egg-socket.io icon indicating copy to clipboard operation
egg-socket.io copied to clipboard

Published 20 hours ago verified publisher icon eggjs

Upgrade socket.io to version 4.7.5

Open LinhoonYu opened this issue 8 months ago • 3 comments

解决openSCA扫描的egg-socket.io相关间接依赖版本漏洞问题 微信图片_20240603094656

  1. socket.io-parser:[egg-socket.io:4.1.6]/[socket.io:2.5.0]/[socket.io-client:2.5.0]/[socket.io-parser:3.3.3]]
  2. engine.io:[egg-socket.io:4.1.6]/[socket.io:2.5.0]/[engine.io:3.6.1]]
  3. debug: [egg-socket.io:4.1.6]/[socket.io:2.5.0]/[debug:4.1.1]]

Summary by CodeRabbit

  • Chores
    • Updated socket.io dependency from version ^2.1.1 to ^4.7.5 for improved performance and security.

LinhoonYu avatar Jun 03 '24 02:06 LinhoonYu