search

Tim-Demo / JuiceShop

MIT License
0 stars 0 forks source link

Update dependency socket.io-client to v4 #187

Open mend-for-github-com[bot] opened 1 year ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
socket.io-client (source) devDependencies major ^3.1.0 -> ^4.5.0

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
Critical 10.0 CVE-2022-2421 #142
High 7.3 CVE-2023-32695 #203

Release Notes

socketio/socket.io (socket.io-client) ### [`v4.5.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.5.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.4.1...4.5.0) ##### Bug Fixes - **typings:** ensure compatibility with TypeScript 3.x ([#​4259](https://redirect.github.com/socketio/socket.io/issues/4259)) ([02c87a8](https://redirect.github.com/socketio/socket.io/commit/02c87a85614e217b8e7b93753f315790ae9d99f6)) ##### Features - add support for catch-all listeners for outgoing packets ([531104d](https://redirect.github.com/socketio/socket.io/commit/531104d332690138b7aab84d5583d6204132c8b4)) This is similar to `onAny()`, but for outgoing packets. Syntax: ```js socket.onAnyOutgoing((event, ...args) => { console.log(event); }); ``` - broadcast and expect multiple acks ([8b20457](https://redirect.github.com/socketio/socket.io/commit/8b204570a94979bbec307f23ca078f30f5cf07b0)) Syntax: ```js io.timeout(1000).emit("some-event", (err, responses) => { // ... }); ``` - add the "maxPayload" field in the handshake details ([088dcb4](https://redirect.github.com/socketio/engine.io/commit/088dcb4dff60df39785df13d0a33d3ceaa1dff38)) So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value. This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data: 0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000} ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.4.1...4.5.0 - Client release: [4.5.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.5.0) - engine.io version: `~6.2.0` ([diff](https://redirect.github.com/socketio/engine.io/compare/6.1.0...6.2.0)) - ws version: `~8.2.3` ### [`v4.4.1`](https://redirect.github.com/socketio/socket.io/releases/tag/4.4.1) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.4.0...4.4.1) ##### Bug Fixes - **types:** make `RemoteSocket.data` type safe ([#​4234](https://redirect.github.com/socketio/socket.io/issues/4234)) ([770ee59](https://redirect.github.com/socketio/socket.io/commit/770ee5949fb47c2556876c622f06c862573657d6)) - **types:** pass `SocketData` type to custom namespaces ([#​4233](https://redirect.github.com/socketio/socket.io/issues/4233)) ([f2b8de7](https://redirect.github.com/socketio/socket.io/commit/f2b8de71919e1b4d3e57f15a459972c1d1064787)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.4.0...4.4.1 - Client release: [4.4.1](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.4.1) - engine.io version: `~6.1.0` ([diff](https://redirect.github.com/socketio/engine.io/compare/6.0.0...6.1.0)) - ws version: `~8.2.3` ### [`v4.4.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.4.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.3.2...4.4.0) ##### Bug Fixes - only set 'connected' to true after middleware execution ([02b0f73](https://redirect.github.com/socketio/socket.io/commit/02b0f73e2c64b09c72c5fbf7dc5f059557bdbe50)) ##### Features - add an implementation based on uWebSockets.js ([c0d8c5a](https://redirect.github.com/socketio/socket.io/commit/c0d8c5ab234d0d2bef0d0dec472973cc9662f647)) ```js const { App } = require("uWebSockets.js"); const { Server } = require("socket.io"); const app = new App(); const io = new Server(); io.attachApp(app); io.on("connection", (socket) => { // ... }); app.listen(3000, (token) => { if (!token) { console.warn("port already in use"); } }); ``` - add timeout feature ([f0ed42f](https://redirect.github.com/socketio/socket.io/commit/f0ed42f18cabef20ad976aeec37077b6bf3837a5)) ```js socket.timeout(5000).emit("my-event", (err) => { if (err) { // the client did not acknowledge the event in the given delay } }); ``` - add type information to `socket.data` ([#​4159](https://redirect.github.com/socketio/socket.io/issues/4159)) ([fe8730c](https://redirect.github.com/socketio/socket.io/commit/fe8730ca0f15bc92d5de81cf934c89c76d6af329)) ```js interface SocketData { name: string; age: number; } const io = new Server(); io.on("connection", (socket) => { socket.data.name = "john"; socket.data.age = 42; }); ``` ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.3.2...4.4.0 - Client release: [4.4.