Node Fetch version 1.4.0 introduces notable updates compared to its predecessor, version 1.3.3, offering developers enhanced functionalities and improved compatibility. A key addition in 1.4.0 is the introduction of the "is-stream" dependency which identifies streams, facilitating more robust handling of streaming data within the fetch requests and responses. This resolves possible issues that may appear while working with binary data.
The development dependencies also see significant upgrades. Bluebird, a promise library, jumps from version 2.9.1 to 3.3.4, potentially bringing performance improvements and new features for asynchronous operations. Chai, an assertion library, moves from 1.10.0 to 3.5.0, offering more expressive and powerful assertion capabilities for testing. Chai-as-promised transitions from 4.1.1 to 5.2.0, enhancing asynchronous testing further. Istanbul, the code coverage tool, is updated from 0.3.5 to 0.4.2, allowing for more accurate and detailed reporting. Promise library jumps from 6.1.0 to 7.1.1 version.
These updates generally signify a move towards more modern and stable development tools, potentially resulting in better performance, more reliable testing, and improved code maintainability. Developers upgrading to version 1.4.0 can expect a more robust and feature-rich experience, especially when working with streaming data and complex asynchronous operations. The package also keeps the same MIT license, author and repository details so developers can keep contributing to the project.
All the vulnerabilities related to the version 1.4.0 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
