[PR #33] [MERGED] Bump node-fetch from 2.6.0 to 2.6.1 #5378

New Issue

GiteaMirror · 2026-06-11T02:19:19-05:00

GiteaMirror commented

2026-06-11 02:19:19 -05:00

📋 Pull Request Information

Original PR: https://github.com/joelwmale/webhook-action/pull/33
Author: @dependabot[bot]
Created: 9/7/2020
Status: ✅ Merged
Merged: 9/17/2020
Merged by: @mergify[bot]

Base: develop ← Head: dependabot/npm_and_yarn/node-fetch-2.6.1

📝 Commits (1)

d5f3824 Bump node-fetch from 2.6.0 to 2.6.1

📊 Changes

2 files changed (+5 additions, -5 deletions)

View changed files

📝 package.json (+1 -1)
📝 yarn.lock (+4 -4)

📄 Description

Bumps node-fetch from 2.6.0 to 2.6.1.

Release notes

Sourced from node-fetch's releases.

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

Changelog

Sourced from node-fetch's changelog.

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

Fix: honor the size option after following a redirect.

Commits

b5e2e41 update version number
2358a6c Honor the size option after following a redirect and revert data uri support
8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
1e99050 fix: Change error message thrown with redirect mode set to error (#653)
244e6f6 docs: Show backers in README
6a5d192 fix: Properly parse meta tag when parameters are reversed (#682)
47a24a0 chore: Add opencollective badge
7b13662 chore: Add funding link
5535c2e fix: Check for global.fetch before binding it (#674)
1d5778a docs: Add Discord badge
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by akepinski, a new releaser for node-fetch since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/joelwmale/webhook-action/pull/33 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/7/2020 **Status:** ✅ Merged **Merged:** 9/17/2020 **Merged by:** [@mergify[bot]](https://github.com/apps/mergify) **Base:** `develop` ← **Head:** `dependabot/npm_and_yarn/node-fetch-2.6.1` --- ### 📝 Commits (1) - [`d5f3824`](https://github.com/joelwmale/webhook-action/commit/d5f38241d2aa34a261601ab1451a25de6b0982da) Bump node-fetch from 2.6.0 to 2.6.1 ### 📊 Changes **2 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `yarn.lock` (+4 -4) </details> ### 📄 Description Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1. <details> <summary>Release notes</summary> Sourced from <a href="https://github.com/bitinn/node-fetch/releases">node-fetch's releases</a>. <blockquote> <h2>v2.6.1</h2> This is an important security release. It is strongly recommended to update as soon as possible. See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v261">CHANGELOG</a> for details. </blockquote> </details> <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md">node-fetch's changelog</a>. <blockquote> <h2>v2.6.1</h2> This is an important security release. It is strongly recommended to update as soon as possible. <ul> <li>Fix: honor the <code>size</code> option after following a redirect.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/node-fetch/node-fetch/commit/b5e2e41b2b50bf2997720d6125accaf0dd68c0ab"><code>b5e2e41</code></a> update version number</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/2358a6c2563d1730a0cdaccc197c611949f6a334"><code>2358a6c</code></a> Honor the <code>size</code> option after following a redirect and revert data uri support</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/8c197f8982a238b3c345c64b17bfa92e16b4f7c4"><code>8c197f8</code></a> docs: Fix typos and grammatical errors in README.md (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/686">#686</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1e99050f944ac435fce26a9549eadcc2419a968a"><code>1e99050</code></a> fix: Change error message thrown with redirect mode set to error (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/653">#653</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/244e6f63d42025465796e3ca4ce813bf2c31fc5b"><code>244e6f6</code></a> docs: Show backers in README</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/6a5d192034a0f438551dffb6d2d8df2c00921d16"><code>6a5d192</code></a> fix: Properly parse meta tag when parameters are reversed (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/682">#682</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/47a24a03eb49a49d81b768892aee10074ed54a91"><code>47a24a0</code></a> chore: Add opencollective badge</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/7b136627c537cb24430b0310638c9177a85acee1"><code>7b13662</code></a> chore: Add funding link</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/5535c2ed478d418969ecfd60c16453462de2a53f"><code>5535c2e</code></a> fix: Check for global.fetch before binding it (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/674">#674</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1d5778ad0d910dbd1584fb407a186f5a0bc1ea22"><code>1d5778a</code></a> docs: Add Discord badge</li> <li>Additional commits viewable in <a href="https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> This version was pushed to npm by <a href="https://www.npmjs.com/~akepinski">akepinski</a>, a new releaser for node-fetch since your current version. </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=node-fetch&package-manager=npm_and_yarn&previous-version=2.6.0&new-version=2.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- 🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

GiteaMirror added the pull-request label 2026-06-11 02:19:19 -05:00

GiteaMirror closed this issue

2026-06-11 02:19:21 -05:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/webhook-action#5378