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.4.0) - engine.io version: `~6.1.0` ([diff](https://redirect.github.com/socketio/engine.io/compare/6.0.0...6.1.0)) - ws version: `~8.2.3` ### [`v4.3.2`](https://redirect.github.com/socketio/socket.io/releases/tag/4.3.2) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.3.1...4.3.2) ##### Bug Fixes - fix race condition in dynamic namespaces ([#​4137](https://redirect.github.com/socketio/socket.io/issues/4137)) ([9d86397](https://redirect.github.com/socketio/socket.io/commit/9d86397243bcbb5775a29d96e5ef03e17148a8e7)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.3.1...4.3.2 - Client release: [4.3.2](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.3.2) - engine.io version: `~6.0.0` - ws version: `~8.2.3` ### [`v4.3.1`](https://redirect.github.com/socketio/socket.io/releases/tag/4.3.1) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.3.0...4.3.1) ##### Bug Fixes - fix server attachment ([#​4127](https://redirect.github.com/socketio/socket.io/issues/4127)) ([0ef2a4d](https://redirect.github.com/socketio/socket.io/commit/0ef2a4d02c9350aff163df9cb61aece89c4dac0f)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.3.0...4.3.1 - Client release: [4.3.1](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.3.1) - engine.io version: `~6.0.0` - ws version: `~8.2.3` ### [`v4.3.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.3.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.2.0...4.3.0) For this release, most of the work was done on the client side, see [here](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.3.0). ##### Bug Fixes - **typings:** add name field to cookie option ([#​4099](https://redirect.github.com/socketio/socket.io/issues/4099)) ([033c5d3](https://redirect.github.com/socketio/socket.io/commit/033c5d399a2b985afad32c1e4b0c16d764e248cd)) - send volatile packets with binary attachments ([dc81fcf](https://redirect.github.com/socketio/socket.io/commit/dc81fcf461cfdbb5b34b1a5a96b84373754047d5)) ##### Features - serve ESM bundle ([60edecb](https://redirect.github.com/socketio/socket.io/commit/60edecb3bd33801803cdcba0aefbafa381a2abb3)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.2.0...4.3.0 - Client release: [4.3.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.3.0) - engine.io version: `~6.0.0` ([diff](https://redirect.github.com/socketio/engine.io/compare/5.2.0...6.0.0)) - ws version: `~8.2.3` ([diff](https://redirect.github.com/websockets/ws/compare/7.4.2...8.2.3)) ### [`v4.2.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.2.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.1.3...4.2.0) ##### Bug Fixes - **typings:** allow async listener in typed events ([ccfd8ca](https://redirect.github.com/socketio/socket.io/commit/ccfd8caba6d38b7ba6c5114bd8179346ed07671c)) ##### Features - ignore the query string when serving client JavaScript ([#​4024](https://redirect.github.com/socketio/socket.io/issues/4024)) ([24fee27](https://redirect.github.com/socketio/socket.io/commit/24fee27ba36485308f8e995879c10931532c814e)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.1.3...4.2.0 - Client release: [4.2.