Bump node-fetch from 2.0.0-alpha.9 to 2.6.0

[dependabot-preview]

Bumps node-fetch from 2.0.0-alpha.9 to 2.6.0.

Release notes

Sourced from node-fetch's releases.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
• Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
• Fix: support custom Host headers with any casing
• Fix: support importing fetch() from TypeScript in browser.js
• Fix: handle the redirect response body properly

See CHANGELOG.

Version 2.1.1

See CHANGELOG.

Fix packaging errors in version 2.1.0.

Version 2.1.0

See CHANGELOG:

• Enhance: allow using ArrayBuffer as the body of a fetch() or Request
• Fix: store HTTP headers of a Headers object internally with the given case, for compatibility with older servers that incorrectly treated header names in a case-sensitive manner
• Fix: silently ignore invalid HTTP headers
• Fix: handle HTTP redirect responses without a Location header just like non-redirect responses
• Fix: include bodies when following a redirection when appropriate

Version 2.0.0

This is a major release. See upgrade guide on how to upgrade from v1.x, and the changelog for all changes.

Changelog

Sourced from node-fetch's changelog.

v2.6.0

• Enhance: options.agent, it now accepts a function that returns custom http(s).Agent instance based on current URL, see readme for more information.
• Fix: incorrect Content-Length was returned for stream body in 2.5.0 release; note that node-fetch doesn't calculate content length for stream body.
• Fix: Response.url should return empty string instead of null by default.

v2.5.0

• Enhance: Response object now includes redirected property.
• Enhance: fetch() now accepts third-party Blob implementation as body.
• Other: disable package-lock.json generation as we never commit them.
• Other: dev dependency update.
• Other: readme update.

v2.4.1

• Fix: Blob import rule for node < 10, as Readable isn't a named export.

v2.4.0

• Enhance: added Brotli compression support (using node's zlib).
• Enhance: updated Blob implementation per spec.
• Fix: set content type automatically for URLSearchParams.
• Fix: Headers now reject empty header names.
• Fix: test cases, as node 12+ no longer accepts invalid header response.

v2.3.0

• Enhance: added AbortSignal support, with README example.
• Enhance: handle invalid Location header during redirect by rejecting them explicitly with FetchError.
• Fix: update browser.js to support react-native environment, where self isn't available globally.

v2.2.1

• Fix: compress flag shouldn't overwrite existing Accept-Encoding header.
• Fix: multiple import rules, where PassThrough etc. doesn't have a named export when using node <10 and --exerimental-modules flag.
• Other: Better README.

v2.2.0

• Enhance: Support all ArrayBuffer view types
• Enhance: Support Web Workers
• Enhance: Support Node.js' --experimental-modules mode; deprecate .es.js file
• Fix: Add __esModule property to the exports object
• Other: Better example in README for writing response to a file
• Other: More tests for Agent

v2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body objects

... (truncated)

Commits

• 95286f5 v2.6.0 (#638)
• bf8b4e8 Allow agent option to be a function (#632)
• 0c2294e 2.5.0 release (#630)
• 0fc414c Allow third party blob implementation (#629)
• d8f5ba0 build: disable generation of package-lock since it is not used (#623)
• 1fe1358 test: enable --throw-deprecation for tests (#625)
• a35dcd1 chore(deps): address deprecated url-search-params package (#622)
• b3ecba5 2.4.1 release (#619)
• 1a88481 Fix Blob for older node versions and webpack. (#618)
• c9805a2 2.4.0 release (#616)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[erunion]

node-fetch now defaults to doing auto-detection on response bodies, so a null content type should never be returned here in our test case.

[erunion]

@domharrington @kanadgupta Can yall take a look at this? There are a few major changes in node-fetch where it'll no longer return a null content type header, so I had to update some test expectations to account for this.

[erunion]

@dependabot rebase

[dependabot-preview]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[domharrington]

I had a look a this just now, and the only places i can see .type being used are here:

api-explorer/packages/api-explorer/src/ResponseBody.jsx

Line 10 in d8da27f

result.type && contentTypeIsJson(result.type) && typeof result.responseBody === 'object';

and here:

api-explorer/packages/api-explorer/src/ResponseBody.jsx

Line 34 in b32e92f

{syntaxHighlighter(result.responseBody, result.type)}

I wonder if passing 'text/plain;charset=UTF-8' into the syntax-highligher will work?

[domharrington]

Looking at our code for this, if someone returns JSON but no content-type, then we'll render with no syntax highlighting. I'm not sure if that's the same as now, or whether this will be a regression.

api-explorer/packages/api-explorer/src/lib/parse-response.js

Lines 14 to 27 in d8da27f

	const contentType = response.headers.get('Content-Type');
	const isJson = contentType && contentTypeIsJson(contentType);
	// We have to clone it before reading, just incase
	// we cannot parse it as JSON later, then we can
	// re-read again as plain text
	const clonedResponse = response.clone();
	let responseBody;
	try {
	responseBody = await response[isJson ? 'json' : 'text']();
	} catch (e) {
	responseBody = await clonedResponse.text();
	}

[erunion]

@domharrington Ignoring that this is actually HTML, but syntax-highlighter can render text/plain;charset=UTF-8 just fine.

So if we don't get back a content type now, node-fetch defaulting to that should be fine.