• Upgraded socket.io from 2.2.0 to 2.4.1 to resolve deprecation warning
v2.0.0
• Upgraded machinepack-redis to resolve vulnerability/deprecation warnings (note this includes a major version bump of redis, the Redis client library)
• Upgraded machinepack-urls to resolve vulnerability/deprecation warnings
• Upgraded socket.io from 2.0.3 to 2.2.0 to resolve deprecation warning
Upgraded socket.io from 2.2.0 to 2.4.1 to resolve deprecation warning
2.0.0
Upgraded machinepack-redis to resolve vulnerability/deprecation warnings (note this includes a major version bump of redis, the Redis client library)
Upgraded machinepack-urls to resolve vulnerability/deprecation warnings
Upgraded socket.io from 2.0.3 to 2.2.0 to resolve deprecation warning
1.1.0
[UPGRADE] Update socket.io dependency to version 1.5.1.
[ENHANCEMENT] Add validation for db option. Thanks bberry6! #9
[ENHANCEMENT] Add onlyAllowOrigins config to restrict the origins allowed to connect to the socket server. 9450c96
1.0.1
[BUGFIX] Made maxHttpBufferSize actually work by passing through to the underlying adapter. f5bf545
[DEPRECATION] Deprecated maxBufferSize option in favor of maxHttpBufferSize. f5bf545
[ENHANCEMENT] Make "websocket" the default transport. This is better supported by more clients than the "polling-first" method. The relevant changes have been made in sails.io.js as well. 8135ada
This version was pushed to npm by eashaw, a new releaser for sails-hook-sockets since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/the-chain/airmedfoundation-terminal/network/alerts).
dependabot[bot]
commented
1 year ago
Bumps socket.io-parser to 3.4.1 and updates ancestor dependency sails-hook-sockets. These dependencies need to be updated together.
Updates
socket.io-parserfrom 3.1.3 to 3.4.1Release notes
Sourced from socket.io-parser's releases.
... (truncated)
Changelog
Sourced from socket.io-parser's changelog.
Commits
a8130cechore: release 3.4.1dcb942dfix: prevent DoS (OOM) via massive packets (#95)a5d0435test: transpile to es5 with babelify652402a[chore] Release 3.4.09b3572e[chore] Bump debug to version 4.1.0 (#92)de1fd36[docs] Fix incorrect socket.io-protocol version in Readme (#89)0de72b9[chore] Release 3.3.0b47efb2[fix] Remove any reference to theglobalvariabled95e38f[chore] Update the Makefileb57e063[test] Update travis configurationUpdates
sails-hook-socketsfrom 1.5.5 to 2.0.3Release notes
Sourced from sails-hook-sockets's releases.
Changelog
Sourced from sails-hook-sockets's changelog.
... (truncated)
Commits
27dc9c12.0.31eb301aUpdate package.json (#48)042cf052.0.2e90e39eUpgrade socket.io depdenency (#47)928e865Upgrading to socket.io v2.4.1 (#44)9d65f62Upgrading to socket.io v2.4.1 to fix vulnerability (#43)bade0f72.0.064d08ac2.0.0-04e1fb5bMerge pull request #41 from balderdashy/upgradesfd20a5fJust pass in the full URL for sendHttpRequestMaintainer changes
This version was pushed to npm by eashaw, a new releaser for sails-hook-sockets since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/the-chain/airmedfoundation-terminal/network/alerts).