://togithub.com/node-fetch/node-fetch/issues/1523))
([11b7033](https://togithub.com/node-fetch/node-fetch/commit/11b703361134340a8361f591d6e3a0bcf6a261fa))

###
[`v3.2.7`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.7)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.6...v3.2.7)

##### Bug Fixes

- always warn Request.data
([#&#8203;1550](https://togithub.com/node-fetch/node-fetch/issues/1550))
([4f43c9e](https://togithub.com/node-fetch/node-fetch/commit/4f43c9ed63da98f4b5167f0a8e447cd0f0133cd3))

###
[`v3.2.6`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.6)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.5...v3.2.6)

##### Bug Fixes

- undefined reference to response.body when aborted
([#&#8203;1578](https://togithub.com/node-fetch/node-fetch/issues/1578))
([1c5ed6b](https://togithub.com/node-fetch/node-fetch/commit/1c5ed6b981e6c5dd28bd50f5ab5418e5bd262b99))

###
[`v3.2.5`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.5)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.4...v3.2.5)

##### Bug Fixes

- use space in accept-encoding values
([#&#8203;1572](https://togithub.com/node-fetch/node-fetch/issues/1572))
([a92b5d5](https://togithub.com/node-fetch/node-fetch/commit/a92b5d5cf4457c2da95d8404b08cfd06a426a2fa)),
closes
[#&#8203;1571](https://togithub.com/node-fetch/node-fetch/issues/1571)

###
[`v3.2.4`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.4)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.3...v3.2.4)

##### Bug Fixes

- don't uppercase unknown methods
([#&#8203;1542](https://togithub.com/node-fetch/node-fetch/issues/1542))
([004b3ac](https://togithub.com/node-fetch/node-fetch/commit/004b3ac8324e6cdbfb5d04b8bbdc6664ea48fbcf))

###
[`v3.2.3`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.3)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.2...v3.2.3)

##### Bug Fixes

- handle bom in text and json
([#&#8203;1482](https://togithub.com/node-fetch/node-fetch/issues/1482))
([6425e20](https://togithub.com/node-fetch/node-fetch/commit/6425e2021a7def096e13dbabcac2f10e6da83d11))

###
[`v3.2.2`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.2)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.1...v3.2.2)

##### Bug Fixes

- add missing formdata export to types
([#&#8203;1518](https://togithub.com/node-fetch/node-fetch/issues/1518))
([a4ea5f9](https://togithub.com/node-fetch/node-fetch/commit/a4ea5f9308f942400695cce261291d0a80cd1b02)),
closes
[#&#8203;1517](https://togithub.com/node-fetch/node-fetch/issues/1517)

###
[`v3.2.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.2.0...v3.2.1)

##### Bug Fixes

- cancel request example import
([#&#8203;1513](https://togithub.com/node-fetch/node-fetch/issues/1513))
([61b3b5a](https://togithub.com/node-fetch/node-fetch/commit/61b3b5a06384003d332581080af6522bec19417f))

###
[`v3.2.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.2.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.1...v3.2.0)

##### Features

- export Blob, File and FormData + utilities
([#&#8203;1463](https://togithub.com/node-fetch/node-fetch/issues/1463))
([81b1378](https://togithub.com/node-fetch/node-fetch/commit/81b1378bb3bda555d3d2114e7d3dfddbd91f210c))

###
[`v3.1.1`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.1)

#### Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication
header information to 3th party host while a redirect occurred

#### What's Changed

- core: update fetch-blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1371](https://togithub.com/node-fetch/node-fetch/pull/1371)
- docs: Fix typo around sending a file by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1381](https://togithub.com/node-fetch/node-fetch/pull/1381)
- core: (http.request): Cast URL to string before sending it to NodeJS
core by [@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1378](https://togithub.com/node-fetch/node-fetch/pull/1378)
- core: handle errors from the request body stream by
[@&#8203;mdmitry01](https://togithub.com/mdmitry01) in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- core: Better handle wrong redirect header in a response by
[@&#8203;tasinet](https://togithub.com/tasinet) in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- core: Don't use buffer to make a blob by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1402](https://togithub.com/node-fetch/node-fetch/pull/1402)
- docs: update readme for TS
[@&#8203;types/node-fetch](https://togithub.com/types/node-fetch) by
[@&#8203;adamellsworth](https://togithub.com/adamellsworth) in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- core: Fix logical operator priority to disallow GET/HEAD with
non-empty body by
[@&#8203;maxshirshin](https://togithub.com/maxshirshin) in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- core: Don't use global buffer by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1422](https://togithub.com/node-fetch/node-fetch/pull/1422)
- ci: fix main branch by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1429](https://togithub.com/node-fetch/node-fetch/pull/1429)
- core: use more node: protocol imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1428](https://togithub.com/node-fetch/node-fetch/pull/1428)
- core: Warn when using data by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1421](https://togithub.com/node-fetch/node-fetch/pull/1421)
- docs: Create SECURITY.md by
[@&#8203;JamieSlome](https://togithub.com/JamieSlome) in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)
- core: don't forward secure headers to 3th party by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1449](https://togithub.com/node-fetch/node-fetch/pull/1449)

