Closed renovate[bot] closed 3 years ago
This PR contains the following updates:
~1.3.7
~1.7.4
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
:date: Schedule: "" in timezone America/Lima.
:vertical_traffic_light: Automerge: Enabled.
:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.
This PR contains the following updates:
~1.3.7->~1.7.4GitHub Vulnerability Alerts
CVE-2020-28481
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
Release Notes
socketio/socket.io
### [`v1.7.4`](https://togithub.com/socketio/socket.io/releases/1.7.4) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.7.3...1.7.4) - [chore] Bump engine.io to version 1.8.4 ### [`v1.7.3`](https://togithub.com/socketio/socket.io/releases/1.7.3) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.7.2...1.7.3) - [chore] Bump engine.io-client to version 1.8.3 ### [`v1.7.2`](https://togithub.com/socketio/socket.io/releases/1.7.2) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.7.1...1.7.2) - [chore] Bump engine.io to version 1.8.2 ([#2782](https://togithub.com/socketio/socket.io/issues/2782)) - [fix] Fixes socket.use error packet ([#2772](https://togithub.com/socketio/socket.io/issues/2772)) ### [`v1.7.1`](https://togithub.com/socketio/socket.io/releases/1.7.1) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.7.0...1.7.1) (following `socket.io-client` update) ### [`v1.7.0`](https://togithub.com/socketio/socket.io/releases/1.7.0) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.6.0...1.7.0) - [docs] Comment connected socket availability for adapters ([#2081](https://togithub.com/socketio/socket.io/issues/2081)) - [docs] Fixed grammar issues in the README.md ([#2159](https://togithub.com/socketio/socket.io/issues/2159)) - [feature] serve sourcemap for socket.io-client ([#2482](https://togithub.com/socketio/socket.io/issues/2482)) - [feature] Add a `local` flag ([#2628](https://togithub.com/socketio/socket.io/issues/2628)) - [chore] Bump engine.io to version 1.8.1 ([#2765](https://togithub.com/socketio/socket.io/issues/2765)) - [chore] Update client location and serve minified file ([#2766](https://togithub.com/socketio/socket.io/issues/2766)) ### [`v1.6.0`](https://togithub.com/socketio/socket.io/releases/1.6.0) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.5.1...1.6.0) - [fix] Make ETag header comply with standard. ([#2603](https://togithub.com/socketio/socket.io/issues/2603)) - [feature] Loading client script on demand. ([#2567](https://togithub.com/socketio/socket.io/issues/2567)) - [test] Fix leaking clientSocket ([#2721](https://togithub.com/socketio/socket.io/issues/2721)) - [feature] Add support for all event emitter methods ([#2601](https://togithub.com/socketio/socket.io/issues/2601)) - [chore] Update year to 2016 ([#2456](https://togithub.com/socketio/socket.io/issues/2456)) - [feature] Add support for socket middleware ([#2306](https://togithub.com/socketio/socket.io/issues/2306)) - [feature] add support for Server#close(callback) ([#2748](https://togithub.com/socketio/socket.io/issues/2748)) - [fix] Don't drop query variables on handshake ([#2745](https://togithub.com/socketio/socket.io/issues/2745)) - [example] Add disconnection/reconnection logs to the chat example ([#2675](https://togithub.com/socketio/socket.io/issues/2675)) - [perf] Minor code optimizations ([#2219](https://togithub.com/socketio/socket.io/issues/2219)) - [chore] Bump debug to version 2.3.3 ([#2754](https://togithub.com/socketio/socket.io/issues/2754)) - [chore] Bump engine.io to version 1.8.0 ([#2755](https://togithub.com/socketio/socket.io/issues/2755)) - [chore] Bump socket.io-adapter to version 0.5.0 ([#2756](https://togithub.com/socketio/socket.io/issues/2756)) ### [`v1.5.1`](https://togithub.com/socketio/socket.io/releases/1.5.1) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.5.0...1.5.1) - [fix] Avoid swallowing exceptions thrown by user event handlers ([#2682](https://togithub.com/socketio/socket.io/issues/2682)) - [test] Use