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.2.0) - engine.io version: `~5.2.0` - ws version: `~7.4.2` ### [`v4.1.3`](https://redirect.github.com/socketio/socket.io/releases/tag/4.1.3) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.1.2...4.1.3) ##### Bug Fixes - fix io.except() method ([94e27cd](https://redirect.github.com/socketio/socket.io/commit/94e27cd072c8a4eeb9636f6ffbb7a21d382f36b0)) - remove x-sourcemap header ([a4dffc6](https://redirect.github.com/socketio/socket.io/commit/a4dffc6527f412d51a786ae5bf2e9080fe1ca63c)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.1.2...4.1.3 - Client release: [4.1.3](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.1.3) - engine.io version: `~5.1.0` - ws version: `~7.4.2` ### [`v4.1.2`](https://redirect.github.com/socketio/socket.io/releases/tag/4.1.2) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.1.1...4.1.2) ##### Bug Fixes - **typings:** ensure compatibility with TypeScript 3.x ([0cb6ac9](https://redirect.github.com/socketio/socket.io/commit/0cb6ac95b49a27483b6f1b6402fa54b35f82e36f)) - ensure compatibility with previous versions of the adapter ([a2cf248](https://redirect.github.com/socketio/socket.io/commit/a2cf2486c366cb62293101c10520c57f6984a3fc)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.1.1...4.1.2 - Client release: [4.1.2](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.1.2) - engine.io version: `~5.1.0` - ws version: `~7.4.2` ### [`v4.1.1`](https://redirect.github.com/socketio/socket.io/releases/tag/4.1.1) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.1.0...4.1.1) ##### Bug Fixes - **typings:** properly type server-side events ([b84ed1e](https://redirect.github.com/socketio/socket.io/commit/b84ed1e41c9053792caf58974c5de9395bfd509f)) - **typings:** properly type the adapter attribute ([891b187](https://redirect.github.com/socketio/socket.io/commit/891b1870e92d1ec38910f03bb839817e2d6be65a)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.1.0...4.1.1 - Client release: [4.1.1](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.1.1) - engine.io version: `~5.1.0` - ws version: `~7.4.2` ### [`v4.1.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.1.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.0.2...4.1.0) Blog post: https://socket.io/blog/socket-io-4-1-0/ ##### Features - add support for inter-server communication ([93cce05](https://redirect.github.com/socketio/socket.io/commit/93cce05fb3faf91f21fa71212275c776aa161107)) - notify upon namespace creation ([499c892](https://redirect.github.com/socketio/socket.io/commit/499c89250d2db1ab7725ab2b74840e188c267c46)) - add a "connection_error" event ([7096e98](https://redirect.github.com/socketio/engine.io/commit/7096e98a02295a62c8ea2aa56461d4875887092d), from `engine.io`) - add the "initial_headers" and "headers" events ([2527543](https://redirect.github.com/socketio/engine.io/commit/252754353a0e88eb036ebb3082e9d6a9a5f497db), from `engine.io`) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.0.2...4.1.0 - Client release: [4.1.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.1.0) - engine.io version: `~5.1.0` - ws version: `~7.4.2` ### [`v4.0.2`](https://redirect.github.com/socketio/socket.io/releases/tag/4.0.2) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.0.1...4.0.2) ##### Bug Fixes - **typings:** make "engine" attribute public ([b81ce4c](https://redirect.github.com/socketio/socket.io/commit/b81ce4c9d0b00666361498e2ba5e0d007d5860b8)) - properly export the Socket class ([d65b6ee](https://redirect.github.com/socketio/socket.io/commit/d65b6ee84c8e91deb61c3c1385eb19afa196a909)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.0.1...4.0.2 - Client release: [4.0.2](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.0.2) - engine.io version: `~5.0.0` - ws version: `~7.4.2` ### [`v4.0.1`](https://redirect.github.com/socketio/socket.io/releases/tag/4.0.1) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/4.0.0...4.0.1) ##### Bug Fixes - **typings:** add fallback to untyped event listener ([#​3834](https://redirect.github.com/socketio/socket.io/issues/3834)) ([a11152f](https://redirect.github.com/socketio/socket.io/commit/a11152f42b281df83409313962f60f230239c79e)) - **typings:** update return type from emit ([#​3843](https://redirect.github.com/socketio/socket.io/issues/3843)) ([1a72ae4](https://redirect.github.com/socketio/socket.io/commit/1a72ae4fe27a14cf60916f991a2c94da91d9e54a)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/4.0.0...4.0.1 - Client release: [4.0.1](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.0.1) - engine.io version: `~5.0.0` - ws version: `~7.4.2` ### [`v4.0.0`](https://redirect.github.com/socketio/socket.io/releases/tag/4.0.0) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/b574be703945453f94ddb96c74b3b84f2ceda5bd...4.0.0) Blog post: https://socket.io/blog/socket-io-4-release/ Migration guide: https://socket.io/docs/v3/migrating-from-3-x-to-4-0/ ##### Bug Fixes - make io.to(...) immutable ([ac9e8ca](https://redirect.github.com/socketio/socket.io/commit/ac9e8ca6c71e00d4af45ee03f590fe56f3951186)) ##### Features - add some utility methods ([b25495c](https://redirect.github.com/socketio/socket.io/commit/b25495c069031674da08e19aed68922c7c7a0e28)) - add support for typed events ([#​3822](https://redirect.github.com/socketio/socket.io/issues/3822)) ([0107510](https://redirect.github.com/socketio/socket.io/commit/0107510ba8a0f148c78029d8be8919b350feb633)) - allow to exclude specific rooms when broadcasting ([#​3789](https://redirect.github.com/socketio/socket.io/issues/3789)) ([7de2e87](https://redirect.github.com/socketio/socket.io/commit/7de2e87e888d849eb2dfc5e362af4c9e86044701)) - allow to pass an array to io.to(...) ([085d1de](https://redirect.github.com/socketio/socket.io/commit/085d1de9df909651de8b313cc6f9f253374b702e)) ##### BREAKING CHANGES - `io.to(...)` now returns an immutable operator Previously, broadcasting to a given room (by calling `io.to()`) would mutate the io instance, which could lead to surprising behaviors, like: ```js io.to("room1"); io.to("room2").emit(/* ... */); // also sent to room1 // or with async/await io.to("room3").emit("details", await fetchDetails()); // random behavior: maybe in room3, maybe to all clients ``` Calling `io.to()` (or any other broadcast modifier) will now return an immutable instance. ##### Links: - Diff: https://github.com/socketio/socket.io/compare/3.1.2...4.0.0 - Client release: [4.0.0](https://redirect.github.com/socketio/socket.io-client/releases/tag/4.0.0) - engine.io version: `~5.0.0` - ws version: `~7.4.2` ### [`v3.1.3`](https://redirect.github.com/socketio/socket.io/compare/3.1.2...b574be703945453f94ddb96c74b3b84f2ceda5bd) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/3.1.2...b574be703945453f94ddb96c74b3b84f2ceda5bd) ### [`v3.1.2`](https://redirect.github.com/socketio/socket.io/releases/tag/3.1.2) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/3.1.1...3.1.2) ##### Bug Fixes - ignore packets received after disconnection ([494c64e](https://redirect.github.com/socketio/socket.io/commit/494c64e44f645cbd24c645f1186d203789e84af0)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/3.1.1...3.1.2 - Client release: [3.1.2](https://redirect.github.com/socketio/socket.io-client/releases/tag/3.1.2) - engine.io version: `~4.1.0` - ws version: `~7.4.2` ### [`v3.1.1`](https://redirect.github.com/socketio/socket.io/releases/tag/3.1.1) [Compare Source](https://redirect.github.com/socketio/socket.io/compare/3.1.0...3.1.1) ##### Bug Fixes - properly parse the CONNECT packet in v2 compatibility mode ([6f4bd7f](https://redirect.github.com/socketio/socket.io/commit/6f4bd7f8e7c41a075a8014565330a77c38b03a8d)) - **typings:** add return types and general-case overload signatures ([#​3776](https://redirect.github.com/socketio/socket.io/issues/3776)) ([9e8f288](https://redirect.github.com/socketio/socket.io/commit/9e8f288ca9f14f91064b8d3cce5946f7d23d407c)) - **typings:** update the types of "query", "auth" and "headers" ([4f2e9a7](https://redirect.github.com/socketio/socket.io/commit/4f2e9a716d9835b550c8fd9a9b429ebf069c2895)) ##### Links: - Diff: https://github.com/socketio/socket.io/compare/3.1.0...3.1.1 - Client release: [3.1.1](https://redirect.github.com/socketio/socket.io-client/releases/tag/3.1.1) - engine.io version: `~4.1.0` - ws version: `~7.4.2`