node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

upgrade to node-fetch npm package

lotuspond/front/package-lock.json

@@ -6630,7 +6630,7 @@
       "resolved": "https://registry.npmjs.org/isomorphic-fetch/-/isomorphic-fetch-2.2.1.tgz",
       "integrity": "sha1-YRrhrPFPXoH3KVB0coGf6XM1WKk=",
       "requires": {
-        "node-fetch": "^1.0.1",
+        "node-fetch": "^2.6.7",
         "whatwg-fetch": ">=0.10.0"
       }
     },