fix: sonatype-2022-3677 in node-fetch 2.6.7

bhamail · bhamail · commit d1b15abaec2a · 2023-07-11T20:54:24.000-04:00
diff --git a/dev-auditjs.json b/dev-auditjs.json
@@ -1,8 +1,4 @@
 {
   "ignore": [
-    {
-      "id": "sonatype-2022-3677",
-      "reason": "node-fetch @ all have possible vulnerability regarding Exposure of Sensitive Information to an Unauthorized Actor. ignoring while researching solutions, 07/11/2022"
-    }
   ]
 }
diff --git a/package.json b/package.json
@@ -97,7 +97,7 @@
     "https-proxy-agent": "^5.0.0",
     "js-yaml": "3.13.1",
     "log4js": "^6.4.0",
-    "node-fetch": "^2.6.7",
+    "node-fetch": "^2.6.8",
     "node-persist": "^3.1.0",
     "ora": "^4.0.3",
     "read-installed": "~4.0.3",

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,4 @@`
`1`	`1`	`{`
`2`	`2`	`"ignore": [`
`3`		`- {`
`4`		`- "id": "sonatype-2022-3677",`
`5`		`- "reason": "node-fetch @ all have possible vulnerability regarding Exposure of Sensitive Information to an Unauthorized Actor. ignoring while researching solutions, 07/11/2022"`
`6`		`- }`
`7`	`3`	`]`
`8`	`4`	`}`