Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated ws dependency version to fix vulnerability #539

Merged
merged 2 commits into from
Feb 16, 2017
Merged

Updated ws dependency version to fix vulnerability #539

merged 2 commits into from
Feb 16, 2017

Conversation

paulrobello
Copy link
Contributor

The kind of change this PR does introduce

  • fix vulnerability

@sgress454
Copy link

@paulrobello version 2.0.3 of ws introduces some breaking changes, including dropping support for Node < 4. However, they just published ws v1.1.2, which includes a patch for the vulnerability. Updating this PR to use ws 1.1.2 would allow this module to continue supporting Node < 4.

@sgress454 sgress454 mentioned this pull request Feb 14, 2017
Merged
1 task
@pmuellr pmuellr mentioned this pull request Feb 16, 2017
Closed
5 tasks
@darrachequesne darrachequesne merged commit 144a7fd into socketio:master Feb 16, 2017
@darrachequesne
Copy link
Member

Thanks!

@darrachequesne darrachequesne mentioned this pull request Feb 16, 2017
Closed
2 tasks
@darrachequesne darrachequesne added this to the 2.0.2 milestone Feb 16, 2017
darrachequesne pushed a commit that referenced this pull request Feb 16, 2017
@paulrobello
[chore] Bump ws to version 1.1.2 (vulnerability fix) (#539)
16a57c2
sgress454 added a commit to sgress454/socket.io-client that referenced this pull request Feb 16, 2017
@sgress454
Bump engine.io-client to version 2.0.2
4c79a5f 
Includes the following (from engine.io-client changelog):

* [chore] Bump ws to version 1.1.2 (vulnerability fix) ([socketio#539](socketio/engine.io-client#539))
* [fix] Fix extraHeaders option in browser ([socketio#536](socketio/engine.io-client#536))
@sgress454 sgress454 mentioned this pull request Feb 16, 2017
Merged
5 tasks
darrachequesne pushed a commit to socketio/socket.io-client that referenced this pull request Feb 16, 2017
@sgress454 @darrachequesne
[chore] Bump engine.io-client to version 2.0.2 (#1074)
1ac8374 
Includes the following (from engine.io-client changelog):

* [chore] Bump ws to version 1.1.2 (vulnerability fix) ([#539](socketio/engine.io-client#539))
* [fix] Fix extraHeaders option in browser ([#536](socketio/engine.io-client#536))
enderson-pan pushed a commit to holytiny/feathersjs-wxmp-socket.io-client that referenced this pull request Nov 1, 2019
@sgress454
[chore] Bump engine.io-client to version 2.0.2 (#1074)
4babbdf 
Includes the following (from engine.io-client changelog):

* [chore] Bump ws to version 1.1.2 (vulnerability fix) ([#539](socketio/engine.io-client#539))
* [fix] Fix extraHeaders option in browser ([#536](socketio/engine.io-client#536))
sunrise30 added a commit to sunrise30/socket.io-client that referenced this pull request Jan 8, 2022
@sunrise30
[chore] Bump engine.io-client to version 2.0.2 (#1074)
e6ecfa8 
Includes the following (from engine.io-client changelog):

* [chore] Bump ws to version 1.1.2 (vulnerability fix) ([#539](socketio/engine.io-client#539))
* [fix] Fix extraHeaders option in browser ([#536](socketio/engine.io-client#536))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.0.2
Development

Successfully merging this pull request may close these issues.
3 participants
@paulrobello @sgress454 @darrachequesne