[Snyk] Security upgrade isomorphic-fetch from 2.2.1 to 3.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/letter/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	591/1000 Why? Recently disclosed, Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: isomorphic-fetch

The new version differs by 12 commits.

• fc5e0d0 3.0.0
• 496fa43 Add version that was previously uncomitted to the package.json due to the previous release process
• 9f5a8b6 Add a list of alternatives
• 49280e6 Resolve minor security issue
• 0f5edd0 Explain why Isomorphic Fetch is needed in docs (Update react-progressive-image in group default to the latest version 🚀 #135)
• e32b006 Fix travis (feat(posts): Actually use DynamoDB as a raw document store. (#77) #190)
• db0aa8c Update to latest version
• 8bf02c4 Bump node-fetch from 1.7.3 to 2.6.1 (chore(package): update serverless-plugin-warmup to version 4.2.0-rc.1  #189)
• 89c7e70 Merge pull request jsx i18n #93 from paulmelnikow/fetch_ponyfill
• 25e3cab Add link to fetch-ponyfill
• 8d33aba Merge pull request Turn on check-coverage in letter. #90 from josiah0/update-lintspaces-cli
• c22fcda Update lintspaces-cli

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[pull-assistant]

Best reviewed: commit by commit

---

Optimal code review plan

     fix: packages/letter/package.json to reduce vulnerabilities

Powered by Pull Assistant. Last update a7ba97b ... a7ba97b. Read the comment docs.

[codecov]

Codecov Report

Merging #749 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #749   +/-   ##
=======================================
  Coverage   94.25%   94.25%           
=======================================
  Files         363      363           
  Lines        3743     3743           
  Branches      309      309           
=======================================
  Hits         3528     3528           
  Misses        175      175           
  Partials       40       40           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 804ca3f...a7ba97b. Read the comment docs.

[codeclimate]

Code Climate has analyzed commit a7ba97b and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 95.6%.

View more on Code Climate.

[randytarampi]

Closed in 40b9654