client function to unify `client` in test script ([#2731](https://togithub.com/socketio/socket.io/issues/2731)) - [docs] Add link to LICENSE ([#2221](https://togithub.com/socketio/socket.io/issues/2221)) - [docs] Fix JSDoc of optional parameters ([#2465](https://togithub.com/socketio/socket.io/issues/2465)) - [docs] Fix typo ([#2724](https://togithub.com/socketio/socket.io/issues/2724)) - [docs] Link readme npm package badge to npm registry page ([#2612](https://togithub.com/socketio/socket.io/issues/2612)) - [docs] Minor fixes ([#2526](https://togithub.com/socketio/socket.io/issues/2526)) - [chore] Bump socket.io-parser to 2.3.0 ([#2730](https://togithub.com/socketio/socket.io/issues/2730)) - [chore] Add Github issue and PR templates ([#2733](https://togithub.com/socketio/socket.io/issues/2733)) - [chore] Bump engine.io to 1.7.2 ([#2729](https://togithub.com/socketio/socket.io/issues/2729)) - [chore] Bump socket.io-parser to 2.3.1 ([#2734](https://togithub.com/socketio/socket.io/issues/2734)) ### [`v1.5.0`](https://togithub.com/socketio/socket.io/releases/1.5.0) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.8...1.5.0) - [feature] stop append /# before id when no namespace ([#2509](https://togithub.com/socketio/socket.io/issues/2509)) - [feature] Add a 'disconnecting' event to access to socket.rooms upon disconnection ([#2332](https://togithub.com/socketio/socket.io/issues/2332)) - [fix] Fix query string management ([#2422](https://togithub.com/socketio/socket.io/issues/2422)) - [fix] add quote to exec paths, prevent error when spaces in path ([#2508](https://togithub.com/socketio/socket.io/issues/2508)) - [docs] Prevent mixup for new programmers ([#2599](https://togithub.com/socketio/socket.io/issues/2599)) - [example] Fix chat display in Firefox ([#2477](https://togithub.com/socketio/socket.io/issues/2477)) - [chore] Add gulp & babel in the build process ([#2471](https://togithub.com/socketio/socket.io/issues/2471)) - [chore] Bump engine.io to 1.7.0 ([#2707](https://togithub.com/socketio/socket.io/issues/2707)) - [chore] Remove unused zuul-ngrok dependency ([#2708](https://togithub.com/socketio/socket.io/issues/2708)) - [chore] Point towards current master of socket.io-client ([#2710](https://togithub.com/socketio/socket.io/issues/2710)) - [chore] Restrict files included in npm package ([#2709](https://togithub.com/socketio/socket.io/issues/2709)) - [chore] Link build badge to master branch ([#2549](https://togithub.com/socketio/socket.io/issues/2549)) ### [`v1.4.8`](https://togithub.com/socketio/socket.io/compare/1.4.7...1.4.8) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.7...1.4.8) ### [`v1.4.7`](https://togithub.com/socketio/socket.io/compare/1.4.6...1.4.7) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.6...1.4.7) ### [`v1.4.6`](https://togithub.com/socketio/socket.io/compare/1.4.5...1.4.6) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.5...1.4.6) ### [`v1.4.5`](https://togithub.com/socketio/socket.io/compare/1.4.4...1.4.5) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.4...1.4.5) ### [`v1.4.4`](https://togithub.com/socketio/socket.io/compare/1.4.3...1.4.4) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.3...1.4.4) ### [`v1.4.3`](https://togithub.com/socketio/socket.io/compare/1.4.2...1.4.3) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.2...1.4.3) ### [`v1.4.2`](https://togithub.com/socketio/socket.io/compare/1.4.1...1.4.2) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.1...1.4.2) ### [`v1.4.1`](https://togithub.com/socketio/socket.io/compare/1.4.0...1.4.1) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.4.0...1.4.1) ### [`v1.4.0`](https://togithub.com/socketio/socket.io/compare/1.3.7...1.4.0) [Compare Source](https://togithub.com/socketio/socket.io/compare/1.3.7...1.4.0)Configuration
:date: Schedule: "" in timezone America/Lima.
:vertical_traffic_light: Automerge: Enabled.
:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.