{"id":7727,"name":"socket.io-parser","ecosystem":"maven","repository_url":null,"issues_count":587,"created_at":"2025-06-06T22:14:18.553Z","updated_at":"2025-06-06T22:14:18.553Z","purl":"pkg:maven/socket.io-parser","unique_repositories_count":504,"unique_repositories_count_past_30_days":0,"recent_issues":[{"uuid":"2370008334","node_id":"PR_kwDOFM2Vms5zWth4","number":95,"state":"closed","title":"Bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-17T16:56:26.000Z","author_association":"NONE","state_reason":null,"created_at":"2024-06-24T11:34:05.000Z","updated_at":"2025-07-17T16:56:28.000Z","time_to_close":33542541,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"4.0.5","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"4.5.0","new_version":"4.7.5"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.\nUpdates `socket.io-parser` from 4.0.5 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.5...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.0 to 4.7.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.5\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.4...4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.5\"\u003e4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.3...4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.4\"\u003e4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.2...4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.3\"\u003e4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003e4.7.5\u003c/a\u003e (2024-03-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003e4.7.4\u003c/a\u003e (2024-01-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003e4.7.3\u003c/a\u003e (2024-01-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50176812a1f815b779cf8936996b06e559122620\"\u003e\u003ccode\u003e5017681\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003e\u003ccode\u003ebf64870\u003c/code\u003e\u003c/a\u003e fix: close the adapters when the server is closed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/748e18c22eeefceb4030c8f8e5e9e9c342b05982\"\u003e\u003ccode\u003e748e18c\u003c/code\u003e\u003c/a\u003e ci: test with older TypeScript version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b9ce6a25d1f99368fe21fdc0308213fa1831e450\"\u003e\u003ccode\u003eb9ce6a2\u003c/code\u003e\u003c/a\u003e refactor: create specific adapter for parent namespaces (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4950\"\u003e#4950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/54dabe5bffeb705fd006729725dd2fa194f70ecf\"\u003e\u003ccode\u003e54dabe5\u003c/code\u003e\u003c/a\u003e ci: upgrade to actions/checkout@4 and actions/setup-node@4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003e\u003ccode\u003ee426f3e\u003c/code\u003e\u003c/a\u003e fix: remove duplicate pipeline when serving bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e36062ca2df0b1a4adcf986bafc3fd92675d3896\"\u003e\u003ccode\u003ee36062c\u003c/code\u003e\u003c/a\u003e docs: update the webtransport example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0bbe8aec77a0ed5576d8e4fa7379ab1f1a6fdb05\"\u003e\u003ccode\u003e0bbe8ae\u003c/code\u003e\u003c/a\u003e docs: only execute the passport middleware once\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/914a8bd2b97f559a666ede08df8610cfe05e9cda\"\u003e\u003ccode\u003e914a8bd\u003c/code\u003e\u003c/a\u003e docs: add example with JWT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d943c3e0b0b6af1df544a6d26e09dbc8243f4d90\"\u003e\u003ccode\u003ed943c3e\u003c/code\u003e\u003c/a\u003e docs: update the Passport.js example\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.0...4.7.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DiceTechnology/hls.js/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/DiceTechnology/hls.js/pull/95","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DiceTechnology%2Fhls.js/issues/95","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/95/packages"},{"uuid":"1894785849","node_id":"PR_kwDOAX7jOM5w8CM5","number":1,"state":"closed","title":"Bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-08T02:20:17.000Z","author_association":"NONE","state_reason":null,"created_at":"2024-05-29T21:46:00.000Z","updated_at":"2025-07-08T02:20:17.000Z","time_to_close":34922057,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"2.2.2","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"1.2.0","new_version":"4.7.5"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [socket.io](https://github.com/socketio/socket.io). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 2.2.2 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/2.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~darrachequesne\"\u003edarrachequesne\u003c/a\u003e, a new releaser for socket.io-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 1.2.0 to 4.7.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.5\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.4...4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.5\"\u003e4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.3...4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.4\"\u003e4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.2...4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.3\"\u003e4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003e4.7.5\u003c/a\u003e (2024-03-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003e4.7.4\u003c/a\u003e (2024-01-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003e4.7.3\u003c/a\u003e (2024-01-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50176812a1f815b779cf8936996b06e559122620\"\u003e\u003ccode\u003e5017681\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003e\u003ccode\u003ebf64870\u003c/code\u003e\u003c/a\u003e fix: close the adapters when the server is closed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/748e18c22eeefceb4030c8f8e5e9e9c342b05982\"\u003e\u003ccode\u003e748e18c\u003c/code\u003e\u003c/a\u003e ci: test with older TypeScript version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b9ce6a25d1f99368fe21fdc0308213fa1831e450\"\u003e\u003ccode\u003eb9ce6a2\u003c/code\u003e\u003c/a\u003e refactor: create specific adapter for parent namespaces (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4950\"\u003e#4950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/54dabe5bffeb705fd006729725dd2fa194f70ecf\"\u003e\u003ccode\u003e54dabe5\u003c/code\u003e\u003c/a\u003e ci: upgrade to actions/checkout@4 and actions/setup-node@4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003e\u003ccode\u003ee426f3e\u003c/code\u003e\u003c/a\u003e fix: remove duplicate pipeline when serving bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e36062ca2df0b1a4adcf986bafc3fd92675d3896\"\u003e\u003ccode\u003ee36062c\u003c/code\u003e\u003c/a\u003e docs: update the webtransport example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0bbe8aec77a0ed5576d8e4fa7379ab1f1a6fdb05\"\u003e\u003ccode\u003e0bbe8ae\u003c/code\u003e\u003c/a\u003e docs: only execute the passport middleware once\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/914a8bd2b97f559a666ede08df8610cfe05e9cda\"\u003e\u003ccode\u003e914a8bd\u003c/code\u003e\u003c/a\u003e docs: add example with JWT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d943c3e0b0b6af1df544a6d26e09dbc8243f4d90\"\u003e\u003ccode\u003ed943c3e\u003c/code\u003e\u003c/a\u003e docs: update the Passport.js example\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/1.2.0...4.7.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~darrachequesne\"\u003edarrachequesne\u003c/a\u003e, a new releaser for socket.io since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/d08ble/livecomment/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/d08ble/livecomment/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/d08ble%2Flivecomment/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2222124398","node_id":"PR_kwDOLpI2Es5rhhuh","number":2,"state":"closed","title":"Bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-01-01T10:14:16.000Z","author_association":null,"state_reason":null,"created_at":"2024-04-03T07:28:26.000Z","updated_at":"2026-01-01T10:14:17.000Z","time_to_close":55133150,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/q1blue/metalsmith-netlify-alchemy/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/q1blue/metalsmith-netlify-alchemy/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/q1blue%2Fmetalsmith-netlify-alchemy/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"1787662590","node_id":"PR_kwDOAWh_D85qjZD-","number":20,"state":"closed","title":"Bump socket.io-parser from 3.4.2 to 3.4.3 in /slides/old","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-03T02:20:07.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2024-03-23T05:06:03.000Z","updated_at":"2025-07-03T02:20:07.000Z","time_to_close":40338844,"merged_at":"2025-07-03T02:20:07.000Z","merged_by":"kiang","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.4.2","new_version":"3.4.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":"/slides/old","ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.4.2 to 3.4.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/060339a206268d8860d82aa3c0766e867ce5bb8a\"\u003e\u003ccode\u003e060339a\u003c/code\u003e\u003c/a\u003e chore(release): 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e\u003ccode\u003e2dc3c92\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.2\u0026new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kiang/kiang.github.io/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/kiang/kiang.github.io/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiang%2Fkiang.github.io/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"},{"uuid":"2011330900","node_id":"PR_kwDOH4E5Ks5gY4tw","number":3,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-10-31T18:08:41.000Z","author_association":null,"state_reason":null,"created_at":"2023-11-27T01:36:06.000Z","updated_at":"2025-10-31T18:08:50.000Z","time_to_close":60885155,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Buckley-Sitzman-LLP/buckley-sitzman-com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Buckley-Sitzman-LLP/buckley-sitzman-com/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Buckley-Sitzman-LLP%2Fbuckley-sitzman-com/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"1593009718","node_id":"PR_kwDOKrCH_M5e82Y2","number":3,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-05-22T22:45:10.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-11-08T17:04:50.000Z","updated_at":"2025-05-22T22:45:10.000Z","time_to_close":48490820,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AnikHaque/devhive-Client/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AnikHaque/devhive-Client/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AnikHaque%2Fdevhive-Client/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"1573689329","node_id":"PR_kwDODw6WJ85dzJfx","number":27,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-04T18:51:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-10-25T21:33:23.000Z","updated_at":"2025-06-04T18:51:10.000Z","time_to_close":50793467,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/andredonati/andredonati5.github.io/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/andredonati/andredonati5.github.io/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/andredonati%2Fandredonati5.github.io/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"},{"uuid":"1531557435","node_id":"PR_kwDOFisdCs5bSbY7","number":23,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3 in /archive","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-16T08:00:54.