Bump node-fetch from 2.6.1 to 2.6.5 in /desktop (#2970)

Summary: Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/releases">node-fetch's releases</a>.</em></p> <blockquote> <h2>v2.6.2</h2> <p>fixed main path in package.json</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/v2.6.5/CHANGELOG.md">node-fetch's changelog</a>.</em></p> <blockquote> <h2>v2.6.5</h2> <ul> <li>Fix: import <code>whatwg-url</code> in a way compatible with ESM</li> </ul> <h2>v2.6.4</h2> <ul> <li>Hotfix: fix v2.6.3 that did not sending query params</li> </ul> <h2>v2.6.3</h2> <ul> <li>Fix: properly encode url with unicode characters</li> </ul> <h2>v2.6.2</h2> <ul> <li>Fix: used full filename for main in package.json</li> <li>Other: pinned codecov & teeny-request (had one breaking change with spread operators)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="b5417aea6a"><code>b5417ae</code></a> fix: import whatwg-url in a way compatible with ESM Node (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1303">https://github.com/facebook/flipper/issues/1303</a>)</li> <li><a href="18193c5922"><code>18193c5</code></a> fix v2.6.3 that did not sending query params (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1301">https://github.com/facebook/flipper/issues/1301</a>)</li> <li><a href="ace7536c95"><code>ace7536</code></a> fix: properly encode url with unicode characters (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1291">https://github.com/facebook/flipper/issues/1291</a>)</li> <li><a href="152214ca2f"><code>152214c</code></a> Fix(package.json): Corrected main file path in package.json (<a href="https://github-redirect.dependabot.com/node-fetch/node-fetch/issues/1274">https://github.com/facebook/flipper/issues/1274</a>)</li> <li>See full diff in <a href="https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~endless">endless</a>, a new releaser for node-fetch since your current version.</p> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=node-fetch&package-manager=npm_and_yarn&previous-version=2.6.1&new-version=2.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `dependabot rebase` will rebase this PR - `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `dependabot merge` will merge this PR after your CI passes on it - `dependabot squash and merge` will squash and merge this PR after your CI passes on it - `dependabot cancel merge` will cancel a previously requested merge and block automerging - `dependabot reopen` will reopen this PR if it is closed - `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Pull Request resolved: https://github.com/facebook/flipper/pull/2970 Reviewed By: mweststrate Differential Revision: D31545798 Pulled By: passy fbshipit-source-id: b72c0fdefb821d3a5806c5421333c570497edf54
2021-10-13 07:35:05 -07:00
parent 342b5f7a12
commit 8f9ecd6b2d
3 changed files with 25 additions and 19 deletions
--- a/desktop/package.json
+++ b/desktop/package.json
@@ -168,7 +168,7 @@
    "metro": "^0.66.2",
    "metro-minify-terser": "^0.66.2",
    "metro-resolver": "^0.66.2",
-    "node-fetch": "^2.6.1",
+    "node-fetch": "^2.6.5",
    "p-filter": "^2.1.0",
    "p-map": "^4.0.0",
    "patch-package": "^6.4.7",
--- a/desktop/static/package.json
+++ b/desktop/static/package.json
@@ -9,7 +9,7 @@
    "fix-path": "^3.0.0",
    "mac-ca": "^1.0.6",
    "mkdirp": "^1.0.4",
-    "node-fetch": "^2.6.1",
+    "node-fetch": "^2.6.5",
    "ws": "^8.2.1",
    "xdg-basedir": "^4.0.0",
    "yargs": "^16.2.0"
--- a/desktop/yarn.lock
+++ b/desktop/yarn.lock
@@ -9349,11 +9349,6 @@ lodash.merge@^4.6.2:
  resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
  integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
 lodash.sortby@^4.7.0:
  version "4.7.0"
  resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438"
  integrity sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=
 lodash.template@^4.4.0:
  version "4.5.0"
  resolved "https://registry.yarnpkg.com/lodash.template/-/lodash.template-4.5.0.tgz#f976195cf3f347d0d5f52483569fe8031ccce8ab"
@@ -10062,10 +10057,12 @@ node-dir@^0.1.17:
  dependencies:
    minimatch "^3.0.2"
-node-fetch@2.6.0, node-fetch@^2.2.0, node-fetch@^2.6.0, node-fetch@^2.6.1:
+node-fetch@2.6.0, node-fetch@^2.2.0, node-fetch@^2.6.0, node-fetch@^2.6.1, node-fetch@^2.6.5:
-  version "2.6.1"
+  version "2.6.5"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.5.tgz#42735537d7f080a7e5f78b6c549b7146be1742fd"
-  integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==
+  integrity sha512-mmlIVHJEu5rnIxgEgez6b9GgWXbkZj5YZ7fx+2r94a2E+Uirsp6HsPTPlomfdHtpt/B0cdKviwkoaM6pyvUOpQ==
  dependencies:
    whatwg-url "^5.0.0"
 node-forge@^0.10.0, node-forge@^0.7.1:
  version "0.10.0"
@@ -13153,6 +13150,11 @@ tr46@^2.0.2:
  dependencies:
    punycode "^2.1.1"
 tr46@~0.0.3:
  version "0.0.3"
  resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a"
  integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=
 trim-repeated@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/trim-repeated/-/trim-repeated-1.0.0.tgz#e3646a2ea4e891312bf7eace6cfb05380bc01c21"
@@ -13680,6 +13682,11 @@ wcwidth@^1.0.1:
  dependencies:
    defaults "^1.0.3"
 webidl-conversions@^3.0.0:
  version "3.0.1"
  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871"
  integrity sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=
 webidl-conversions@^5.0.0:
  version "5.0.0"
  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-5.0.0.tgz#ae59c8a00b121543a2acc65c0434f57b0fc11aff"
@@ -13707,16 +13714,15 @@ whatwg-mimetype@^2.3.0:
  resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf"
  integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==
-whatwg-url@^8.0.0:
+whatwg-url@^5.0.0:
-  version "8.4.0"
+  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.4.0.tgz#50fb9615b05469591d2b2bd6dfaed2942ed72837"
+  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d"
-  integrity sha512-vwTUFf6V4zhcPkWp/4CQPr1TW9Ml6SF4lVyaIMBdJw5i6qUUJ1QWM4Z6YYVkfka0OUIzVo/0aNtGVGk256IKWw==
+  integrity sha1-lmRU6HZUYuN2RNNib2dCzotwll0=
  dependencies:
-    lodash.sortby "^4.7.0"
+    tr46 "~0.0.3"
-    tr46 "^2.0.2"
+    webidl-conversions "^3.0.0"
    webidl-conversions "^6.1.0"
-whatwg-url@^8.5.0:
+whatwg-url@^8.0.0, whatwg-url@^8.5.0:
  version "8.5.0"
  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.5.0.tgz#7752b8464fc0903fec89aa9846fc9efe07351fd3"
  integrity sha512-fy+R77xWv0AiqfLl4nuGUlQ3/6b5uNfQ4WAbGQVMYshCTCCPK9psC1nWh3XHuxGVCtlcDDQPQW1csmmIQo+fwg==