#### New Contributors

- [@&#8203;mdmitry01](https://togithub.com/mdmitry01) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1392](https://togithub.com/node-fetch/node-fetch/pull/1392)
- [@&#8203;tasinet](https://togithub.com/tasinet) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1387](https://togithub.com/node-fetch/node-fetch/pull/1387)
- [@&#8203;adamellsworth](https://togithub.com/adamellsworth) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1405](https://togithub.com/node-fetch/node-fetch/pull/1405)
- [@&#8203;maxshirshin](https://togithub.com/maxshirshin) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1369](https://togithub.com/node-fetch/node-fetch/pull/1369)
- [@&#8203;JamieSlome](https://togithub.com/JamieSlome) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1445](https://togithub.com/node-fetch/node-fetch/pull/1445)

**Full Changelog**:
node-fetch/node-fetch@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v3.0.0...v3.1.0)

#### What's Changed

- fix(Body): Discourage form-data and buffer() by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1212](https://togithub.com/node-fetch/node-fetch/pull/1212)
- fix: Pass url string to http.request by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- Fix octocat image link by
[@&#8203;lakuapik](https://togithub.com/lakuapik) in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- fix(Body.body): Normalize `Body.body` into a `node:stream` by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/924](https://togithub.com/node-fetch/node-fetch/pull/924)
- docs(Headers): Add default Host request header to README.md file by
[@&#8203;robertoaceves](https://togithub.com/robertoaceves) in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- Update CHANGELOG.md by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1292](https://togithub.com/node-fetch/node-fetch/pull/1292)
- Add highWaterMark to cloned properties by
[@&#8203;davesidious](https://togithub.com/davesidious) in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- Update README.md to fix HTTPResponseError by
[@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- docs: switch `url` to `URL` by
[@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- fix(types): declare buffer() deprecated by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- chore: fix lint by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1348](https://togithub.com/node-fetch/node-fetch/pull/1348)
- refactor: use node: prefix for imports by
[@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) in
[https://github.com/node-fetch/node-fetch/pull/1346](https://togithub.com/node-fetch/node-fetch/pull/1346)
- Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- Bump mocha from 8.4.0 to 9.1.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/node-fetch/node-fetch/pull/1339](https://togithub.com/node-fetch/node-fetch/pull/1339)
- Referrer and Referrer Policy by
[@&#8203;tekwiz](https://togithub.com/tekwiz) in
[https://github.com/node-fetch/node-fetch/pull/1057](https://togithub.com/node-fetch/node-fetch/pull/1057)
- Add typing for Response.redirect(url, status) by
[@&#8203;c-w](https://togithub.com/c-w) in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)
- chore: Correct stuff in README.md by
[@&#8203;Jiralite](https://togithub.com/Jiralite) in
[https://github.com/node-fetch/node-fetch/pull/1361](https://togithub.com/node-fetch/node-fetch/pull/1361)
- docs: Improve clarity of "Loading and configuring" by
[@&#8203;serverwentdown](https://togithub.com/serverwentdown) in
[https://github.com/node-fetch/node-fetch/pull/1323](https://togithub.com/node-fetch/node-fetch/pull/1323)
- feat(Body): Added support for `BodyMixin.formData()` and constructing
bodies with FormData by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1314](https://togithub.com/node-fetch/node-fetch/pull/1314)
- template: Make PR template more task oriented by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1224](https://togithub.com/node-fetch/node-fetch/pull/1224)
- docs: Update code examples by
[@&#8203;jimmywarting](https://togithub.com/jimmywarting) in
[https://github.com/node-fetch/node-fetch/pull/1365](https://togithub.com/node-fetch/node-fetch/pull/1365)

#### New Contributors

- [@&#8203;serverwentdown](https://togithub.com/serverwentdown) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1268](https://togithub.com/node-fetch/node-fetch/pull/1268)
- [@&#8203;lakuapik](https://togithub.com/lakuapik) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1281](https://togithub.com/node-fetch/node-fetch/pull/1281)
- [@&#8203;robertoaceves](https://togithub.com/robertoaceves) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1316](https://togithub.com/node-fetch/node-fetch/pull/1316)
- [@&#8203;davesidious](https://togithub.com/davesidious) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1162](https://togithub.com/node-fetch/node-fetch/pull/1162)
- [@&#8203;thedanfernandez](https://togithub.com/thedanfernandez) made
their first contribution in
[https://github.com/node-fetch/node-fetch/pull/1135](https://togithub.com/node-fetch/node-fetch/pull/1135)
- [@&#8203;dhritzkiv](https://togithub.com/dhritzkiv) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1318](https://togithub.com/node-fetch/node-fetch/pull/1318)
- [@&#8203;dnalborczyk](https://togithub.com/dnalborczyk) made their
first contribution in
[https://github.com/node-fetch/node-fetch/pull/1345](https://togithub.com/node-fetch/node-fetch/pull/1345)
- [@&#8203;dependabot](https://togithub.com/dependabot) made their first
contribution in
[https://github.com/node-fetch/node-fetch/pull/1319](https://togithub.com/node-fetch/node-fetch/pull/1319)
- [@&#8203;c-w](https://togithub.com/c-w) made their first contribution
in
[https://github.com/node-fetch/node-fetch/pull/1169](https://togithub.com/node-fetch/node-fetch/pull/1169)

**Full Changelog**:
node-fetch/node-fetch@v3.0.0...v3.1.0

###
[`v3.0.0`](https://togithub.com/node-fetch/node-fetch/releases/tag/v3.0.0)

[Compare
Source](https://togithub.com/node-fetch/node-fetch/compare/v2.7.0...v3.0.0)

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package
See
[changelog](https://togithub.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300)
for more information about all the changes.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/LUISDASARTIMANHAS/template-server-express-node-js).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
github-merge-queue bot referenced this pull request in camunda/camunda Aug 17, 2024