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-09-27T02:20:09.000Z","updated_at":"2025-06-16T08:00:54.000Z","time_to_close":54279645,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":"/archive","ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/IamMrCupp/mrcupp-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/IamMrCupp/mrcupp-project/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamMrCupp%2Fmrcupp-project/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"},{"uuid":"1506815024","node_id":"PR_kwDOELN9Ac5Z0Cww","number":7,"state":"closed","title":"Bump socket.io-parser from 3.3.0 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-05-12T18:48:35.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-07T19:38:26.000Z","updated_at":"2025-05-12T18:48:35.000Z","time_to_close":52960209,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.0","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.0 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/Automattic/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e) (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e89197a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.1\u003c/h2\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b0a3925fd9f765228e5d06e4a0cc90d81a60d0e\"\u003e\u003ccode\u003e3b0a392\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e\u003ccode\u003e89197a0\u003c/code\u003e\u003c/a\u003e fix: prevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/25ca624b0d9eddc54a0dbaecc535cdf400722169\"\u003e\u003ccode\u003e25ca624\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b51b39b78d85841a5659778917f240d407fdbce1\"\u003e\u003ccode\u003eb51b39b\u003c/code\u003e\u003c/a\u003e test: use Node.js 10 for the browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/4184e465344c7ebd1d586e35a53bfad1ab5cfcea\"\u003e\u003ccode\u003e4184e46\u003c/code\u003e\u003c/a\u003e chore: bump component-emitter dependency\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.0\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/digitalocean/sample-gatsby/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/digitalocean/sample-gatsby/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalocean%2Fsample-gatsby/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"1880928487","node_id":"PR_kwDODThfC85ZhQCp","number":5,"state":"closed","title":"Bump socket.io-parser and karma","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T06:30:23.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T22:38:59.000Z","updated_at":"2025-06-24T06:30:23.000Z","time_to_close":56879484,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"3.2.0","new_version":"4.2.4"},{"name":"karma","repository_url":"https://github.com/karma-runner/karma","old_version":"3.1.4","new_version":"6.4.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [karma](https://github.com/karma-runner/karma). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 3.2.0 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.2.0...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `karma` from 3.1.4 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/releases\"\u003ekarma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.20\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.19\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.18\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/blob/master/CHANGELOG.md\"\u003ekarma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.16...v6.3.17\"\u003e6.3.17\u003c/a\u003e (2022-02-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update colors to maintained version (\u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3763\"\u003e#3763\u003c/a\u003e) (\u003ca href=\"https://github.com/karma-runner/karma/commit/fca18843e7a04eeb67b86cb3cfc3db794d66f445\"\u003efca1884\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/9de3c00988884335775de746eb8571697a86410b\"\u003e\u003ccode\u003e9de3c00\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003e\u003ccode\u003ec6a4271\u003c/code\u003e\u003c/a\u003e fix: few typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/50f963551fbccf669c8d42499d0406ded2ec6176\"\u003e\u003ccode\u003e50f9635\u003c/code\u003e\u003c/a\u003e docs: update codeclimate badge in readme.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/00131213bf337e563126611b06b79218a560dc9a\"\u003e\u003ccode\u003e0013121\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e\u003ccode\u003e63d86be\u003c/code\u003e\u003c/a\u003e fix: pass integrity value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/84f7cc3d4a0770337140776e86d9740e0aad82f8\"\u003e\u003ccode\u003e84f7cc3\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/f2d0663105eba0b9ea7f281230546282a46015ad\"\u003e\u003ccode\u003ef2d0663\u003c/code\u003e\u003c/a\u003e docs: add integrity parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003e\u003ccode\u003edc51a2e\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of link tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e\u003ccode\u003e6a54b1c\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of script tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/5e71cf591e9006ad2621dd88d09739bfbffd463c\"\u003e\u003ccode\u003e5e71cf5\u003c/code\u003e\u003c/a\u003e chore(release): 6.3.20 [skip ci]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/karma-runner/karma/compare/v3.1.4...v6.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/Prebid.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/Prebid.js/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2FPrebid.js/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"1880920568","node_id":"PR_kwDOJaiLC85ZhOWN","number":3,"state":"closed","title":"chore(deps-dev): bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-05T11:38:43.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T22:25:58.000Z","updated_at":"2025-06-05T11:38:43.000Z","time_to_close":55257165,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/activepieces/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/activepieces/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Factivepieces/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"1501823396","node_id":"PR_kwDOIBLHas5ZhAGk","number":1,"state":"closed","title":"build(deps): bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-06T19:04:39.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T20:59:36.000Z","updated_at":"2025-08-06T19:04:39.000Z","time_to_close":60645903,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"4.0.5","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"4.5.1","new_version":"4.7.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.\nUpdates `socket.io-parser` from 4.0.5 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.5...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.1 to 4.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.1...4.7.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.2\"\u003e4.7.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/socketio/engine.io/compare/6.5.0...6.5.2\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.1\u003c/h2\u003e\n\u003cp\u003eThe client bundle contains a few fixes regarding the WebTransport support.\u003c/p\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.0...4.7.1\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.0...4.7.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.1\"\u003e4.7.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.0\"\u003e\u003ccode\u003eengine.io@~6.5.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove the Partial modifier from the socket.data type (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4740\"\u003e#4740\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/e5c62cad60fc7d16fbb024fd9be1d1880f4e6f5f\"\u003ee5c62ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003eSupport for WebTransport\u003c/h4\u003e\n\u003cp\u003eThe Socket.IO server can now use WebTransport as the underlying transport.\u003c/p\u003e\n\u003cp\u003eWebTransport is a web API that uses the HTTP/3 protocol as a bidirectional transport. It's intended for two-way communications between a web client and an HTTP/3 server.\u003c/p\u003e\n\u003cp\u003eReferences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://w3c.github.io/webtransport/\"\u003ehttps://w3c.github.io/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/API/WebTransport\"\u003ehttps://developer.mozilla.org/en-US/docs/Web/API/WebTransport\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.chrome.com/articles/webtransport/\"\u003ehttps://developer.chrome.com/articles/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUntil WebTransport support lands \u003ca href=\"https://redirect.github.com/nodejs/node/issues/38478\"\u003ein Node.js\u003c/a\u003e, you can use the \u003ccode\u003e@fails-components/webtransport\u003c/code\u003e package:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { readFileSync } from \u0026quot;fs\u0026quot;;\nimport { createServer } from \u0026quot;https\u0026quot;;\nimport { Server } from \u0026quot;socket.io\u0026quot;;\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/socketio/engine.io/compare/6.5.0...6.5.2\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.0...4.7.1\"\u003e4.7.1\u003c/a\u003e (2023-06-28)\u003c/h2\u003e\n\u003cp\u003eThe client bundle contains a few fixes regarding the WebTransport support.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.0\"\u003e\u003ccode\u003eengine.io@~6.5.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.2...4.7.0\"\u003e4.7.0\u003c/a\u003e (2023-06-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove the Partial modifier from the socket.data type (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4740\"\u003e#4740\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/e5c62cad60fc7d16fbb024fd9be1d1880f4e6f5f\"\u003ee5c62ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003eSupport for WebTransport\u003c/h4\u003e\n\u003cp\u003eThe Socket.IO server can now use WebTransport as the underlying transport.\u003c/p\u003e\n\u003cp\u003eWebTransport is a web API that uses the HTTP/3 protocol as a bidirectional transport. It's intended for two-way communications between a web client and an HTTP/3 server.\u003c/p\u003e\n\u003cp\u003eReferences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://w3c.github.io/webtransport/\"\u003ehttps://w3c.github.io/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/API/WebTransport\"\u003ehttps://developer.mozilla.org/en-US/docs/Web/API/WebTransport\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.chrome.com/articles/webtransport/\"\u003ehttps://developer.chrome.com/articles/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/c332643ad8b2eff3a9edee432bfd53fb37559280\"\u003e\u003ccode\u003ec332643\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e\u003ccode\u003e3468a19\u003c/code\u003e\u003c/a\u003e fix(webtransport): properly handle WebTransport-only connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/09d45491c4eb817274e4c38e7ccbc61ceb3fce18\"\u003e\u003ccode\u003e09d4549\u003c/code\u003e\u003c/a\u003e chore: bump engine.io to version 6.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e\u003ccode\u003e0731c0d\u003c/code\u003e\u003c/a\u003e fix: clean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/03046a64adbfd021a01449027401cab639fd244e\"\u003e\u003ccode\u003e03046a6\u003c/code\u003e\u003c/a\u003e docs: update the list of supported Node.js versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/443e447087430066ae88bfd69639fdc8a4851e57\"\u003e\u003ccode\u003e443e447\u003c/code\u003e\u003c/a\u003e docs(examples): add example with WebTransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2f6cc2fa4287de02fa5c9b8f5bf7d5beb37acf2f\"\u003e\u003ccode\u003e2f6cc2f\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/00d8ee5b057a8aef830d88da77579037759e762c\"\u003e\u003ccode\u003e00d8ee5\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2dd5fa9dd466c6b39b0764d53fbda6185b4916ce\"\u003e\u003ccode\u003e2dd5fa9\u003c/code\u003e\u003c/a\u003e ci: add Node.js 20 in the test matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/a5dff0ac83ac5e2b0e518c6d054b2c9b252b2558\"\u003e\u003ccode\u003ea5dff0a\u003c/code\u003e\u003c/a\u003e docs(examples): increase httpd ProxyTimeout value (2)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.1...4.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/jose/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/jose/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fjose/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"1880751254","node_id":"PR_kwDOCx9wvs5ZgpnX","number":4,"state":"closed","title":"Bump socket.io-parser from 3.3.0 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-06T19:10:01.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T18:56:02.000Z","updated_at":"2025-06-06T19:10:02.000Z","time_to_close":55383239,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.0","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.0 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/Automattic/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e) (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e89197a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.1\u003c/h2\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b0a3925fd9f765228e5d06e4a0cc90d81a60d0e\"\u003e\u003ccode\u003e3b0a392\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e\u003ccode\u003e89197a0\u003c/code\u003e\u003c/a\u003e fix: prevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/25ca624b0d9eddc54a0dbaecc535cdf400722169\"\u003e\u003ccode\u003e25ca624\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b51b39b78d85841a5659778917f240d407fdbce1\"\u003e\u003ccode\u003eb51b39b\u003c/code\u003e\u003c/a\u003e test: use Node.js 10 for the browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/4184e465344c7ebd1d586e35a53bfad1ab5cfcea\"\u003e\u003ccode\u003e4184e46\u003c/code\u003e\u003c/a\u003e chore: bump component-emitter dependency\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.0\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/base/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/base/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fbase/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"1501522324","node_id":"PR_kwDOJLK9ds5Zf2mU","number":5,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-16T19:45:53.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T15:33:29.000Z","updated_at":"2025-07-16T19:45:53.000Z","time_to_close":58853544,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/uptime-kuma/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/uptime-kuma/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fuptime-kuma/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"1880310654","node_id":"PR_kwDODj-qYc5ZfIlO","number":2,"state":"closed","title":"Bump socket.io-parser and browser-sync","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T11:10:55.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T13:37:24.000Z","updated_at":"2025-06-24T11:10:55.000Z","time_to_close":56928811,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"3.2.0","new_version":"4.2.4"},{"name":"browser-sync","repository_url":"https://github.com/BrowserSync/browser-sync","old_version":"2.26.7","new_version":"2.29.3"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [browser-sync](https://github.com/BrowserSync/browser-sync). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 3.2.0 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.2.0...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browser-sync` from 2.26.7 to 2.29.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/BrowserSync/browser-sync/releases\"\u003ebrowser-sync's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eThe one that fixes snippetOptions\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append to head if body not present yet - fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2031\"\u003e#2031\u003c/a\u003e by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2041\"\u003eBrowserSync/browser-sync#2041\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.29.2...v2.29.3\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.29.2...v2.29.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.29.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etrim-deps by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2028\"\u003eBrowserSync/browser-sync#2028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.29.0...v2.29.1\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.29.0...v2.29.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eThe one that restores IE11 support 💪\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix ie11 by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2024\"\u003eBrowserSync/browser-sync#2024\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://esbuild.github.io/\"\u003eesbuild\u003c/a\u003e does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke \u003ccode\u003eIE11\u003c/code\u003e support 😢\u003c/p\u003e\n\u003cp\u003eThis is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.\u003c/p\u003e\n\u003cp\u003eSo, IE11 will work once again 🎉. Please use the \u003ca href=\"https://github.com/BrowserSync/browser-sync/issues\"\u003eissues\u003c/a\u003e thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003e# IE11 works, again\nnpm install browser-sync@latest\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.28.3...v2.29.0\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.28.3...v2.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ethe one that finally removes \u003ccode\u003edocument.write\u003c/code\u003e\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebrowser-sync-2017 use chalk everywhere by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2018\"\u003eBrowserSync/browser-sync#2018\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove document.write by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2019\"\u003eBrowserSync/browser-sync#2019\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.27.12...v2.28.0\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.27.12...v2.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.27.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(cli): Where's the command help? fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/1929\"\u003e#1929\u003c/a\u003e by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/1945\"\u003eBrowserSync/browser-sync#1945\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA bug prevented the help output from displaying - it was introduced when the CLI parser \u003ccode\u003eyargs\u003c/code\u003e was updated, and is now fixed :)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/02efdff2f6cf2991b87f8e8eaf7bbd21559fa612\"\u003e\u003ccode\u003e02efdff\u003c/code\u003e\u003c/a\u003e v2.29.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/62d906e6abde0c251550a598e159c67d53e287a4\"\u003e\u003ccode\u003e62d906e\u003c/code\u003e\u003c/a\u003e fix: append to head if body not present yet - fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2031\"\u003e#2031\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/f91440e11f3357beb3ce86cd8fd2fd992b00acea\"\u003e\u003ccode\u003ef91440e\u003c/code\u003e\u003c/a\u003e v2.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/d0c50e07c1e0329a631443734ac68743f129c8e7\"\u003e\u003ccode\u003ed0c50e0\u003c/code\u003e\u003c/a\u003e deps: drop qs (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2040\"\u003e#2040\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/6ffc212cdb50da972e4ed434244a23a6bee56e50\"\u003e\u003ccode\u003e6ffc212\u003c/code\u003e\u003c/a\u003e v2.29.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/7b077987ef887994b6d59054d28dfe8639358599\"\u003e\u003ccode\u003e7b07798\u003c/code\u003e\u003c/a\u003e v2.29.1-alpha.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/497f2162df92ce4bd15a9d5af3e82325dd3cee21\"\u003e\u003ccode\u003e497f216\u003c/code\u003e\u003c/a\u003e remove client deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/bed04d4f07d4d16b05af02fa86babc362b8531a2\"\u003e\u003ccode\u003ebed04d4\u003c/code\u003e\u003c/a\u003e v2.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/87421b53df52a22b69f9d32306494f1e0d8c4011\"\u003e\u003ccode\u003e87421b5\u003c/code\u003e\u003c/a\u003e fix: ie11 support (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/59eb01ad5f5937d60832c97c40f97c31a8d4200d\"\u003e\u003ccode\u003e59eb01a\u003c/code\u003e\u003c/a\u003e v2.28.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.26.7...v2.29.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/wp-theme/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/wp-theme/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fwp-theme/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"1501226399","node_id":"PR_kwDOFOlKpc5ZeuWf","number":1,"state":"closed","title":"Bump socket.io-parser and karma","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-22T13:49:02.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T12:36:38.000Z","updated_at":"2025-07-22T13:49:02.000Z","time_to_close":59361144,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"2.3.1","new_version":"4.2.4"},{"name":"karma","repository_url":"https://github.com/karma-runner/karma","old_version":"1.7.1","new_version":"6.4.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [karma](https://github.com/karma-runner/karma). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 2.3.1 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/2.3.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `karma` from 1.7.1 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/releases\"\u003ekarma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.20\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.19\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.18\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/blob/master/CHANGELOG.md\"\u003ekarma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.16...v6.3.17\"\u003e6.3.17\u003c/a\u003e (2022-02-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update colors to maintained version (\u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3763\"\u003e#3763\u003c/a\u003e) (\u003ca href=\"https://github.com/karma-runner/karma/commit/fca18843e7a04eeb67b86cb3cfc3db794d66f445\"\u003efca1884\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/9de3c00988884335775de746eb8571697a86410b\"\u003e\u003ccode\u003e9de3c00\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003e\u003ccode\u003ec6a4271\u003c/code\u003e\u003c/a\u003e fix: few typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/50f963551fbccf669c8d42499d0406ded2ec6176\"\u003e\u003ccode\u003e50f9635\u003c/code\u003e\u003c/a\u003e docs: update codeclimate badge in readme.