node-fetch version is vulnerable
marjoripomarole opened this issue · 3 comments
marjoripomarole commented
This package depends on node-fetch.
This issue tracks the update that needs to happen to version node-fetch@^2.6.1.
The real update would be to update fbemitter to version 3.0.0.
Relevant Github Advisory Database.
marjoripomarole commented
This #26 should fix it
baptistejamin commented
Thank your for the report.
We will merge this in the coming days.
eliottvincent commented
Merged, thanks again!