sockjs-client - npm Package Compare versions

Comparing version 1.5.2 to 1.6.0

Changelog.md

@@ -0,1 +1,29 @@
+1.6.0
+==
+Fixes
+ * Remove `agent: false` to allow usage of `globalAgent`. Fixes #421
+
+dependencies
+ * Update `url-parse` due to CVE-2022-0686, CVE-2022-0639, and CVE-2022-0512. Fixes #576
+ * Remove `json3` dependency. Fixes #476
+ * Update `eventsource` to `1.1.0`
+ * Update `faye-websocket` to `0.11.4`
+ * Update `debug` to `3.2.7`
+
+devDependencies
+ * Update `follow-redirects` (devDep) due to CVE-2022-0536 and CVE-2022-0155
+ * Update `karma` (devDep) due to CVE-2022-0437
+ * Update `cached-path-relative` (devDep) due to CVE-2021-23518
+ * Update `fsevents` (devDep) to fix:
+   * `ini` CVE-2020-7788
+   * `minimist` CVE-2020-7598
+   * `tar` CVE-2021-37713, CVE-2021-37701, CVE-2021-32804, CVE-2021-32803
+ * Update `copy-props` (devDep) due to CVE-2020-28503
+ * Update `eslint`, `mocha`, `gulp-replace`, `karma-browserify`, `gulp-sourcemaps`, and `browserify`
+
+Other Changes
+ * Remove bower
+ * Remove Travis CI
+ * Require Node.js 12
+
 1.5.2
@@ -2,0 +30,0 @@ ==

lib/facade.js

 'use strict';
 
-var JSON3 = require('json3')
-  , iframeUtils = require('./utils/iframe')
+var iframeUtils = require('./utils/iframe')
   ;
@@ -14,3 +13,3 @@
 FacadeJS.prototype._transportClose = function(code, reason) {
-  iframeUtils.postMessage('c', JSON3.stringify([code, reason]));
+  iframeUtils.postMessage('c', JSON.stringify([code, reason]));
 };
@@ -17,0 +16,0 @@ FacadeJS.prototype._transportMessage = function(frame) {

lib/iframe-bootstrap.js

@@ -5,3 +5,2 @@ 'use strict';
   , eventUtils = require('./utils/event')
-  , JSON3 = require('json3')
   , FacadeJS = require('./facade')
@@ -49,3 +48,3 @@ , InfoIframeReceiver = require('./info-iframe-receiver')
       try {
-        iframeMessage = JSON3.parse(e.data);
+        iframeMessage = JSON.parse(e.data);
       } catch (ignored) {
@@ -63,3 +62,3 @@ debug('bad json', e.data);
         try {
-          p = JSON3.parse(iframeMessage.data);
+          p = JSON.parse(iframeMessage.data);
         } catch (ignored) {
@@ -66,0 +65,0 @@ debug('bad json', iframeMessage.data);

lib/info-ajax.js

@@ -5,3 +5,2 @@ 'use strict';
   , inherits = require('inherits')
-  , JSON3 = require('json3')
   , objectUtils = require('./utils/object')
@@ -28,3 +27,3 @@ ;
         try {
-          info = JSON3.parse(text);
+          info = JSON.parse(text);
         } catch (e) {
@@ -31,0 +30,0 @@ debug('bad json', text);

lib/info-iframe-receiver.js

@@ -5,3 +5,2 @@ 'use strict';
   , EventEmitter = require('events').EventEmitter
-  , JSON3 = require('json3')
   , XHRLocalObject = require('./transport/sender/xhr-local')
@@ -18,3 +17,3 @@ , InfoAjax = require('./info-ajax')
     self.ir = null;
-    self.emit('message', JSON3.stringify([info, rtt]));
+    self.emit('message', JSON.stringify([info, rtt]));
   });
@@ -21,0 +20,0 @@ }

lib/info-iframe.js

@@ -5,3 +5,2 @@ 'use strict';
   , inherits = require('inherits')
-  , JSON3 = require('json3')
   , utils = require('./utils/event')
@@ -28,3 +27,3 @@ , IframeTransport = require('./transport/iframe')
         try {
-          d = JSON3.parse(msg);
+          d = JSON.parse(msg);
         } catch (e) {
@@ -31,0 +30,0 @@ debug('bad json', msg);

