[PR #279] [MERGED] Bump node-fetch from 2.6.1 to 3.0.0 #5621

New Issue

Closed

opened 2026-06-11 02:30:22 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-06-11 02:30:22 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/joelwmale/webhook-action/pull/279
Author: @dependabot[bot]
Created: 9/1/2021
Status: ✅ Merged
Merged: 9/1/2021
Merged by: @mergify[bot]

Base: develop ← Head: dependabot/npm_and_yarn/node-fetch-3.0.0

---

📝 Commits (1)

• 69fd7bc Bump node-fetch from 2.6.1 to 3.0.0

📊 Changes

2 files changed (+25 additions, -5 deletions)

View changed files

📝 package.json (+1 -1)
📝 yarn.lock (+24 -4)

📄 Description

Bumps node-fetch from 2.6.1 to 3.0.0.

Release notes

Sourced from node-fetch's releases.

v3.0.0

version 3 is going out of a long beta period and switches to stable

One major change is that it's now a ESM only package See changelog for more information about all the changes

v3.0.0-beta.10

This package is now a ESM only package. To import fetch you either have to use

import fetch from 'node-fetch';
// Or if you are still using commonjs or want to lazy
// import fetch then the async import works fine
import('node-fetch')

• res.blob().stream() now returns a whatwg ReadableStream instad

See CHANGELOG for details.

v3.0.0-beta.9

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

v3.0.0-beta.8

See CHANGELOG for details.

v3.0.0-beta.7

See CHANGELOG for details.

v3.0.0-beta.6

See CHANGELOG for details.

v3.0.0-beta.6-exportfix

See CHANGELOG for details.

v3.0.0-beta.5

See CHANGELOG for details.

v3.0.0-beta.1

See CHANGELOG for details.

Changelog

Sourced from node-fetch's changelog.

v3.0.0

• other: Marking v3 as stable
• docs: Add example for loading ESM from CommonJS (#1236)

v3.0.0-beta.10

• Breaking: minimum supported Node.js version is now 12.20.
• Breaking: node-fetch is now a pure ESM module.
• Other: update readme to inform users about ESM.
• Other: update dependencies.

v3.0.0-beta.9

This is an important security release. It is strongly recommended to update as soon as possible.

• Fix: honor the size option after following a redirect.

v3.0.0-beta.8

• Enhance: remove string-to-arraybuffer (#882).
• Enhance: remove parted dependency (#883).
• Fix: export package.json (#908).
• Fix: minimum Node.js version (#874).
• Other: fix typo.

v3.0.0-beta.7

• Breaking: minimum supported Node.js version is now 10.17.
• Enhance: update fetch-blob.
• Enhance: add insecureHTTPParser Parameter (#856).
• Enhance: drop custom Promises and refactor to async functions (#845).
• Enhance: polyfill http.validateHeaderName and http.validateHeaderValue (#843).
• Enhance: should check body source on redirect (#866).
• Enhance: remove code duplication in custom errors (#842).
• Enhance: implement form-data encoding (#603).
• Fix: improve TypeScript types (#841).
• Fix: data URI handling and drop all URL analysis RegExps (#853).
• Fix: headers import statement (#859).
• Fix: correct Node versions were not installed on test matrix (#846).
• Other: test CommonJS build artifact (#838).
• Other: create Code of Conduct (#849).
• Other: readme update.

v3.0.0-beta.6-exportfix

• Fix: fetch function export & declaration, which broke the previous release.

v3.0.0-beta.6

... (truncated)

Commits

• 2603c67 V3 stable release (#1257)
• 2f1b426 docs: Add example for loading ESM from CommonJS (#1236)
• 51861e9 Fix(premature close) Redirect failing when response is chunked but empty (#1222)
• 136a5f1 Add link to v2 docs (#1202)
• b50fbc1 Require Node.js 12.20.0 and move to ESM (#1141)
• ffef5e3 Fix this arg for URLSearchParams prototype call (#1111)
• 694b11a Upgrade to GitHub-native Dependabot (#1139)
• 3b50b0c Add support for Response.error() (#1078)
• 1780f5a fix: Add missing insecureHTTPParser in RequestInit interface (#964)
• 9e50c5b Update README.md (#1112)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/joelwmale/webhook-action/pull/279 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/1/2021 **Status:** ✅ Merged **Merged:** 9/1/2021 **Merged by:** [@mergify[bot]](https://github.com/apps/mergify) **Base:** `develop` ← **Head:** `dependabot/npm_and_yarn/node-fetch-3.0.0` --- ### 📝 Commits (1) - [`69fd7bc`](https://github.com/joelwmale/webhook-action/commit/69fd7bcdddfb1273404f2af53e9ca95cbfea9df7) Bump node-fetch from 2.6.1 to 3.0.0 ### 📊 Changes **2 files changed** (+25 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `yarn.lock` (+24 -4) </details> ### 📄 Description Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 3.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/releases">node-fetch's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <p>version 3 is going out of a long beta period and switches to stable</p> <p>One major change is that it's now a ESM only package See <a href="https://github.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md#v300">changelog</a> for more information about all the changes</p> <h2>v3.0.0-beta.10</h2> <p>This package is now a ESM only package. To import fetch you either have to use</p> <pre lang="js"><code>import fetch from 'node-fetch'; <p>// Or if you are still using commonjs or want to lazy // import fetch then the async import works fine import('node-fetch') </code></pre></p> <ul> <li><code>res.blob().stream()</code> now returns a whatwg <a href="https://developer.mozilla.org/en-US/docs/Web/API/ReadableStream">ReadableStream</a> instad</li> </ul> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.9</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta9">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.8</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta8">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.7</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta7">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.6</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta5">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.6-exportfix</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta5">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.5</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300-beta5">CHANGELOG</a> for details.</p> <h2>v3.0.0-beta.1</h2> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v300">CHANGELOG</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md">node-fetch's changelog</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>other: Marking v3 as stable</li> <li>docs: Add example for loading ESM from CommonJS (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1236">#1236</a>)</li> </ul> <h2>v3.0.0-beta.10</h2> <ul> <li><strong>Breaking:</strong> minimum supported Node.js version is now 12.20.</li> <li><strong>Breaking:</strong> node-fetch is now a pure ESM module.</li> <li>Other: update readme to inform users about ESM.</li> <li>Other: update dependencies.</li> </ul> <h2>v3.0.0-beta.9</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <ul> <li>Fix: honor the <code>size</code> option after following a redirect.</li> </ul> <h2>v3.0.0-beta.8</h2> <ul> <li>Enhance: remove string-to-arraybuffer (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/882">#882</a>).</li> <li>Enhance: remove parted dependency (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/883">#883</a>).</li> <li>Fix: export package.json (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/908">#908</a>).</li> <li>Fix: minimum Node.js version (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/874">#874</a>).</li> <li>Other: fix typo.</li> </ul> <h2>v3.0.0-beta.7</h2> <ul> <li><strong>Breaking:</strong> minimum supported Node.js version is now 10.17.</li> <li>Enhance: update <code>fetch-blob</code>.</li> <li>Enhance: add insecureHTTPParser Parameter (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/856">#856</a>).</li> <li>Enhance: drop custom Promises and refactor to <code>async</code> functions (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/845">#845</a>).</li> <li>Enhance: polyfill <code>http.validateHeaderName</code> and <code>http.validateHeaderValue</code> (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/843">#843</a>).</li> <li>Enhance: should check body <em>source</em> on redirect (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/866">#866</a>).</li> <li>Enhance: remove code duplication in custom errors (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/842">#842</a>).</li> <li>Enhance: implement form-data encoding (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/603">#603</a>).</li> <li>Fix: improve TypeScript types (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/841">#841</a>).</li> <li>Fix: data URI handling and drop all URL analysis RegExps (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/853">#853</a>).</li> <li>Fix: headers import statement (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/859">#859</a>).</li> <li>Fix: correct Node versions were not installed on test matrix (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/846">#846</a>).</li> <li>Other: test CommonJS build artifact (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/838">#838</a>).</li> <li>Other: create Code of Conduct (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/849">#849</a>).</li> <li>Other: readme update.</li> </ul> <h2>v3.0.0-beta.6-exportfix</h2> <ul> <li>Fix: <code>fetch</code> function export &amp; declaration, which broke the previous release.</li> </ul> <h2>v3.0.0-beta.6</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/node-fetch/node-fetch/commit/2603c67f1840fb4a43e0837099a3b2725e8f615e"><code>2603c67</code></a> V3 stable release (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1257">#1257</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/2f1b426a9898c17e8dfaeccd160affd0a0c9f0d8"><code>2f1b426</code></a> docs: Add example for loading ESM from CommonJS (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1236">#1236</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/51861e98a8f87e0905e71bb101b506f9512a9d7f"><code>51861e9</code></a> Fix(premature close) Redirect failing when response is chunked but empty (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1222">#1222</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/136a5f143329f383594fd5510dcd893cc91c93aa"><code>136a5f1</code></a> Add link to v2 docs (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1202">#1202</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/b50fbc105755123cad34fb0bc9d5653ecc693b8a"><code>b50fbc1</code></a> Require Node.js 12.20.0 and move to ESM (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1141">#1141</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/ffef5e3c2322e8493dd75120b1123b01b106ab23"><code>ffef5e3</code></a> Fix <code>this</code> arg for URLSearchParams prototype call (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1111">#1111</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/694b11a8ba67a918af98776358db1443dbd9cb6c"><code>694b11a</code></a> Upgrade to GitHub-native Dependabot (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1139">#1139</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/3b50b0c4e67806451935fa4adcc8b65083148988"><code>3b50b0c</code></a> Add support for Response.error() (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1078">#1078</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1780f5ae89107ded4f232f43219ab0e548b0647c"><code>1780f5a</code></a> fix: Add missing insecureHTTPParser in RequestInit interface (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/964">#964</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/9e50c5bbc17dfc21e418fd798a45fb4fd0ae7b44"><code>9e50c5b</code></a> Update README.md (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1112">#1112</a>)</li> <li>Additional commits viewable in <a href="https://github.com/node-fetch/node-fetch/compare/v2.6.1...v3.0.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~endless">endless</a>, a new releaser for node-fetch since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-06-11 02:30:22 -05:00

GiteaMirror closed this issue 2026-06-11 02:30:23 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

develop

master

dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-7.13.1

dependabot/npm_and_yarn/types/node-20.14.8

dependabot/npm_and_yarn/typescript-eslint/parser-7.13.1

dependabot/npm_and_yarn/braces-3.0.3

dependabot/npm_and_yarn/babel/preset-env-7.24.7

dependabot/npm_and_yarn/undici-5.28.4

v2

v2.4.2

2.4.1

2.4.0

2.3.2

2.3.1

2.3.0

2.2.0

2.1.0

2.0.2

2.0.1

2.0.0

1.0.1

1.0.0

Labels

Clear labels

pull-request

Mirrored from GitHub Pull Request

question

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/webhook-action#5621