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/00131213bf337e563126611b06b79218a560dc9a\"\u003e\u003ccode\u003e0013121\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e\u003ccode\u003e63d86be\u003c/code\u003e\u003c/a\u003e fix: pass integrity value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/84f7cc3d4a0770337140776e86d9740e0aad82f8\"\u003e\u003ccode\u003e84f7cc3\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/f2d0663105eba0b9ea7f281230546282a46015ad\"\u003e\u003ccode\u003ef2d0663\u003c/code\u003e\u003c/a\u003e docs: add integrity parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003e\u003ccode\u003edc51a2e\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of link tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e\u003ccode\u003e6a54b1c\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of script tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/5e71cf591e9006ad2621dd88d09739bfbffd463c\"\u003e\u003ccode\u003e5e71cf5\u003c/code\u003e\u003c/a\u003e chore(release): 6.3.20 [skip ci]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/karma-runner/karma/compare/1.7.1...v6.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/toastr/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/toastr/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Ftoastr/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"1879486072","node_id":"PR_kwDOFnY0Ec5ZcVG8","number":1,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T11:42:13.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T04:30:20.000Z","updated_at":"2025-06-24T11:42:13.000Z","time_to_close":56963513,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/truffle/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/truffle/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Ftruffle/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"1857895593","node_id":"PR_kwDOFQsgIc5YT3gG","number":2,"state":"closed","title":"Bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-10-20T23:16:16.000Z","author_association":null,"state_reason":null,"created_at":"2023-08-19T23:07:09.000Z","updated_at":"2025-10-20T23:16:24.000Z","time_to_close":68515747,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/quinnjr/quinnjr.tech/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/quinnjr/quinnjr.tech/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/quinnjr%2Fquinnjr.tech/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"1844156384","node_id":"PR_kwDOBhFBx85XlbhJ","number":3128,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-11-26T06:13:38.000Z","author_association":null,"state_reason":null,"created_at":"2023-08-09T23:01:00.000Z","updated_at":"2025-11-26T06:13:40.000Z","time_to_close":72515558,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/subscriptions-project/swg-js/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","html_url":"https://github.com/subscriptions-project/swg-js/pull/3128","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/subscriptions-project%2Fswg-js/issues/3128","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3128/packages"},{"uuid":"1468683515","node_id":"PR_kwDOINaYls5XilT7","number":25,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-05-21T14:24:21.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-08-09T14:00:25.000Z","updated_at":"2025-05-21T14:24:23.000Z","time_to_close":56247836,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/crlshn/gatsby-starter-default/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/crlshn/gatsby-starter-default/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/crlshn%2Fgatsby-starter-default/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"}],"issue_packages":[{"old_version":"4.0.5","new_version":"4.2.4","update_type":"minor","path":null,"pr_created_at":"2024-06-24T11:34:05.000Z","version_change":"4.0.5 → 4.2.4","issue":{"uuid":"2370008334","node_id":"PR_kwDOFM2Vms5zWth4","number":95,"state":"closed","title":"Bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-17T16:56:26.000Z","author_association":"NONE","state_reason":null,"created_at":"2024-06-24T11:34:05.000Z","updated_at":"2025-07-17T16:56:28.000Z","time_to_close":33542541,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"4.0.5","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"4.5.0","new_version":"4.7.5"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.\nUpdates `socket.io-parser` from 4.0.5 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.5...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.0 to 4.7.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.5\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.4...4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.5\"\u003e4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.3...4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.4\"\u003e4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.2...4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.3\"\u003e4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003e4.7.5\u003c/a\u003e (2024-03-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003e4.7.4\u003c/a\u003e (2024-01-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003e4.7.3\u003c/a\u003e (2024-01-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50176812a1f815b779cf8936996b06e559122620\"\u003e\u003ccode\u003e5017681\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003e\u003ccode\u003ebf64870\u003c/code\u003e\u003c/a\u003e fix: close the adapters when the server is closed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/748e18c22eeefceb4030c8f8e5e9e9c342b05982\"\u003e\u003ccode\u003e748e18c\u003c/code\u003e\u003c/a\u003e ci: test with older TypeScript version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b9ce6a25d1f99368fe21fdc0308213fa1831e450\"\u003e\u003ccode\u003eb9ce6a2\u003c/code\u003e\u003c/a\u003e refactor: create specific adapter for parent namespaces (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4950\"\u003e#4950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/54dabe5bffeb705fd006729725dd2fa194f70ecf\"\u003e\u003ccode\u003e54dabe5\u003c/code\u003e\u003c/a\u003e ci: upgrade to actions/checkout@4 and actions/setup-node@4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003e\u003ccode\u003ee426f3e\u003c/code\u003e\u003c/a\u003e fix: remove duplicate pipeline when serving bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e36062ca2df0b1a4adcf986bafc3fd92675d3896\"\u003e\u003ccode\u003ee36062c\u003c/code\u003e\u003c/a\u003e docs: update the webtransport example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0bbe8aec77a0ed5576d8e4fa7379ab1f1a6fdb05\"\u003e\u003ccode\u003e0bbe8ae\u003c/code\u003e\u003c/a\u003e docs: only execute the passport middleware once\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/914a8bd2b97f559a666ede08df8610cfe05e9cda\"\u003e\u003ccode\u003e914a8bd\u003c/code\u003e\u003c/a\u003e docs: add example with JWT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d943c3e0b0b6af1df544a6d26e09dbc8243f4d90\"\u003e\u003ccode\u003ed943c3e\u003c/code\u003e\u003c/a\u003e docs: update the Passport.js example\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.0...4.7.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DiceTechnology/hls.js/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/DiceTechnology/hls.js/pull/95","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DiceTechnology%2Fhls.js/issues/95","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/95/packages"}},{"old_version":"2.2.2","new_version":"4.2.4","update_type":"major","path":null,"pr_created_at":"2024-05-29T21:46:00.000Z","version_change":"2.2.2 → 4.2.4","issue":{"uuid":"1894785849","node_id":"PR_kwDOAX7jOM5w8CM5","number":1,"state":"closed","title":"Bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-08T02:20:17.000Z","author_association":"NONE","state_reason":null,"created_at":"2024-05-29T21:46:00.000Z","updated_at":"2025-07-08T02:20:17.000Z","time_to_close":34922057,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"2.2.2","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"1.2.0","new_version":"4.7.5"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [socket.io](https://github.com/socketio/socket.io). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 2.2.2 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/2.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~darrachequesne\"\u003edarrachequesne\u003c/a\u003e, a new releaser for socket.io-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 1.2.0 to 4.7.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.5\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.4...4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.5\"\u003e4.7.5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.3...4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.4\"\u003e4.7.4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.2...4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.3\"\u003e4.7.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.4...4.7.5\"\u003e4.7.5\u003c/a\u003e (2024-03-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclose the adapters when the server is closed (\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003ebf64870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove duplicate pipeline when serving bundle (\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003ee426f3e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.3...4.7.4\"\u003e4.7.4\u003c/a\u003e (2024-01-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e calling io.emit with no arguments incorrectly errored (\u003ca href=\"https://github.com/socketio/socket.io/commit/cb6d2e02aa7ec03c2de1817d35cffa1128b107ef\"\u003ecb6d2e0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4914\"\u003e#4914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.2...4.7.3\"\u003e4.7.3\u003c/a\u003e (2024-01-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereturn the first response when broadcasting to a single socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4878\"\u003e#4878\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/df8e70f79822e3887b4f21ca718af8a53bbda2c4\"\u003edf8e70f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e allow to bind to a non-secure Http2Server (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4853\"\u003e#4853\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/8c9ebc30e5452ff9381af5d79f547394fa55633c\"\u003e8c9ebc3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50176812a1f815b779cf8936996b06e559122620\"\u003e\u003ccode\u003e5017681\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/bf64870957e626a73e0544716a1a41a4ba5093bb\"\u003e\u003ccode\u003ebf64870\u003c/code\u003e\u003c/a\u003e fix: close the adapters when the server is closed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/748e18c22eeefceb4030c8f8e5e9e9c342b05982\"\u003e\u003ccode\u003e748e18c\u003c/code\u003e\u003c/a\u003e ci: test with older TypeScript version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b9ce6a25d1f99368fe21fdc0308213fa1831e450\"\u003e\u003ccode\u003eb9ce6a2\u003c/code\u003e\u003c/a\u003e refactor: create specific adapter for parent namespaces (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4950\"\u003e#4950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/54dabe5bffeb705fd006729725dd2fa194f70ecf\"\u003e\u003ccode\u003e54dabe5\u003c/code\u003e\u003c/a\u003e ci: upgrade to actions/checkout@4 and actions/setup-node@4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e426f3e8e1bfea5720c32d30a3663303200ee6ad\"\u003e\u003ccode\u003ee426f3e\u003c/code\u003e\u003c/a\u003e fix: remove duplicate pipeline when serving bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/e36062ca2df0b1a4adcf986bafc3fd92675d3896\"\u003e\u003ccode\u003ee36062c\u003c/code\u003e\u003c/a\u003e docs: update the webtransport example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0bbe8aec77a0ed5576d8e4fa7379ab1f1a6fdb05\"\u003e\u003ccode\u003e0bbe8ae\u003c/code\u003e\u003c/a\u003e docs: only execute the passport middleware once\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/914a8bd2b97f559a666ede08df8610cfe05e9cda\"\u003e\u003ccode\u003e914a8bd\u003c/code\u003e\u003c/a\u003e docs: add example with JWT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d943c3e0b0b6af1df544a6d26e09dbc8243f4d90\"\u003e\u003ccode\u003ed943c3e\u003c/code\u003e\u003c/a\u003e docs: update the Passport.js example\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/1.2.0...4.7.