Skip to content
Permalink
Browse files

dependencies: update socket.io 1.7.3 -> 2.1.1

Version 2.x is not backwards compatible with 1.x.
However, according to [0], [1] and [2], it seems that the biggest concern is
when mixing different server and client versions, and this is not Etherpad's
case.

Smoke tested (successfully) on Firefox 61, Chromium 68.

npm audit before this change:
  found 12 vulnerabilities (9 low, 3 high) in 8205 scanned packages
    11 vulnerabilities require semver-major dependency updates.
    1 vulnerability requires manual review. See the full report for details.

npm audit after this change:
  found 1 low severity vulnerability in 8196 scanned packages
    1 vulnerability requires manual review. See the full report for details.

Fixes #3462

[0] https://socket.io/blog/socket-io-2-0-0/
[1] socketio/socket.io#3007 (comment)
[2] Enalean/tuleap@a0d7a79
  • Loading branch information...
muxator committed Aug 18, 2018
1 parent 5f9de69 commit 93641a165d13f650d0b7f84bd0344fc1faf13a58
Showing with 1 addition and 1 deletion.
  1. +1 −1 src/package.json
@@ -51,7 +51,7 @@
"security": "1.0.0",
"semver": "5.1.0",
"slide": "1.1.6",
"socket.io": "1.7.3",
"socket.io": "2.1.1",
"swagger-node-express": "2.1.3",
"tinycon": "0.0.1",
"ueberdb2": "0.4.0",

0 comments on commit 93641a1

Please sign in to comment.
You can’t perform that action at this time.