apollostack/subscriptions-transport-ws (subscriptions-transport-ws)
### [`v0.9.19`](https://togithub.com/apollostack/subscriptions-transport-ws/blob/HEAD/CHANGELOG.md#v0919-2021-06-08)
[Compare Source](https://togithub.com/apollostack/subscriptions-transport-ws/compare/v0.9.18...v0.9.19)
- Bump `ws` dependency to allow v6 and v7. Note that there are breaking changes in `ws` [`6.0.0`](https://togithub.com/websockets/ws/releases/tag/6.0.0) and [`7.0.0`](https://togithub.com/websockets/ws/releases/tag/7.0.0); for example, messages over 100MiB are rejected, and (in v7) the behavior of sending messages while the connection is starting or ending has changed. We are publishing this package to allow users of Apollo Server 2 to avoid seeing [this CVE](https://www.npmjs.com/advisories/1748) in their `npm audit`. However, note that (a) this CVE does not affect the subscriptions client, just the server and (b) Apollo Server 3 will remove its superficial integration with this package entirely. We encourage users of Apollo Server 2 to disable the integration with this unmaintained package via `new ApolloServer({subscriptions: false})`, and consider packages such as `graphql-ws` to power GraphQL subscriptions until such time as Apollo Server has more fully integrated subscriptions support.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
0.9.18->0.9.19By merging this PR, the issue #19 will be automatically resolved and closed:
Release Notes
apollostack/subscriptions-transport-ws (subscriptions-transport-ws)
### [`v0.9.19`](https://togithub.com/apollostack/subscriptions-transport-ws/blob/HEAD/CHANGELOG.md#v0919-2021-06-08) [Compare Source](https://togithub.com/apollostack/subscriptions-transport-ws/compare/v0.9.18...v0.9.19) - Bump `ws` dependency to allow v6 and v7. Note that there are breaking changes in `ws` [`6.0.0`](https://togithub.com/websockets/ws/releases/tag/6.0.0) and [`7.0.0`](https://togithub.com/websockets/ws/releases/tag/7.0.0); for example, messages over 100MiB are rejected, and (in v7) the behavior of sending messages while the connection is starting or ending has changed. We are publishing this package to allow users of Apollo Server 2 to avoid seeing [this CVE](https://www.npmjs.com/advisories/1748) in their `npm audit`. However, note that (a) this CVE does not affect the subscriptions client, just the server and (b) Apollo Server 3 will remove its superficial integration with this package entirely. We encourage users of Apollo Server 2 to disable the integration with this unmaintained package via `new ApolloServer({subscriptions: false})`, and consider packages such as `graphql-ws` to power GraphQL subscriptions until such time as Apollo Server has more fully integrated subscriptions support.