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~darrachequesne\"\u003edarrachequesne\u003c/a\u003e, a new releaser for socket.io since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/d08ble/livecomment/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/d08ble/livecomment/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/d08ble%2Flivecomment/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"4.2.1","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2024-04-03T07:28:26.000Z","version_change":"4.2.1 → 4.2.4","issue":{"uuid":"2222124398","node_id":"PR_kwDOLpI2Es5rhhuh","number":2,"state":"closed","title":"Bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-01-01T10:14:16.000Z","author_association":null,"state_reason":null,"created_at":"2024-04-03T07:28:26.000Z","updated_at":"2026-01-01T10:14:17.000Z","time_to_close":55133150,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/q1blue/metalsmith-netlify-alchemy/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/q1blue/metalsmith-netlify-alchemy/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/q1blue%2Fmetalsmith-netlify-alchemy/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"3.4.2","new_version":"3.4.3","update_type":"patch","path":"/slides/old","pr_created_at":"2024-03-23T05:06:03.000Z","version_change":"3.4.2 → 3.4.3","issue":{"uuid":"1787662590","node_id":"PR_kwDOAWh_D85qjZD-","number":20,"state":"closed","title":"Bump socket.io-parser from 3.4.2 to 3.4.3 in /slides/old","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-03T02:20:07.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2024-03-23T05:06:03.000Z","updated_at":"2025-07-03T02:20:07.000Z","time_to_close":40338844,"merged_at":"2025-07-03T02:20:07.000Z","merged_by":"kiang","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.4.2","new_version":"3.4.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":"/slides/old","ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.4.2 to 3.4.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/060339a206268d8860d82aa3c0766e867ce5bb8a\"\u003e\u003ccode\u003e060339a\u003c/code\u003e\u003c/a\u003e chore(release): 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e\u003ccode\u003e2dc3c92\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.4.2\u0026new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kiang/kiang.github.io/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/kiang/kiang.github.io/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kiang%2Fkiang.github.io/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"}},{"old_version":"4.2.2","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-11-27T01:36:06.000Z","version_change":"4.2.2 → 4.2.4","issue":{"uuid":"2011330900","node_id":"PR_kwDOH4E5Ks5gY4tw","number":3,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-10-31T18:08:41.000Z","author_association":null,"state_reason":null,"created_at":"2023-11-27T01:36:06.000Z","updated_at":"2025-10-31T18:08:50.000Z","time_to_close":60885155,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Buckley-Sitzman-LLP/buckley-sitzman-com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Buckley-Sitzman-LLP/buckley-sitzman-com/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Buckley-Sitzman-LLP%2Fbuckley-sitzman-com/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"4.2.2","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-11-08T17:04:50.000Z","version_change":"4.2.2 → 4.2.4","issue":{"uuid":"1593009718","node_id":"PR_kwDOKrCH_M5e82Y2","number":3,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-05-22T22:45:10.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-11-08T17:04:50.000Z","updated_at":"2025-05-22T22:45:10.000Z","time_to_close":48490820,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AnikHaque/devhive-Client/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AnikHaque/devhive-Client/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AnikHaque%2Fdevhive-Client/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.3.2","new_version":"3.3.3","update_type":"patch","path":null,"pr_created_at":"2023-10-25T21:33:23.000Z","version_change":"3.3.2 → 3.3.3","issue":{"uuid":"1573689329","node_id":"PR_kwDODw6WJ85dzJfx","number":27,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-04T18:51:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-10-25T21:33:23.000Z","updated_at":"2025-06-04T18:51:10.000Z","time_to_close":50793467,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/andredonati/andredonati5.github.io/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/andredonati/andredonati5.github.io/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/andredonati%2Fandredonati5.github.io/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"}},{"old_version":"3.3.2","new_version":"3.3.3","update_type":"patch","path":"/archive","pr_created_at":"2023-09-27T02:20:09.000Z","version_change":"3.3.2 → 3.3.3","issue":{"uuid":"1531557435","node_id":"PR_kwDOFisdCs5bSbY7","number":23,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3 in /archive","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-16T08:00:54.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-09-27T02:20:09.000Z","updated_at":"2025-06-16T08:00:54.000Z","time_to_close":54279645,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":"/archive","ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/IamMrCupp/mrcupp-project/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/IamMrCupp/mrcupp-project/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamMrCupp%2Fmrcupp-project/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}},{"old_version":"3.3.0","new_version":"3.3.3","update_type":"patch","path":null,"pr_created_at":"2023-09-07T19:38:26.000Z","version_change":"3.3.0 → 3.3.3","issue":{"uuid":"1506815024","node_id":"PR_kwDOELN9Ac5Z0Cww","number":7,"state":"closed","title":"Bump socket.io-parser from 3.3.0 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-05-12T18:48:35.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-07T19:38:26.000Z","updated_at":"2025-05-12T18:48:35.000Z","time_to_close":52960209,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.0","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.0 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/Automattic/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e) (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e89197a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.1\u003c/h2\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b0a3925fd9f765228e5d06e4a0cc90d81a60d0e\"\u003e\u003ccode\u003e3b0a392\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e\u003ccode\u003e89197a0\u003c/code\u003e\u003c/a\u003e fix: prevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/25ca624b0d9eddc54a0dbaecc535cdf400722169\"\u003e\u003ccode\u003e25ca624\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b51b39b78d85841a5659778917f240d407fdbce1\"\u003e\u003ccode\u003eb51b39b\u003c/code\u003e\u003c/a\u003e test: use Node.js 10 for the browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/4184e465344c7ebd1d586e35a53bfad1ab5cfcea\"\u003e\u003ccode\u003e4184e46\u003c/code\u003e\u003c/a\u003e chore: bump component-emitter dependency\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.0\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/digitalocean/sample-gatsby/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/digitalocean/sample-gatsby/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalocean%2Fsample-gatsby/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"3.2.0","new_version":"4.2.4","update_type":"major","path":null,"pr_created_at":"2023-09-04T22:38:59.000Z","version_change":"3.2.0 → 4.2.4","issue":{"uuid":"1880928487","node_id":"PR_kwDODThfC85ZhQCp","number":5,"state":"closed","title":"Bump socket.io-parser and karma","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T06:30:23.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T22:38:59.000Z","updated_at":"2025-06-24T06:30:23.000Z","time_to_close":56879484,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"3.2.0","new_version":"4.2.4"},{"name":"karma","repository_url":"https://github.com/karma-runner/karma","old_version":"3.1.4","new_version":"6.4.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [karma](https://github.com/karma-runner/karma). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 3.2.0 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.2.0...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `karma` from 3.1.4 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/releases\"\u003ekarma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.20\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.19\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.18\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/blob/master/CHANGELOG.md\"\u003ekarma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.16...v6.3.17\"\u003e6.3.17\u003c/a\u003e (2022-02-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update colors to maintained version (\u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3763\"\u003e#3763\u003c/a\u003e) (\u003ca href=\"https://github.com/karma-runner/karma/commit/fca18843e7a04eeb67b86cb3cfc3db794d66f445\"\u003efca1884\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/9de3c00988884335775de746eb8571697a86410b\"\u003e\u003ccode\u003e9de3c00\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003e\u003ccode\u003ec6a4271\u003c/code\u003e\u003c/a\u003e fix: few typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/50f963551fbccf669c8d42499d0406ded2ec6176\"\u003e\u003ccode\u003e50f9635\u003c/code\u003e\u003c/a\u003e docs: update codeclimate badge in readme.