gorilla/websocket
### [`v1.4.2`](https://togithub.com/gorilla/websocket/releases/v1.4.2)
[Compare Source](https://togithub.com/gorilla/websocket/compare/v1.4.1...v1.4.2)
`v1.4.2` is a minor maintenance release, with minor fixes to examples, documentation, and internals.
> Note: We are still looking for proactive maintainer(s) and issue triagers. Thanks to all who contributed to this release with either PRs or reviews - especially [@srybacki](https://togithub.com/srybacki) for the ongoing efforts here.
>
> #### CHANGELOG
>
> - build: clean up go.sum ([#584](https://togithub.com/gorilla/websocket/issues/584)) [@elithrar](https://togithub.com/elithrar)
> - Fix typo. ([#568](https://togithub.com/gorilla/websocket/issues/568)) [@jongillham](https://togithub.com/jongillham)
> - Duration order consistency when multiplying number by time unit ([#570](https://togithub.com/gorilla/websocket/issues/570)) [@maxifom](https://togithub.com/maxifom)
> - echo example: handle received messages as text, not HTML ([#563](https://togithub.com/gorilla/websocket/issues/563)) [@srybacki](https://togithub.com/srybacki)
> - Use empty struct to protect writing ([#566](https://togithub.com/gorilla/websocket/issues/566)) [@ferhatelmas](https://togithub.com/ferhatelmas)
> - input autofocus ([#564](https://togithub.com/gorilla/websocket/issues/564)) [@codenoid](https://togithub.com/codenoid)
> - Fix a couple of small typos ([#567](https://togithub.com/gorilla/websocket/issues/567)) [@johnernaut](https://togithub.com/johnernaut)
> - minor typo ([#583](https://togithub.com/gorilla/websocket/issues/583)) [@dbaker-rh](https://togithub.com/dbaker-rh)
> - Changed the link of API references to pkg.go.dev ([#577](https://togithub.com/gorilla/websocket/issues/577)) [@thearyanahmed](https://togithub.com/thearyanahmed)
### [`v1.4.1`](https://togithub.com/gorilla/websocket/releases/v1.4.1)
[Compare Source](https://togithub.com/gorilla/websocket/compare/v1.4.0...v1.4.1)
#### Notable Changes
⚠️ **This release fixes a potential denial-of-service (DoS) vector in gorilla/websocket, and we recommend that all users upgrade to this version (v1.4.1) or later**
The vulnerability could allow an attacker to consume excessive amounts of memory on the server by bypassing read limits, and potentially cause the server to go out-of-memory (OOM).
See the published [security advisory](https://togithub.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh) for more details.
Credit to Max Justicz () for discovering and reporting this, as well as providing a robust PoC and review.
#### CHANGELOG
[`c3e18be`](https://togithub.com/gorilla/websocket/commit/c3e18be) Create release-drafter.yml ([#538](https://togithub.com/gorilla/websocket/issues/538))
[`5b740c2`](https://togithub.com/gorilla/websocket/commit/5b740c2) Read Limit Fix ([#537](https://togithub.com/gorilla/websocket/issues/537))
[`7e9819d`](https://togithub.com/gorilla/websocket/commit/7e9819d) fix typos ([#532](https://togithub.com/gorilla/websocket/issues/532))
[`ae1634f`](https://togithub.com/gorilla/websocket/commit/ae1634f) Create CircleCI config.yml ([#519](https://togithub.com/gorilla/websocket/issues/519))
[`80c2d40`](https://togithub.com/gorilla/websocket/commit/80c2d40) fix autobahn test suite link ([#503](https://togithub.com/gorilla/websocket/issues/503))
[`6a67f44`](https://togithub.com/gorilla/websocket/commit/6a67f44) remove redundant err!=nil check in conn.go Close method ([#505](https://togithub.com/gorilla/websocket/issues/505))
[`0ec3d1b`](https://togithub.com/gorilla/websocket/commit/0ec3d1b) Fix typo
[`856ca61`](https://togithub.com/gorilla/websocket/commit/856ca61) Add buffer commentary
[`7c8e298`](https://togithub.com/gorilla/websocket/commit/7c8e298) Add support for go-module
