engine.io
Advanced tools
Comparing version 0.7.7 to 0.7.8
0.7.8 / 2013-08-30 | ||
================== | ||
* package: bump `engine.io-client` | ||
* package: bump ws | ||
0.7.7 / 2013-08-30 | ||
@@ -3,0 +9,0 @@ ================== |
{ | ||
"name": "engine.io" | ||
, "version": "0.7.7" | ||
, "version": "0.7.8" | ||
, "description": "The realtime engine behind Socket.IO. Provides the foundation of a bidirectional connection between client and server" | ||
@@ -19,3 +19,3 @@ , "main": "./lib/engine.io" | ||
"debug": "0.6.0" | ||
, "ws": "0.4.25" | ||
, "ws": "https://github.com/TooTallNate/ws/archive/0cb9fe7a21a7a7c200f68b57916d1d62b66082a1.tar.gz" | ||
, "engine.io-parser": "0.3.0" | ||
@@ -28,3 +28,3 @@ , "base64id": "0.1.0" | ||
, "superagent": "*" | ||
, "engine.io-client": "0.7.7" | ||
, "engine.io-client": "0.7.8" | ||
, "s": "*" | ||
@@ -31,0 +31,0 @@ } |
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
121598
1
4
- Removedcommander@0.6.1(transitive)
- Removedoptions@0.0.6(transitive)
- Removedtinycolor@0.0.1(transitive)
- Removedws@0.4.25(transitive)
Updatedws@https://github.com/TooTallNate/ws/archive/0cb9fe7a21a7a7c200f68b57916d1d62b66082a1.tar.gz