From 2f9643895207a95e4ee836b6d813163f52036bb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Szegedi=20=C3=81d=C3=A1m?= Date: Tue, 25 Jan 2022 21:18:18 +0000 Subject: [PATCH] chore: bump engine.io version to fix CVE-2022-21676 (#4262) Related: https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f --- package-lock.json | 12 ++++++------ package.json | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index d02f171490..84a26754f6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -442,9 +442,9 @@ "dev": true }, "@types/node": { - "version": "16.11.7", - "resolved": "https://registry.npmjs.org/@types/node/-/node-16.11.7.tgz", - "integrity": "sha512-QB5D2sqfSjCmTuWcBWyJ+/44bcjO7VbjSbOE0ucoVbAsSNQc4Lt6QkgkVXkTDwkL4z/beecZNDvVX15D4P8Jbw==" + "version": "17.0.12", + "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.12.tgz", + "integrity": "sha512-4YpbAsnJXWYK/fpTVFlMIcUIho2AYCi4wg5aNPrG1ng7fn/1/RZfCIpRCiBX+12RVa34RluilnvCqD+g3KiSiA==" }, "@types/normalize-package-data": { "version": "2.4.0", @@ -863,9 +863,9 @@ "dev": true }, "engine.io": { - "version": "6.1.0", - "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.1.0.tgz", - "integrity": "sha512-ErhZOVu2xweCjEfYcTdkCnEYUiZgkAcBBAhW4jbIvNG8SLU3orAqoJCiytZjYF7eTpVmmCrLDjLIEaPlUAs1uw==", + "version": "6.1.2", + "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.1.2.tgz", + "integrity": "sha512-v/7eGHxPvO2AWsksyx2PUsQvBafuvqs0jJJQ0FdmJG1b9qIvgSbqDRGwNhfk2XHaTTbTXiC4quRE8Q9nRjsrQQ==", "requires": { "@types/cookie": "^0.4.1", "@types/cors": "^2.8.12", diff --git a/package.json b/package.json index 14e868c355..3f186c00aa 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "accepts": "~1.3.4", "base64id": "~2.0.0", "debug": "~4.3.2", - "engine.io": "~6.1.0", + "engine.io": "~6.1.2", "socket.io-adapter": "~2.3.3", "socket.io-parser": "~4.0.4" },