Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump cross-fetch from 2.2.5 to 4.1.0 #317

Open
wants to merge 1 commit into
base: sif-dev
Choose a base branch
from
Open

Bump cross-fetch from 2.2.5 to 4.1.0 #317

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 29, 2025

Bumps cross-fetch from 2.2.5 to 4.1.0.

Release notes

Sourced from cross-fetch's releases.

v4.1.0

What's Changed

FEATURES

  • Added support for Node 22.
  • Upgraded node-fetch to 2.7.0. Please refer to node-fetch release notes between 2.6.13 and 2.7.0 for features and bug fixes.

FIXES

  • Upgraded whatwg-fetch to 3.6.20. Please refer to whatwg-fetch release notes between 3.6.2 and 3.6.20 for bug fixes.

v4.0.0

What's Changed

BREAKING CHANGES

  • Dropped support for Node 10 and 12. (Note: cross-fetch will likely continue working on those versions, but specs tests are not running on those Node versions and no support will be provided if issues come up.)
  • Please check implementation conflicts in the Fetch API tests.

FEATURES

  • Added support for Node 18 and 20.
  • Added support for Service and Cloudflare Workers (Fixes #69, #78, #148) by prioritizing native code over third-party implementation. Fetch API test suite now running against node-fetch, whatwg-fetch, native browser and native node fetch.
  • Upgraded whatwg-fetch to 3.6.2. Please refer to whatwg-fetch release notes between 3.0.0 and 3.6.2 for features and bug fixes.
  • fetch.ponyfill is set to true when custom implementation is used. This improves debuggability.

v3.2.0

What's Changed

FEATURES

  • Upgraded node-fetch from 2.6.12 to 2.7.0. Please refer to node-fetch release notes for features and bug fixes.
  • Upgraded whatwg-fetch from 3.0.0 to 3.6.20. Please refer to whatwg-fetch release notes for features and bug fixes.

v3.1.8

What's Changed

  • Restored caret range to node-fetch version for automatic feature and fix updates.

Full Changelog: lquixada/cross-fetch@v3.1.7...v3.1.8

v3.1.7

What's Changed

  • Updated node-fetch version to 2.6.12

Full Changelog: lquixada/cross-fetch@v3.1.6...v3.1.7

v3.1.6

What's Changed

  • Updated node-fetch version to 2.6.11
  • Added caret range to node-fetch version for automatic feature and fix updates.

... (truncated)

Changelog

Sourced from cross-fetch's changelog.

4.1.0 (2024-12-21)

Features

Bug Fixes

4.0.0 (2023-07-03)

Commits
  • 3415e1f chore(release): 4.1.0
  • f0dbe54 chore: fixed release workflow
  • df46c2a fix: updated whatwg-fetch to 3.6.20 (#197)
  • 04846bc refactor: improved make targets output
  • 0ab2481 feat: updated node-fetch to 2.7.0 (#192)
  • 074cd87 feat: added support for node 22
  • 4283bd9 chore: changed default node version to 20
  • 625bf57 chore: updated action/setup-node to v4 and hmarr/debug-action to v3
  • d24345b chore: updated actions/checkout and actions/cache to v4
  • ccaf40b chore: switched minifier from @​rollup/plugin-terser to rollup-plugin-esbuild ...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump cross-fetch from 2.2.5 to 4.1.0
9c20da7 
Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 2.2.5 to 4.1.0.
- [Release notes](https://github.com/lquixada/cross-fetch/releases)
- [Changelog](https://github.com/lquixada/cross-fetch/blob/v4.x/CHANGELOG.md)
- [Commits](lquixada/cross-fetch@v2.2.5...v4.1.0)

---
updated-dependencies:
- dependency-name: cross-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants