Bug: DoS vulnerability in ws dependency

facebook / react

The library for web and native user interfaces.

https://react.dev

MIT License

227.56k stars 46.42k forks source link

Bug: DoS vulnerability in ws dependency #29953

Open Dan-C-Reed opened 3 months ago

Dan-C-Reed commented 3 months ago

react-devtools-core has ws as a dependency and in release 8.17.1 ws have issued a fix to a DoS vulnerability (link). Would it be possible to upgrade to use this version of ws?

(Apologies if I have filed this in the incorrect place, but I was unclear on where these issues should be raised.)

React version: React DevTools 5.3.0

Steps To Reproduce

Link to code example:

Link

The current behavior

The expected behavior

github-actions[bot] commented 1 day ago

This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize it yet. If you have any new additional information, please include it with your comment!