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/00131213bf337e563126611b06b79218a560dc9a\"\u003e\u003ccode\u003e0013121\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e\u003ccode\u003e63d86be\u003c/code\u003e\u003c/a\u003e fix: pass integrity value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/84f7cc3d4a0770337140776e86d9740e0aad82f8\"\u003e\u003ccode\u003e84f7cc3\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/f2d0663105eba0b9ea7f281230546282a46015ad\"\u003e\u003ccode\u003ef2d0663\u003c/code\u003e\u003c/a\u003e docs: add integrity parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003e\u003ccode\u003edc51a2e\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of link tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e\u003ccode\u003e6a54b1c\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of script tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/5e71cf591e9006ad2621dd88d09739bfbffd463c\"\u003e\u003ccode\u003e5e71cf5\u003c/code\u003e\u003c/a\u003e chore(release): 6.3.20 [skip ci]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/karma-runner/karma/compare/v3.1.4...v6.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/Prebid.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/Prebid.js/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2FPrebid.js/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"4.2.1","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-09-04T22:25:58.000Z","version_change":"4.2.1 → 4.2.4","issue":{"uuid":"1880920568","node_id":"PR_kwDOJaiLC85ZhOWN","number":3,"state":"closed","title":"chore(deps-dev): bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-05T11:38:43.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T22:25:58.000Z","updated_at":"2025-06-05T11:38:43.000Z","time_to_close":55257165,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/activepieces/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/activepieces/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Factivepieces/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"4.0.5","new_version":"4.2.4","update_type":"minor","path":null,"pr_created_at":"2023-09-04T20:59:36.000Z","version_change":"4.0.5 → 4.2.4","issue":{"uuid":"1501823396","node_id":"PR_kwDOIBLHas5ZhAGk","number":1,"state":"closed","title":"build(deps): bump socket.io-parser and socket.io","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-06T19:04:39.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T20:59:36.000Z","updated_at":"2025-08-06T19:04:39.000Z","time_to_close":60645903,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"4.0.5","new_version":"4.2.4"},{"name":"socket.io","repository_url":"https://github.com/socketio/socket.io","old_version":"4.5.1","new_version":"4.7.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.\nUpdates `socket.io-parser` from 4.0.5 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.5...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 4.5.1 to 4.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.7.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.1...4.7.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.2\"\u003e4.7.2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/socketio/engine.io/compare/6.5.0...6.5.2\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.1\u003c/h2\u003e\n\u003cp\u003eThe client bundle contains a few fixes regarding the WebTransport support.\u003c/p\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.0...4.7.1\"\u003ehttps://github.com/socketio/socket.io/compare/4.7.0...4.7.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClient release: \u003ca href=\"https://github.com/socketio/socket.io-client/releases/tag/4.7.1\"\u003e4.7.1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.0\"\u003e\u003ccode\u003eengine.io@~6.5.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove the Partial modifier from the socket.data type (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4740\"\u003e#4740\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/e5c62cad60fc7d16fbb024fd9be1d1880f4e6f5f\"\u003ee5c62ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003eSupport for WebTransport\u003c/h4\u003e\n\u003cp\u003eThe Socket.IO server can now use WebTransport as the underlying transport.\u003c/p\u003e\n\u003cp\u003eWebTransport is a web API that uses the HTTP/3 protocol as a bidirectional transport. It's intended for two-way communications between a web client and an HTTP/3 server.\u003c/p\u003e\n\u003cp\u003eReferences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://w3c.github.io/webtransport/\"\u003ehttps://w3c.github.io/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/API/WebTransport\"\u003ehttps://developer.mozilla.org/en-US/docs/Web/API/WebTransport\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.chrome.com/articles/webtransport/\"\u003ehttps://developer.chrome.com/articles/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUntil WebTransport support lands \u003ca href=\"https://redirect.github.com/nodejs/node/issues/38478\"\u003ein Node.js\u003c/a\u003e, you can use the \u003ccode\u003e@fails-components/webtransport\u003c/code\u003e package:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { readFileSync } from \u0026quot;fs\u0026quot;;\nimport { createServer } from \u0026quot;https\u0026quot;;\nimport { Server } from \u0026quot;socket.io\u0026quot;;\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/main/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.1...4.7.2\"\u003e4.7.2\u003c/a\u003e (2023-08-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e0731c0d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e properly handle WebTransport-only connections (\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e3468a19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewebtransport:\u003c/strong\u003e add proper framing (\u003ca href=\"https://github.com/socketio/engine.io/commit/a306db09e8ddb367c7d62f45fec920f979580b7c\"\u003ea306db0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.2\"\u003e\u003ccode\u003eengine.io@~6.5.2\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/socketio/engine.io/compare/6.5.0...6.5.2\"\u003ediff\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.7.0...4.7.1\"\u003e4.7.1\u003c/a\u003e (2023-06-28)\u003c/h2\u003e\n\u003cp\u003eThe client bundle contains a few fixes regarding the WebTransport support.\u003c/p\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.5.0\"\u003e\u003ccode\u003eengine.io@~6.5.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.2...4.7.0\"\u003e4.7.0\u003c/a\u003e (2023-06-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove the Partial modifier from the socket.data type (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4740\"\u003e#4740\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/e5c62cad60fc7d16fbb024fd9be1d1880f4e6f5f\"\u003ee5c62ca\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003eSupport for WebTransport\u003c/h4\u003e\n\u003cp\u003eThe Socket.IO server can now use WebTransport as the underlying transport.\u003c/p\u003e\n\u003cp\u003eWebTransport is a web API that uses the HTTP/3 protocol as a bidirectional transport. It's intended for two-way communications between a web client and an HTTP/3 server.\u003c/p\u003e\n\u003cp\u003eReferences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://w3c.github.io/webtransport/\"\u003ehttps://w3c.github.io/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/API/WebTransport\"\u003ehttps://developer.mozilla.org/en-US/docs/Web/API/WebTransport\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://developer.chrome.com/articles/webtransport/\"\u003ehttps://developer.chrome.com/articles/webtransport/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/c332643ad8b2eff3a9edee432bfd53fb37559280\"\u003e\u003ccode\u003ec332643\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/3468a197afe87e65eb0d779fabd347fe683013ab\"\u003e\u003ccode\u003e3468a19\u003c/code\u003e\u003c/a\u003e fix(webtransport): properly handle WebTransport-only connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/09d45491c4eb817274e4c38e7ccbc61ceb3fce18\"\u003e\u003ccode\u003e09d4549\u003c/code\u003e\u003c/a\u003e chore: bump engine.io to version 6.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/0731c0d2f497d5cce596ea1ec32a67c08bcccbcd\"\u003e\u003ccode\u003e0731c0d\u003c/code\u003e\u003c/a\u003e fix: clean up child namespace when client is rejected in middleware (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4773\"\u003e#4773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/03046a64adbfd021a01449027401cab639fd244e\"\u003e\u003ccode\u003e03046a6\u003c/code\u003e\u003c/a\u003e docs: update the list of supported Node.js versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/443e447087430066ae88bfd69639fdc8a4851e57\"\u003e\u003ccode\u003e443e447\u003c/code\u003e\u003c/a\u003e docs(examples): add example with WebTransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2f6cc2fa4287de02fa5c9b8f5bf7d5beb37acf2f\"\u003e\u003ccode\u003e2f6cc2f\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/00d8ee5b057a8aef830d88da77579037759e762c\"\u003e\u003ccode\u003e00d8ee5\u003c/code\u003e\u003c/a\u003e chore(release): 4.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/2dd5fa9dd466c6b39b0764d53fbda6185b4916ce\"\u003e\u003ccode\u003e2dd5fa9\u003c/code\u003e\u003c/a\u003e ci: add Node.js 20 in the test matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/a5dff0ac83ac5e2b0e518c6d054b2c9b252b2558\"\u003e\u003ccode\u003ea5dff0a\u003c/code\u003e\u003c/a\u003e docs(examples): increase httpd ProxyTimeout value (2)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.1...4.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/jose/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/jose/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fjose/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.3.0","new_version":"3.3.3","update_type":"patch","path":null,"pr_created_at":"2023-09-04T18:56:02.000Z","version_change":"3.3.0 → 3.3.3","issue":{"uuid":"1880751254","node_id":"PR_kwDOCx9wvs5ZgpnX","number":4,"state":"closed","title":"Bump socket.io-parser from 3.3.0 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-06T19:10:01.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T18:56:02.000Z","updated_at":"2025-06-06T19:10:02.000Z","time_to_close":55383239,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.0","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.0 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/Automattic/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e) (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e89197a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.1...3.3.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.1\u003c/h2\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b0a3925fd9f765228e5d06e4a0cc90d81a60d0e\"\u003e\u003ccode\u003e3b0a392\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/89197a05c43b18cc4569fd178d56e7bb8f403865\"\u003e\u003ccode\u003e89197a0\u003c/code\u003e\u003c/a\u003e fix: prevent DoS (OOM) via massive packets (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/25ca624b0d9eddc54a0dbaecc535cdf400722169\"\u003e\u003ccode\u003e25ca624\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b51b39b78d85841a5659778917f240d407fdbce1\"\u003e\u003ccode\u003eb51b39b\u003c/code\u003e\u003c/a\u003e test: use Node.js 10 for the browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/4184e465344c7ebd1d586e35a53bfad1ab5cfcea\"\u003e\u003ccode\u003e4184e46\u003c/code\u003e\u003c/a\u003e chore: bump component-emitter dependency\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.0...