Node-fetch is a lightweight module designed to bring the window.fetch API familiar to browser-based JavaScript environments to Node.js. Comparing versions 1.0.1 and 1.0.2, the core functionality remains consistent, offering developers a clean and easy way to make HTTP requests. Both versions share identical dependencies, relying on "encoding": "^0.1.11" for handling character encodings and a suite of development dependencies including "bluebird", "chai", "coveralls", "istanbul", and "mocha" for testing and code quality assurance. This consistent dependency profile suggests a stable core functionality.
The key distinction lies in the release date. Version 1.0.2 was released on January 28, 2015, shortly after version 1.0.1 which was released on January 27, 2015. This close succession indicates that version 1.0.2 likely incorporates minor bug fixes or very targeted improvements over its predecessor. For developers, this implies that upgrading from 1.0.1 to 1.0.2 is recommended, as it likely provides a more refined and potentially more stable experience, without introducing any breaking changes given the shared dependencies and rapid release cycle.
The library itself, under the MIT license and maintained in a GitHub repository ("https://github.com/bitinn/node-fetch.git"), encourages community contributions and provides a well-documented resource for resolving any potential compatibility or integration needs. Both version 1.0.1 and 1.0.2 are available via npm, making installation and use seamless for Node.js projects.
All the vulnerabilities related to the version 1.0.2 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