[`8ab6030`](https://togithub.com/gorilla/websocket/commit/8ab6030) Add JoinMessages
[`95ba29e`](https://togithub.com/gorilla/websocket/commit/95ba29e) Updated autobahn test suite URL
[`483fb8d`](https://togithub.com/gorilla/websocket/commit/483fb8d) Add "in bytes" to sizes in documentation
[`76e4896`](https://togithub.com/gorilla/websocket/commit/76e4896) Fix formatting problem in the docs. ([#435](https://togithub.com/gorilla/websocket/issues/435))
[`a51a35a`](https://togithub.com/gorilla/websocket/commit/a51a35a) Improve header parsing code
[`3130e8d`](https://togithub.com/gorilla/websocket/commit/3130e8d) Return write buffer to pool on write error ([#427](https://togithub.com/gorilla/websocket/issues/427))
[`cdd40f5`](https://togithub.com/gorilla/websocket/commit/cdd40f5) Add comprehensive host test ([#429](https://togithub.com/gorilla/websocket/issues/429))
Renovate configuration
:date: Schedule: At any time (no schedule defined).
:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.
:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v1.4.0->v1.4.2Release Notes
gorilla/websocket
### [`v1.4.2`](https://togithub.com/gorilla/websocket/releases/v1.4.2) [Compare Source](https://togithub.com/gorilla/websocket/compare/v1.4.1...v1.4.2) `v1.4.2` is a minor maintenance release, with minor fixes to examples, documentation, and internals. > Note: We are still looking for proactive maintainer(s) and issue triagers. Thanks to all who contributed to this release with either PRs or reviews - especially [@srybacki](https://togithub.com/srybacki) for the ongoing efforts here. > > #### CHANGELOG > > - build: clean up go.sum ([#584](https://togithub.com/gorilla/websocket/issues/584)) [@elithrar](https://togithub.com/elithrar) > - Fix typo. ([#568](https://togithub.com/gorilla/websocket/issues/568)) [@jongillham](https://togithub.com/jongillham) > - Duration order consistency when multiplying number by time unit ([#570](https://togithub.com/gorilla/websocket/issues/570)) [@maxifom](https://togithub.com/maxifom) > - echo example: handle received messages as text, not HTML ([#563](https://togithub.com/gorilla/websocket/issues/563)) [@srybacki](https://togithub.com/srybacki) > - Use empty struct to protect writing ([#566](https://togithub.com/gorilla/websocket/issues/566)) [@ferhatelmas](https://togithub.com/ferhatelmas) > - input autofocus ([#564](https://togithub.com/gorilla/websocket/issues/564)) [@codenoid](https://togithub.com/codenoid) > - Fix a couple of small typos ([#567](https://togithub.com/gorilla/websocket/issues/567)) [@johnernaut](https://togithub.com/johnernaut) > - minor typo ([#583](https://togithub.com/gorilla/websocket/issues/583)) [@dbaker-rh](https://togithub.com/dbaker-rh) > - Changed the link of API references to pkg.go.dev ([#577](https://togithub.com/gorilla/websocket/issues/577)) [@thearyanahmed](https://togithub.com/thearyanahmed) ### [`v1.4.1`](https://togithub.com/gorilla/websocket/releases/v1.4.1) [Compare Source](https://togithub.com/gorilla/websocket/compare/v1.4.0...v1.4.1) #### Notable Changes ⚠️ **This release fixes a potential denial-of-service (DoS) vector in gorilla/websocket, and we recommend that all users upgrade to this version (v1.4.1) or later** The vulnerability could allow an attacker to consume excessive amounts of memory on the server by bypassing read limits, and potentially cause the server to go out-of-memory (OOM). See the published [security advisory](https://togithub.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh) for more details. Credit to Max Justicz (Renovate configuration
:date: Schedule: At any time (no schedule defined).
:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.
:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.