Closed joelseq closed 5 years ago
upgrading to 2.x is a breaking change, iirc 1.x and 2.x are not compatible on the wire.
socket.io was pinned to this 1.3.7 here and the maintenance situation has not changed since then.
Upgrading to ^1.7.4 seems to work though
@fippo so would you recommend changing the version to ^1.7.4 in this PR?
yes please
Okay, I changed it to ^1.7.4. Should I also change it in signalmaster since by default npm will upgrade it to 2.x?
published as 3.0.2 -- i'll take care of signalmaster in a bit.
Thank you!
The current version has dependencies that have known security vulnerabilities. Doing a
npm audit fix --force
updates the version of socket.io-client to fix the problem.Such as:![image](https://user-images.githubusercontent.com/12389411/42671587-996d49e8-8615-11e8-9c51-813bf0ab2a12.png)