codeql/javascript/old-change-notes/2021-06-04-whatwg-fetch.md

lgtm,codescanning

• URIs used in the whatwg-fetch library are now recognized as sinks for js/request-forgery. Affected packages are whatwg-fetch