engine.io has a vulnerability but can not be updated until socket.io gets a version bump. This PR bumps socket.io to the latest version (see Dependabot alert).
@Roog and @djhenley, I have only tested locally and I don't have a Pi available for a more proper testing. Could any of you run this on actual hardware since the version jump is quite large (2.4.0 to 4.4.1) and I am not sure what might be affected.
engine.io has a vulnerability but can not be updated until socket.io gets a version bump. This PR bumps socket.io to the latest version (see Dependabot alert).
@Roog and @djhenley, I have only tested locally and I don't have a Pi available for a more proper testing. Could any of you run this on actual hardware since the version jump is quite large (2.4.0 to 4.4.1) and I am not sure what might be affected.
Cheers!🥳