egg-socket.io
egg-socket.io copied to clipboard
eggjs
[Snyk] Fix for 1 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Regular Expression Denial of Service (ReDoS) npm:debug:20170905 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: socket.io
The new version differs by 84 commits.- f8a66fd chore(release): 3.0.5
- 752dfe3 chore: bump debug version
- bf54327 revert: restore the socket middleware functionality
- 170b739 fix: properly clear timeout on connection failure
- 230cd19 chore: bump dependencies
- a0a3481 test: fix random test failure
- f773b48 chore: update GitHub issue templates
- 292d62e docs(examples): update TypeScript example
- 178e899 docs(examples): add Angular TodoMVC + Socket.IO example
- d1bfe40 refactor: add more typing info and upgrade prettier (#3725)
- 81c1f4e chore(release): 3.0.4
- 1fba399 ci: migrate to GitHub Actions
- 4e6d404 chore: make tests work on Windows (#3708)
- 28c7cc0 style(issue-template): fix typo (#3700)
- 06a2bd3 chore(release): 3.0.3
- 85ebd35 chore: cleanup dist folder before compilation
- 9b6f971 chore(release): 3.0.2
- 43705d7 fix: merge Engine.IO options
- 118cc68 chore: add 3rd party types in the list of dependencies
- c596e54 docs(examples): update React Native example
- f7e0009 docs(examples): update TypeScript example
- e69d0ad chore: bump socket.io-client version
- 0317a07 chore(release): 3.0.1
- d00c0c0 docs(examples): update examples to Socket.IO v3
Package name: socket.io-redis
The new version differs by 14 commits.- 5f2de9b chore(release): 6.1.0
- 900ddfa chore: bump debug package
- 6c8d770 perf: remove one round-trip for the requester
- 468c3c8 feat: implement utility methods from Socket.IO v4
- fc19812 ci: migrate to GitHub Actions
- 4059501 test: convert tests to TypeScript
- 72fe98e docs: fix allSockets example (#381)
- 5cfdf90 docs: add details about the implementation
- 4dae265 chore(release): 6.0.1
- 509c0f0 docs: add examples with TypeScript and ES6 modules
- 0d2d69c fix(typings): properly expose the createAdapter method
- 3334d99 fix: fix broadcasting (#361)
- 2cab2e3 chore(release): 6.0.0
- d9bcb19 feat: add support for Socket.IO v3
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