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.0\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/base/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/base/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fbase/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"4.2.2","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-09-04T15:33:29.000Z","version_change":"4.2.2 → 4.2.4","issue":{"uuid":"1501522324","node_id":"PR_kwDOJLK9ds5Zf2mU","number":5,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-16T19:45:53.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T15:33:29.000Z","updated_at":"2025-07-16T19:45:53.000Z","time_to_close":58853544,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/uptime-kuma/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/uptime-kuma/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fuptime-kuma/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"3.2.0","new_version":"4.2.4","update_type":"major","path":null,"pr_created_at":"2023-09-04T13:37:24.000Z","version_change":"3.2.0 → 4.2.4","issue":{"uuid":"1880310654","node_id":"PR_kwDODj-qYc5ZfIlO","number":2,"state":"closed","title":"Bump socket.io-parser and browser-sync","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T11:10:55.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T13:37:24.000Z","updated_at":"2025-06-24T11:10:55.000Z","time_to_close":56928811,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"3.2.0","new_version":"4.2.4"},{"name":"browser-sync","repository_url":"https://github.com/BrowserSync/browser-sync","old_version":"2.26.7","new_version":"2.29.3"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [browser-sync](https://github.com/BrowserSync/browser-sync). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 3.2.0 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.2.0...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browser-sync` from 2.26.7 to 2.29.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/BrowserSync/browser-sync/releases\"\u003ebrowser-sync's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eThe one that fixes snippetOptions\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append to head if body not present yet - fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2031\"\u003e#2031\u003c/a\u003e by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2041\"\u003eBrowserSync/browser-sync#2041\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.29.2...v2.29.3\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.29.2...v2.29.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.29.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etrim-deps by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2028\"\u003eBrowserSync/browser-sync#2028\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.29.0...v2.29.1\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.29.0...v2.29.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eThe one that restores IE11 support 💪\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix ie11 by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2024\"\u003eBrowserSync/browser-sync#2024\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://esbuild.github.io/\"\u003eesbuild\u003c/a\u003e does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke \u003ccode\u003eIE11\u003c/code\u003e support 😢\u003c/p\u003e\n\u003cp\u003eThis is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.\u003c/p\u003e\n\u003cp\u003eSo, IE11 will work once again 🎉. Please use the \u003ca href=\"https://github.com/BrowserSync/browser-sync/issues\"\u003eissues\u003c/a\u003e thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003e# IE11 works, again\nnpm install browser-sync@latest\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.28.3...v2.29.0\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.28.3...v2.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ethe one that finally removes \u003ccode\u003edocument.write\u003c/code\u003e\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebrowser-sync-2017 use chalk everywhere by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2018\"\u003eBrowserSync/browser-sync#2018\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove document.write by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/2019\"\u003eBrowserSync/browser-sync#2019\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.27.12...v2.28.0\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.27.12...v2.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.27.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(cli): Where's the command help? fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/1929\"\u003e#1929\u003c/a\u003e by \u003ca href=\"https://github.com/shakyShane\"\u003e\u003ccode\u003e@​shakyShane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/pull/1945\"\u003eBrowserSync/browser-sync#1945\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA bug prevented the help output from displaying - it was introduced when the CLI parser \u003ccode\u003eyargs\u003c/code\u003e was updated, and is now fixed :)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9\"\u003ehttps://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/02efdff2f6cf2991b87f8e8eaf7bbd21559fa612\"\u003e\u003ccode\u003e02efdff\u003c/code\u003e\u003c/a\u003e v2.29.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/62d906e6abde0c251550a598e159c67d53e287a4\"\u003e\u003ccode\u003e62d906e\u003c/code\u003e\u003c/a\u003e fix: append to head if body not present yet - fixes \u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2031\"\u003e#2031\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/f91440e11f3357beb3ce86cd8fd2fd992b00acea\"\u003e\u003ccode\u003ef91440e\u003c/code\u003e\u003c/a\u003e v2.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/d0c50e07c1e0329a631443734ac68743f129c8e7\"\u003e\u003ccode\u003ed0c50e0\u003c/code\u003e\u003c/a\u003e deps: drop qs (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2040\"\u003e#2040\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/6ffc212cdb50da972e4ed434244a23a6bee56e50\"\u003e\u003ccode\u003e6ffc212\u003c/code\u003e\u003c/a\u003e v2.29.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/7b077987ef887994b6d59054d28dfe8639358599\"\u003e\u003ccode\u003e7b07798\u003c/code\u003e\u003c/a\u003e v2.29.1-alpha.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/497f2162df92ce4bd15a9d5af3e82325dd3cee21\"\u003e\u003ccode\u003e497f216\u003c/code\u003e\u003c/a\u003e remove client deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/bed04d4f07d4d16b05af02fa86babc362b8531a2\"\u003e\u003ccode\u003ebed04d4\u003c/code\u003e\u003c/a\u003e v2.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/87421b53df52a22b69f9d32306494f1e0d8c4011\"\u003e\u003ccode\u003e87421b5\u003c/code\u003e\u003c/a\u003e fix: ie11 support (\u003ca href=\"https://redirect.github.com/BrowserSync/browser-sync/issues/2024\"\u003e#2024\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BrowserSync/browser-sync/commit/59eb01ad5f5937d60832c97c40f97c31a8d4200d\"\u003e\u003ccode\u003e59eb01a\u003c/code\u003e\u003c/a\u003e v2.28.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/BrowserSync/browser-sync/compare/v2.26.7...v2.29.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/wp-theme/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/wp-theme/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fwp-theme/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.3.1","new_version":"4.2.4","update_type":"major","path":null,"pr_created_at":"2023-09-04T12:36:38.000Z","version_change":"2.3.1 → 4.2.4","issue":{"uuid":"1501226399","node_id":"PR_kwDOFOlKpc5ZeuWf","number":1,"state":"closed","title":"Bump socket.io-parser and karma","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-07-22T13:49:02.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T12:36:38.000Z","updated_at":"2025-07-22T13:49:02.000Z","time_to_close":59361144,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","repository_url":"https://github.com/socketio/socket.io-parser","old_version":"2.3.1","new_version":"4.2.4"},{"name":"karma","repository_url":"https://github.com/karma-runner/karma","old_version":"1.7.1","new_version":"6.4.2"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 4.2.4 and updates ancestor dependency [karma](https://github.com/karma-runner/karma). These dependencies need to be updated together.\n\nUpdates `socket.io-parser` from 2.3.1 to 4.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/2.3.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `karma` from 1.7.1 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/releases\"\u003ekarma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.20\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.19\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.18\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.3.17\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/karma-runner/karma/blob/master/CHANGELOG.md\"\u003ekarma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.1...v6.4.2\"\u003e6.4.2\u003c/a\u003e (2023-04-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efew typos (\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003ec6a4271\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.4.0...v6.4.1\"\u003e6.4.1\u003c/a\u003e (2022-09-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass integrity value (\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e63d86be\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.20...v6.4.0\"\u003e6.4.0\u003c/a\u003e (2022-06-14)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport SRI verification of link tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003edc51a2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport SRI verification of script tags (\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e6a54b1c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.19...v6.3.20\"\u003e6.3.20\u003c/a\u003e (2022-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprefer IPv4 addresses when resolving domains (\u003ca href=\"https://github.com/karma-runner/karma/commit/e17698f950af83bf2b3edc540d2a3e1fb73cba59\"\u003ee17698f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3730\"\u003e#3730\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.18...v6.3.19\"\u003e6.3.19\u003c/a\u003e (2022-04-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e error out when opening a new tab fails (\u003ca href=\"https://github.com/karma-runner/karma/commit/099b85ed0a46e37dd7cb14fc1596cbb1b3eabce9\"\u003e099b85e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.17...v6.3.18\"\u003e6.3.18\u003c/a\u003e (2022-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade socket.io to v4.4.1 (\u003ca href=\"https://github.com/karma-runner/karma/commit/52a30bbc6e168333a8592c26c9f40678d6ab74ea\"\u003e52a30bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/karma-runner/karma/compare/v6.3.16...v6.3.17\"\u003e6.3.17\u003c/a\u003e (2022-02-28)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update colors to maintained version (\u003ca href=\"https://redirect.github.com/karma-runner/karma/issues/3763\"\u003e#3763\u003c/a\u003e) (\u003ca href=\"https://github.com/karma-runner/karma/commit/fca18843e7a04eeb67b86cb3cfc3db794d66f445\"\u003efca1884\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/9de3c00988884335775de746eb8571697a86410b\"\u003e\u003ccode\u003e9de3c00\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/c6a42710b40e81269f1e6c5d5bb55d01188a8872\"\u003e\u003ccode\u003ec6a4271\u003c/code\u003e\u003c/a\u003e fix: few typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/50f963551fbccf669c8d42499d0406ded2ec6176\"\u003e\u003ccode\u003e50f9635\u003c/code\u003e\u003c/a\u003e docs: update codeclimate badge in readme.