[Snyk] Security upgrade cross-fetch from 3.0.2 to 3.0.6

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	591/1000 Why? Recently disclosed, Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: cross-fetch

The new version differs by 50 commits.

• 14afdc1 3.0.6
• 1d277e5 updated node-fetch to 2.6.1.
• fa4f96f updated dev dependencies.
• d5d7b9d Bump codecov from 3.7.0 to 3.7.1
• 55a319e Updated text about isomorphic-fetch in README
• c1354d3 3.0.5
• a1da5de upgraded mocha to 8+.
• bb2955a updated minor and patch version of dev dependencies.
• 84328c7 updated dev dependencies.
• 7cffb05 updated who's using section on README.
• 0a95aef move "whatwg-fetch" in devDependencies
• 7466f27 updated supported environments section on README.
• 04ccbb2 updated supported node version.
• 65dbae4 added tags to the package.
• c3980f8 updated rollup module.
• d88fcc1 updated lint-staged module.
• e03d559 updated nyc module.
• ea6cea4 updated semver module.
• 06d4c56 updated ora module.
• 4e1f857 upgraded node to version 10 due some dependencies incompatibility.
• 48ae773 updated husky module.
• 5fb0f3f updated nock module.
• 038ff61 updated mocha module.
• 69c5b54 updated sinon module.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic