Node-fetch is a lightweight module bringing the window.fetch API, familiar from browsers, to Node.js environments. Comparing versions 2.6.5 and 2.6.4, the core functionality remains consistent, focusing on providing a familiar, promise-based approach to making HTTP requests. Both versions share the same dependencies, including whatwg-url for URL parsing, and devDependencies used for testing, building, and code coverage such as chai, mocha, rollup and babel.
The primary difference lies in the release date and potentially subtle bug fixes or performance improvements incorporated in version 2.6.5. It was released a day after version 2.6.4. The unpacked size of version 2.6.5 is also slightly bigger, 149265 vs 149173 bytes. While the API remains consistent between these minor versions, developers should favor version 2.6.5 for the latest fixes and optimizations.
Developers using Node-fetch get a simple, clean API for making web requests, handling things like GET, POST, PUT, and DELETE requests with ease. The library supports request and response streams, headers, and various content types, making it versatile for interacting with different APIs. If you're already using 2.6.4, upgrading to version 2.6.5 is recommended to keep your project up-to-date with latest improvements and bug fixes. Always test when upgrading dependencies.
All the vulnerabilities related to the version 2.6.5 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