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/00131213bf337e563126611b06b79218a560dc9a\"\u003e\u003ccode\u003e0013121\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/63d86befd3431fe8e1500e22f4f115a3762d000a\"\u003e\u003ccode\u003e63d86be\u003c/code\u003e\u003c/a\u003e fix: pass integrity value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/84f7cc3d4a0770337140776e86d9740e0aad82f8\"\u003e\u003ccode\u003e84f7cc3\u003c/code\u003e\u003c/a\u003e chore(release): 6.4.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/f2d0663105eba0b9ea7f281230546282a46015ad\"\u003e\u003ccode\u003ef2d0663\u003c/code\u003e\u003c/a\u003e docs: add integrity parameter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/dc51a2e0e9b9805f7740f52fde01bcd20adc2dfc\"\u003e\u003ccode\u003edc51a2e\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of link tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/6a54b1c2a1df8214c470b8a5cc8036912874637e\"\u003e\u003ccode\u003e6a54b1c\u003c/code\u003e\u003c/a\u003e feat: support SRI verification of script tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/karma-runner/karma/commit/5e71cf591e9006ad2621dd88d09739bfbffd463c\"\u003e\u003ccode\u003e5e71cf5\u003c/code\u003e\u003c/a\u003e chore(release): 6.3.20 [skip ci]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/karma-runner/karma/compare/1.7.1...v6.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/toastr/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/toastr/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Ftoastr/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.3.2","new_version":"3.3.3","update_type":"patch","path":null,"pr_created_at":"2023-09-04T04:30:20.000Z","version_change":"3.3.2 → 3.3.3","issue":{"uuid":"1879486072","node_id":"PR_kwDOFnY0Ec5ZcVG8","number":1,"state":"closed","title":"Bump socket.io-parser from 3.3.2 to 3.3.3","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-24T11:42:13.000Z","author_association":"NONE","state_reason":null,"created_at":"2023-09-04T04:30:20.000Z","updated_at":"2025-06-24T11:42:13.000Z","time_to_close":56963513,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"3.3.2","new_version":"3.3.3","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003ehttps://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBranch: \u003ca href=\"https://github.com/socketio/socket.io-parser/tree/3.3.x\"\u003e3.3.x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14\"\u003e04d23ce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1\"\u003e4.2.1\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050\"\u003eb5d0cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5\"\u003e4.0.5\u003c/a\u003e (2022-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4\"\u003eb559f05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0\"\u003e4.2.0\u003c/a\u003e (2022-04-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow the usage of custom replacer and reviver (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/112\"\u003e#112\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b08bc1a93e8e3194b776c8a0bdedee1e29333680\"\u003eb08bc1a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2\"\u003e4.1.2\u003c/a\u003e (2022-02-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/cd11e38e1a3e2146617bc586f86512605607b212\"\u003e\u003ccode\u003ecd11e38\u003c/code\u003e\u003c/a\u003e chore(release): 3.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003e\u003ccode\u003efb21e42\u003c/code\u003e\u003c/a\u003e fix: check the format of the index of each attachment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=3.3.2\u0026new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/truffle/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/truffle/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Ftruffle/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"4.2.1","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-08-19T23:07:09.000Z","version_change":"4.2.1 → 4.2.4","issue":{"uuid":"1857895593","node_id":"PR_kwDOFQsgIc5YT3gG","number":2,"state":"closed","title":"Bump socket.io-parser from 4.2.1 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-10-20T23:16:16.000Z","author_association":null,"state_reason":null,"created_at":"2023-08-19T23:07:09.000Z","updated_at":"2025-10-20T23:16:24.000Z","time_to_close":68515747,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.1","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.1 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2\"\u003e4.2.2\u003c/a\u003e (2023-01-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecalling destroy() should clear all internal state (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e22c42e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not modify the input packet upon encoding (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/ae8dd88995dbd7f89c97e5cc15e5b489fa0efece\"\u003eae8dd88\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Automattic/socket.io-parser/compare/3.3.2...3.3.3\"\u003e3.3.3\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the index of each attachment (\u003ca href=\"https://github.com/Automattic/socket.io-parser/commit/fb21e422fc193b34347395a33e0f625bebc09983\"\u003efb21e42\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2\"\u003e3.4.2\u003c/a\u003e (2022-11-09)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/28dd6685021353b26a4b022e25b453c627d0a7e8\"\u003e\u003ccode\u003e28dd668\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/22c42e3545e4adbc5931276c378f5d62c8b3854a\"\u003e\u003ccode\u003e22c42e3\u003c/code\u003e\u003c/a\u003e fix: calling destroy() should clear all internal state\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.1\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/quinnjr/quinnjr.tech/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/quinnjr/quinnjr.tech/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/quinnjr%2Fquinnjr.tech/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"4.2.2","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-08-09T23:01:00.000Z","version_change":"4.2.2 → 4.2.4","issue":{"uuid":"1844156384","node_id":"PR_kwDOBhFBx85XlbhJ","number":3128,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-11-26T06:13:38.000Z","author_association":null,"state_reason":null,"created_at":"2023-08-09T23:01:00.000Z","updated_at":"2025-11-26T06:13:40.000Z","time_to_close":72515558,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/subscriptions-project/swg-js/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","html_url":"https://github.com/subscriptions-project/swg-js/pull/3128","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/subscriptions-project%2Fswg-js/issues/3128","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3128/packages"}},{"old_version":"4.2.2","new_version":"4.2.4","update_type":"patch","path":null,"pr_created_at":"2023-08-09T14:00:25.000Z","version_change":"4.2.2 → 4.2.4","issue":{"uuid":"1468683515","node_id":"PR_kwDOINaYls5XilT7","number":25,"state":"closed","title":"Bump socket.io-parser from 4.2.2 to 4.2.4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-05-21T14:24:21.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2023-08-09T14:00:25.000Z","updated_at":"2025-05-21T14:24:23.000Z","time_to_close":56247836,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"socket.io-parser","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/socketio/socket.io-parser"}],"path":null,"ecosystem":"maven"},"body":"Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/releases\"\u003esocket.io-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.3\u003c/h2\u003e\n\u003cp\u003e:warning: This release contains an important security fix :warning:\u003c/p\u003e\n\u003cp\u003eA malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eTypeError: Cannot convert object to primitive value\n       at Socket.emit (node:events:507:25)\n       at .../node_modules/socket.io/lib/socket.js:531:14\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ePlease upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eLinks\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDiff: \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003ehttps://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md\"\u003esocket.io-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4\"\u003e4.2.4\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eensure reserved events cannot be used as event names (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003ed9db473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eproperly detect plain objects (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003eb0e6400\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3\"\u003e3.4.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced\"\u003e2dc3c92\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3\"\u003e4.2.3\u003c/a\u003e (2023-05-22)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echeck the format of the event name (\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e3b78117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/164ba2a11edc34c2f363401e9768f9a8541a8b89\"\u003e\u003ccode\u003e164ba2a\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213\"\u003e\u003ccode\u003eb0e6400\u003c/code\u003e\u003c/a\u003e fix: properly detect plain objects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7\"\u003e\u003ccode\u003ed9db473\u003c/code\u003e\u003c/a\u003e fix: ensure reserved events cannot be used as event names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/6a5a004d1e1fd7b7250fdc6fb148e0d9015f8368\"\u003e\u003ccode\u003e6a5a004\u003c/code\u003e\u003c/a\u003e docs(changelog): include changelog for release 3.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/b6c824f82421aa44dfd5ef395f5132866543de59\"\u003e\u003ccode\u003eb6c824f\u003c/code\u003e\u003c/a\u003e chore(release): 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/dcc70d9678ac896de08294d6e8d668be6a68680a\"\u003e\u003ccode\u003edcc70d9\u003c/code\u003e\u003c/a\u003e refactor: export typescript declarations for the commonjs build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3\"\u003e\u003ccode\u003e3b78117\u003c/code\u003e\u003c/a\u003e fix: check the format of the event name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io-parser/commit/0841bd562351c3d45a5288e2adf9707cc8a3131d\"\u003e\u003ccode\u003e0841bd5\u003c/code\u003e\u003c/a\u003e chore: bump ua-parser-js from 1.0.32 to 1.0.33 (\u003ca href=\"https://redirect.github.com/socketio/socket.io-parser/issues/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser\u0026package-manager=npm_and_yarn\u0026previous-version=4.2.2\u0026new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/crlshn/gatsby-starter-default/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/crlshn/gatsby-starter-default/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/crlshn%2Fgatsby-starter-default/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"}}]}