CVE-2024-37890 was located in the ws package. They have patched this in the head of ws package, and backported it into the 7.x version list.
This PR Bumps ws to 7.5.10, which is the newest version of 7.x. Upon testing using npm test, 8.x versions were found to not work as there are breaking changes in the interface. However 7.5.10 passes the test suite.
CVE-2024-37890 was located in the ws package. They have patched this in the head of ws package, and backported it into the 7.x version list.
This PR Bumps ws to 7.5.10, which is the newest version of 7.x. Upon testing using npm test, 8.x versions were found to not work as there are breaking changes in the interface. However 7.5.10 passes the test suite.
Ref: issue #165