Open bcsnyk opened 6 months ago
Added in 5fc88a6.
By default, the ESM build does not include the debug package in the browser environments, because it increases the bundle size (see 16b6569).
Which means that, unfortunately, debug logs are not available in the devtools console, even when setting the localStorage.debug = ... attribute.
You can now import the build which includes the debug packages with a conditional import. Example with vite:
<div class="highlight highlight-source-js notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="import { defineConfig } from 'vite' import react from '@ vitejs/plugin-react'
export default defineConfig({ plugins: [react()], server: { port: 4000 }, resolve: { conditions: ["development"] } })">
import { defineConfig } from 'vite' import react from '@ vitejs/plugin-react'export default defineConfig({ plugins: [react()], server: { port: 4000 }, resolve: { conditions: ["development"] } })
Reference: https://v2.vitejs.dev/config/#resolve-conditions
Added in 781d753.
~6.5.0 (diff)~8.11.0 (no change) </li>
<li>
<b>4.6.2</b> - <a href="https://snyk.io/redirect/github/socketio/socket.io-client/releases/tag/4.6.2">2023-05-31</a></br><h3>Bug Fixes</h3>~6.4.0 (no change)~8.11.0 (no change) </li>
</ul>
from <a href="https://snyk.io/redirect/github/socketio/socket.io-client/releases">socket.io-client GitHub release notes</a>
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade socket.io-client from 4.6.2 to 4.7.5.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **6 versions** ahead of your current version. - The recommended version was released **a month ago**, on 2024-03-14.
Release notes
Package name: socket.io-client
Bug Fixes
Links
engine.io-client@~6.5.2(no change)ws@~8.11.0(no change)There were some minor bug fixes on the server side, which mandate a client bump.
Links
engine.io-client@~6.5.2(no change)ws@~8.11.0(no change)Links
engine.io-client@~6.5.2(no change)ws@~8.11.0(no change)Links
engine.io-client@~6.5.2(diff)ws@~8.11.0(no change)Links
engine.io-client@~6.5.1(diff)ws@~8.11.0(no change)Features
Support for WebTransport
The Engine.IO client can now use WebTransport as the underlying transport.
WebTransport is a web API that uses the HTTP/3 protocol as a bidirectional transport. It's intended for two-way communications between a web client and an HTTP/3 server.
References:
For Node.js clients: until WebTransport support lands in Node.js, you can use the
@ fails-components/webtransportpackage:<div class="highlight highlight-source-js notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="import { WebTransport } from "@ fails-components/webtransport";
global.WebTransport = WebTransport;">
Added in 7195c0f.
Cookie management for the Node.js client
When setting the
withCredentialsoption totrue, the Node.js client will now include the cookies in the HTTP requests, making it easier to use it with cookie-based sticky sessions.<div class="highlight highlight-source-js notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="import { io } from "socket.io-client";
const socket = io("https://example.com", { withCredentials: true });">