From 0841bd562351c3d45a5288e2adf9707cc8a3131d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 25 Jan 2023 07:23:55 +0100 Subject: [PATCH 1/4] chore: bump ua-parser-js from 1.0.32 to 1.0.33 (#121) Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 1.0.32 to 1.0.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](https://github.com/faisalman/ua-parser-js/compare/1.0.32...1.0.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 85630e9..b6dd966 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "socket.io-parser", - "version": "4.2.1", + "version": "4.2.2", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "socket.io-parser", - "version": "4.2.1", + "version": "4.2.2", "license": "MIT", "dependencies": { "@socket.io/component-emitter": "~3.1.0", @@ -7251,9 +7251,9 @@ } }, "node_modules/ua-parser-js": { - "version": "1.0.32", - "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.32.tgz", - "integrity": "sha512-dXVsz3M4j+5tTiovFVyVqssXBu5HM47//YSOeZ9fQkdDKkfzv2v3PP1jmH6FUyPW+yCSn7aBVK1fGGKNhowdDA==", + "version": "1.0.33", + "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.33.tgz", + "integrity": "sha512-RqshF7TPTE0XLYAqmjlu5cLLuGdKrNu9O1KLA/qp39QtbZwuzwv1dT46DZSopoUMsYgXpB3Cv8a03FI8b74oFQ==", "dev": true, "funding": [ { @@ -13832,9 +13832,9 @@ "dev": true }, "ua-parser-js": { - "version": "1.0.32", - "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.32.tgz", - "integrity": "sha512-dXVsz3M4j+5tTiovFVyVqssXBu5HM47//YSOeZ9fQkdDKkfzv2v3PP1jmH6FUyPW+yCSn7aBVK1fGGKNhowdDA==", + "version": "1.0.33", + "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.33.tgz", + "integrity": "sha512-RqshF7TPTE0XLYAqmjlu5cLLuGdKrNu9O1KLA/qp39QtbZwuzwv1dT46DZSopoUMsYgXpB3Cv8a03FI8b74oFQ==", "dev": true }, "unbzip2-stream": { From 3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3 Mon Sep 17 00:00:00 2001 From: Damien Arrachequesne Date: Mon, 22 May 2023 07:37:31 +0200 Subject: [PATCH 2/4] fix: check the format of the event name A packet like '2[{"toString":"foo"}]' was decoded as: { type: EVENT, data: [ { "toString": "foo" } ] } Which would then throw an error when passed to the EventEmitter class: > TypeError: Cannot convert object to primitive value > at Socket.emit (node:events:507:25) > at .../node_modules/socket.io/lib/socket.js:531:14 History of the isPayloadValid() method: - added in [78f9fc2](https://github.com/socketio/socket.io-parser/commit/78f9fc2999b15804b02f2c22a2b4007734a26af9) (v4.0.1, socket.io@3.0.0) - updated in [1c220dd](https://github.com/socketio/socket.io-parser/commit/1c220ddbf45ea4b44bc8dbf6f9ae245f672ba1b9) (v4.0.4, socket.io@3.1.0) --- lib/index.ts | 5 ++++- test/parser.js | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/index.ts b/lib/index.ts index 6b77094..4319d2c 100644 --- a/lib/index.ts +++ b/lib/index.ts @@ -275,7 +275,10 @@ export class Decoder extends Emitter<{}, {}, DecoderReservedEvents> { return typeof payload === "string" || typeof payload === "object"; case PacketType.EVENT: case PacketType.BINARY_EVENT: - return Array.isArray(payload) && payload.length > 0; + return ( + Array.isArray(payload) && + (typeof payload[0] === "string" || typeof payload[0] === "number") + ); case PacketType.ACK: case PacketType.BINARY_ACK: return Array.isArray(payload); diff --git a/test/parser.js b/test/parser.js index 1b99166..c78e675 100644 --- a/test/parser.js +++ b/test/parser.js @@ -118,6 +118,9 @@ describe("socket.io-parser", () => { isInvalidPayload("1/admin,{}"); isInvalidPayload('2/admin,"invalid'); isInvalidPayload("2/admin,{}"); + isInvalidPayload('2[{"toString":"foo"}]'); + isInvalidPayload('2[true,"foo"]'); + isInvalidPayload('2[null,"bar"]'); expect(() => new Decoder().add("999")).to.throwException( /^unknown packet type 9$/ From dcc70d9678ac896de08294d6e8d668be6a68680a Mon Sep 17 00:00:00 2001 From: Damien Arrachequesne Date: Mon, 22 May 2023 08:19:57 +0200 Subject: [PATCH 3/4] refactor: export typescript declarations for the commonjs build Related: https://github.com/socketio/socket.io/issues/4621#issuecomment-1551853243 --- tsconfig.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tsconfig.json b/tsconfig.json index f033355..b9e4980 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -3,7 +3,7 @@ "outDir": "build/cjs/", "target": "es2018", // Node.js 10 (https://github.com/microsoft/TypeScript/wiki/Node-Target-Mapping) "module": "commonjs", - "declaration": false + "declaration": true }, "include": [ "./lib/**/*" From b6c824f82421aa44dfd5ef395f5132866543de59 Mon Sep 17 00:00:00 2001 From: Damien Arrachequesne Date: Mon, 22 May 2023 08:23:45 +0200 Subject: [PATCH 4/4] chore(release): 4.2.3 Diff: https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3 --- CHANGELOG.md | 10 ++++++++++ package.json | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cfb5b91..4058886 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## 2023 +- [4.2.3](#423-2023-05-22) (May 2023) - [4.2.2](#422-2023-01-19) (Jan 2023) ## 2022 @@ -41,6 +42,15 @@ # Release notes +## [4.2.3](https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3) (2023-05-22) + + +### Bug Fixes + +* check the format of the event name ([9be1167](https://github.com/socketio/socket.io-parser/commit/9be11670dfef7745cef9f17e28ebd2f4fc522e9e)) + + + ## [4.2.2](https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2) (2023-01-19) diff --git a/package.json b/package.json index d672f88..0f375d5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "socket.io-parser", - "version": "4.2.2", + "version": "4.2.3", "description": "socket.io protocol parser", "repository": { "type": "git", pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy