github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-04-30 03:00:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
188 Commits 24 Branches 210 Tags
ae8dd88995dbd7f89c97e5cc15e5b489fa0efece
Commit Graph

188 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Damien Arrachequesne
ae8dd88995 fix: do not modify the input packet upon encoding 
Note: this issue has existed since Socket.IO v1.0 (see [1]), because
the `deconstructPacket()` method also mutates its input argument.

This also explains why some adapters (like [2]) need to use
`process.nextTick()` when extending the `broadcast()` method, because
`Adapter.broadcast()` calls `Encoder.encode()` ([3]).

Related:

- https://github.com/socketio/socket.io/issues/4374
- https://github.com/socketio/socket.io-mongo-adapter/issues/10

[1]: 299849b002
[2]: https://github.com/socketio/socket.io-postgres-adapter/blob/0.3.0/lib/index.ts#L587-L590
[3]: https://github.com/socketio/socket.io-adapter/blob/2.4.0/lib/index.ts#L148
 2023-01-19 10:06:13 +01:00
Damien Arrachequesne
9143aa4c8e chore: update browserslist 2022-11-15 10:34:46 +01:00
Damien Arrachequesne
194a9b762e ci: migrate from zuul to webdriver.io 
zuul is now archived [1] and does not support the new W3C WebDriver
protocol, since it relies on the wd package [2] under the hood, which
uses the (now deprecated) JSON Wire Protocol.

We will now use the webdriver.io test framework, which allows to run
our tests in local and on Sauce Labs (cross-browser and mobile tests).
This allows us to run our tests on latest versions of Android and iOS,
since Sauce Labs only supports the W3C WebDriver protocol for these
platforms ([3]).

[1]: https://github.com/defunctzombie/zuul
[2]: https://github.com/admc/wd
[3]: https://docs.saucelabs.com/dev/w3c-webdriver-capabilities/
 2022-11-15 10:13:08 +01:00
Dirk Stolle
a9758da4be ci: update actions in GitHub Actions workflows (#117) 2022-11-15 10:02:20 +01:00
Damien Arrachequesne
f0af8834f8 docs: add missing versions in the changelog 
Related: https://github.com/advisories/GHSA-qm95-pgcg-qqfq
 2022-11-09 11:42:23 +01:00
Damien Arrachequesne
5a2ccff9d1 chore(release): 4.2.1 
Diff: https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1
 2022-06-27 15:42:25 +02:00
Damien Arrachequesne
b5d0cb7dc5 fix: check the format of the index of each attachment 
A specially crafted packet could be incorrectly decoded.

Example:

```js
const decoder = new Decoder();

decoder.on("decoded", (packet) => {
  console.log(packet.data); // prints [ 'hello', [Function: splice] ]
})

decoder.add('51-["hello",{"_placeholder":true,"num":"splice"}]');
decoder.add(Buffer.from("world"));
```

As usual, please remember not to trust user input.
 2022-06-27 15:39:24 +02:00
Damien Arrachequesne
c7514b5aa6 chore(release): 4.2.0 
Diff: https://github.com/socketio/socket.io-parser/compare/4.1.2...4.2.0
 2022-04-18 00:26:27 +02:00
Damien Arrachequesne
931f1526a4 chore: add Node.js 16 in the test matrix 
See also: https://github.com/nodejs/Release
 2022-04-18 00:21:14 +02:00
Damien Arrachequesne
6c9cb27aeb chore: bump @socket.io/component-emitter to version 3.1.0 
Related: https://github.com/socketio/socket.io-client/issues/1536
 2022-04-18 00:20:17 +02:00
David Pfeffer
b08bc1a93e feat: allow the usage of custom replacer and reviver (#112) 
Co-authored-by: Mocanu Cristian <mocanu.cristian93@gmail.com>
 2022-04-18 00:19:02 +02:00
Damien Arrachequesne
aed252c742 chore(release): 4.1.2 
Diff: https://github.com/socketio/socket.io-parser/compare/4.1.1...4.1.2
 2022-02-17 07:37:18 +01:00
dependabot[bot]
89209fa22a chore: bump cached-path-relative from 1.0.2 to 1.1.0 (#113) 
Bumps [cached-path-relative](https://github.com/ashaffer/cached-path-relative) from 1.0.2 to 1.1.0.
- [Release notes](https://github.com/ashaffer/cached-path-relative/releases)
- [Commits](https://github.com/ashaffer/cached-path-relative/commits)

---
updated-dependencies:
- dependency-name: cached-path-relative
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-17 07:19:50 +01:00
dependabot[bot]
0a3b556de3 chore: bump path-parse from 1.0.6 to 1.0.7 (#108) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-17 07:18:40 +01:00
Gabba90
7f6b262ac8 fix: allow objects with a null prototype in binary packets (#114) 2022-02-17 07:18:11 +01:00
dependabot[bot]
8e8346b706 chore: bump ajv from 6.12.2 to 6.12.6 (#115) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.12.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 21:57:15 +01:00
Damien Arrachequesne
ea86f413ed chore(release): 4.1.1 
DIff: https://github.com/socketio/socket.io-parser/compare/4.1.0...4.1.1
 2021-10-14 13:52:49 +02:00
Damien Arrachequesne
eb708d1936 chore: bump @socket.io/component-emitter to version 3.0.0 
The typed events have been moved from [1] to [2], in order to remove
the intermediary class and reduce the bundle size.

Diff: https://github.com/socketio/emitter/compare/2.0.0...3.0.0

[1]: https://github.com/socketio/socket.io-client/
[2]: https://github.com/socketio/emitter/
 2021-10-14 13:11:55 +02:00
Damien Arrachequesne
5ad3e5cc4b chore(release): 4.1.0 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.4...4.1.0
 2021-10-11 22:37:46 +02:00
Damien Arrachequesne
388c616a92 feat: provide an ESM build with and without debug 
See also: 00d7e7d7ee
 2021-10-11 22:35:12 +02:00
dependabot[bot]
75530b4dcd chore: bump browserslist from 4.12.0 to 4.16.6 (#106) 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.12.0 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.12.0...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-13 10:47:42 +02:00
dependabot[bot]
57324f3048 chore: bump elliptic from 6.5.3 to 6.5.4 (#102) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-07-13 10:47:33 +02:00
Damien Arrachequesne
af1b23ca85 chore(release): 4.0.4 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.3...4.0.4
 2021-01-15 01:45:17 +01:00
Damien Arrachequesne
1c220ddbf4 fix: allow integers as event names 
This commit restores the possibility to use integers as event names,
which was possible in Socket.IO v2.
 2021-01-15 01:38:03 +01:00
Damien Arrachequesne
444520d6cd chore(release): 4.0.3 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.2...4.0.3
 2021-01-05 11:26:13 +01:00
Damien Arrachequesne
b076dbb722 ci: migrate to GitHub Actions 
Due to the recent changes to the Travis CI platform (see [1]), we will
now use GitHub Actions to run the tests.

Reference: https://docs.github.com/en/free-pro-team@latest/actions/guides/building-and-testing-nodejs

[1]: https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing
 2021-01-05 11:24:49 +01:00
Damien Arrachequesne
7c380d38eb chore: bump debug version 2021-01-05 11:00:39 +01:00
Damien Arrachequesne
f2098b031d chore(release): 4.0.2 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.1...4.0.2
 2020-11-25 11:00:16 +01:00
Damien Arrachequesne
66973a340c chore: cleanup dist folder before compilation 2020-11-25 10:59:02 +01:00
Pascal Sthamer
4efa005846 fix: move @types/component-emitter to dependencies (#99) 
Otherwise consumers of socket.io-parser (and socket.io) need to have it
listed in their devDependencies.
 2020-11-25 10:51:40 +01:00
Damien Arrachequesne
c04443375f docs: add compatibility table 2020-11-05 16:16:36 +01:00
Damien Arrachequesne
e339323654 chore(release): 4.0.1 
Diff: https://github.com/socketio/socket.io-parser/compare/3.4.1...4.0.1
 2020-11-05 16:07:35 +01:00
Damien Arrachequesne
412769fd18 chore(release): 4.0.1-rc3 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.1-rc2...4.0.1-rc3
 2020-10-26 00:16:09 +01:00
Damien Arrachequesne
db1d27432d refactor: rename ERROR to CONNECT_ERROR 
The meaning is not modified: this packet type is still used by the
server when the connection to a namespace is refused. But I feel the
name makes more sense:

```js
socket.on("connect", () => {});
socket.on("connect_error", () => {});

// instead of
socket.on("error", () => {});
```
 2020-10-25 22:57:26 +01:00
Aleksey Druzhinin
e3d272f542 docs: fix small typo (#98) 2020-10-21 23:28:36 +02:00
Damien Arrachequesne
64b6648236 chore(release): 4.0.1-rc2 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.1-rc1...4.0.1-rc2
 2020-10-15 10:24:47 +02:00
Damien Arrachequesne
58b3d09f1c chore: protocol version 5 
There are two differences with the 4th version:

- a CONNECT packet can now contain a payload (for authentication purposes)
- the underlying Engine.IO protocol has been updated

Reference: https://github.com/socketio/engine.io-protocol#difference-between-v3-and-v4
 2020-10-15 01:51:51 +02:00
Damien Arrachequesne
285e7cd0d8 feat: move binary detection back to the parser 
The binary detection was moved from the parser to the client/server in
[1], in order to allow the user to skip the binary detection for huge
JSON payloads.

```js
socket.binary(false).emit(...);
```

The binary detection is needed in the default parser, because the
payload is encoded with JSON.stringify(), which does not support binary
content (ArrayBuffer, Blob, ...).

But other parsers (like [2] or [3]) do not need this check, so we'll
move the binary detection back here and remove the socket.binary()
method, as this use case is now covered by the ability to provide your
own parser.

Note: the hasBinary method was copied from [4].

[1]: f44256c523
[2]: https://github.com/darrachequesne/socket.io-msgpack-parser
[3]: https://github.com/darrachequesne/socket.io-json-parser
[4]: https://github.com/darrachequesne/has-binary
 2020-10-15 01:46:47 +02:00
Damien Arrachequesne
7fc3c42234 chore(release): 4.0.1-rc1 
Diff: https://github.com/socketio/socket.io-parser/compare/4.0.0...4.0.1-rc1
 2020-10-12 15:21:44 +02:00
Damien Arrachequesne
78f9fc2999 feat: add support for a payload in a CONNECT packet 2020-10-08 02:00:09 +02:00
Damien Arrachequesne
9eb8561cbc refactor: use require for debug dependency 
So that the lines can be properly excluded by the webpack-remove-debug
loader ([1]).

[1] https://github.com/johngodley/webpack-remove-debug
 2020-10-06 01:17:31 +02:00
Damien Arrachequesne
091d25edf1 chore: add dist 2020-10-06 01:15:30 +02:00
Damien Arrachequesne
ccadd5a462 docs(changelog): include changelog for release 3.3.1 
Merged from the 3.3.x branch.
 2020-09-30 02:45:53 +02:00
Damien Arrachequesne
c04d7f5c47 chore(release): 4.0.0 
This release will be included in Socket.IO v3.

Diff: https://github.com/socketio/socket.io-parser/compare/3.4.1...4.0.0
 2020-09-28 14:55:19 +02:00
Damien Arrachequesne
9e601c6940 refactor: export Packet interface and refactor imports 2020-09-28 14:37:47 +02:00
Damien Arrachequesne
cfdc4794f6 refactor: use prettier to format test code 2020-09-24 12:02:19 +02:00
Damien Arrachequesne
28d4f0309b refactor: do not convert Blobs 
This was needed in a previous version of the parser, which used msgpack
to encode the payload.

Blobs (and Files) will now be included in the array of binary
attachments without any additional transformation.

Breaking change: the encode method is now synchronous

See also 299849b002
 2020-09-24 11:48:25 +02:00
Damien Arrachequesne
fe33ff7c87 test: actually test the parser 
The assertions were not checked, because the functions are asynchronous.

Besides, the Blob tests were throwing in the browser:

> Uncaught ReferenceError: can't access lexical declaration 'BlobBuilder' before initialization
 2020-09-24 11:48:24 +02:00
dependabot[bot]
00e73598a0 chore: bump elliptic from 6.5.2 to 6.5.3 (#96) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-23 00:57:41 +02:00
Damien Arrachequesne
dd7cd60ba2 refactor: convert all tests to ES6 syntax 2020-09-23 00:28:54 +02:00