diff --git a/npm/package.json b/npm/package.json
index f6a2297..828508a 100644
--- a/npm/package.json
+++ b/npm/package.json
@@ -41,7 +41,7 @@
     "postinstall.js"
   ],
   "dependencies": {
-    "node-fetch": "2.6.7",
+    "node-fetch": "2.6.8",
     "unzipper": "0.10.11"
   },
   "devDependencies": {
diff --git a/npm/yarn.lock b/npm/yarn.lock
index 34c0b9f..efd4f55 100644
--- a/npm/yarn.lock
+++ b/npm/yarn.lock
@@ -243,10 +243,10 @@ minipass@^3.3.5:
   dependencies:
     minimist "^1.2.6"
 
-node-fetch@2.6.7:
-  version "2.6.7"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad"
-  integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==
+node-fetch@2.6.8:
+  version "2.6.8"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.8.tgz#a68d30b162bc1d8fd71a367e81b997e1f4d4937e"
+  integrity sha512-RZ6dBYuj8dRSfxpUSu+NsdF1dpPpluJxwOp+6IoDp/sH2QNDSvurYsAa+F1WxY2RjA1iP93xhcsUoYbF2XBqVg==
   dependencies:
     whatwg-url "^5.0.0"