lib/main.js

@@ -7,3 +7,2 @@ 'use strict';
   , inherits = require('inherits')
-  , JSON3 = require('json3')
   , random = require('./utils/random')
@@ -267,3 +266,3 @@ , escape = require('./utils/escape')
     try {
-      payload = JSON3.parse(content);
+      payload = JSON.parse(content);
     } catch (e) {
@@ -270,0 +269,0 @@ debug('bad json', content);

lib/transport/driver/xhr.js

@@ -27,3 +27,2 @@ 'use strict';
   , headers: opts && opts.headers
-  , agent: false
   };
@@ -30,0 +29,0 @@

lib/transport/iframe.js

@@ -12,3 +12,2 @@ 'use strict';
 var inherits = require('inherits')
-  , JSON3 = require('json3')
   , EventEmitter = require('events').EventEmitter
@@ -82,3 +81,3 @@ , version = require('../version')
   try {
-    iframeMessage = JSON3.parse(e.data);
+    iframeMessage = JSON.parse(e.data);
   } catch (ignored) {
@@ -98,3 +97,3 @@ debug('bad json', e.data);
     // window global dependency
-    this.postMessage('s', JSON3.stringify([
+    this.postMessage('s', JSON.stringify([
       version
@@ -112,3 +111,3 @@ , this.transport
     try {
-      cdata = JSON3.parse(iframeMessage.data);
+      cdata = JSON.parse(iframeMessage.data);
     } catch (ignored) {
@@ -126,3 +125,3 @@ debug('bad json', iframeMessage.data);
   debug('postMessage', type, data);
-  this.iframeObj.post(JSON3.stringify({
+  this.iframeObj.post(JSON.stringify({
     windowId: this.windowId
@@ -129,0 +128,0 @@ , type: type

lib/utils/escape.js

 'use strict';
 
-var JSON3 = require('json3');
-
 // Some extra characters that Chrome gets wrong, and substitutes with
@@ -34,3 +32,3 @@ // something else on the wire.
   quote: function(string) {
-    var quoted = JSON3.stringify(string);
+    var quoted = JSON.stringify(string);
 
@@ -37,0 +35,0 @@ // In most cases this should be very fast and good enough.

lib/utils/iframe.js

 'use strict';
 
 var eventUtils = require('./event')
-  , JSON3 = require('json3')
   , browser = require('./browser')
@@ -25,3 +24,3 @@ ;
     if (global.parent !== global) {
-      global.parent.postMessage(JSON3.stringify({
+      global.parent.postMessage(JSON.stringify({
         windowId: module.exports.currentWindowId
@@ -28,0 +27,0 @@ , type: type

lib/version.js

@@ -1,1 +0,1 @@
-module.exports = '1.5.2';
+module.exports = '1.6.0';

package.json

 {
   "name": "sockjs-client",
   "description": "SockJS-client is a browser JavaScript library that provides a WebSocket-like object.",
-  "version": "1.5.2",
+  "version": "1.6.0",
   "author": "Bryce Kahle",
   "jsdelivr": "dist/sockjs.min.js",
+  "engines": {
+    "node": ">=12"
+  },
+  "funding": "https://tidelift.com/funding/github/npm/sockjs-client",
   "browser": {
@@ -28,13 +32,12 @@ "./lib/transport/driver/websocket.js": "./lib/transport/browser/websocket.js",
   "dependencies": {
-    "debug": "^3.2.6",
-    "eventsource": "^1.0.7",
-    "faye-websocket": "^0.11.3",
+    "debug": "^3.2.7",
+    "eventsource": "^1.1.0",
+    "faye-websocket": "^0.11.4",
     "inherits": "^2.0.4",
-    "json3": "^3.3.3",
-    "url-parse": "^1.5.3"
+    "url-parse": "^1.5.10"
   },
   "devDependencies": {
-    "browserify": "^16.5.1",
+    "browserify": "^17.0.0",
     "envify": "^4.0.0",
-    "eslint": "^7.6.0",
+    "eslint": "^8.10.0",
     "expect.js": "~0.3.1",
@@ -44,15 +47,15 @@ "gulp": "^4.0.2",
     "gulp-rename": "^2.0.0",
-    "gulp-replace": "^1.0.0",
-    "gulp-sourcemaps": "^2.6.5",
+    "gulp-replace": "^1.1.3",
+    "gulp-sourcemaps": "^3.0.0",
     "gulp-uglify": "^3.0.2",
-    "karma": "^5.1.1",
-    "karma-browserify": "^7.0.0",
+    "karma": "^6.3.16",
+    "karma-browserify": "^8.1.0",
     "karma-browserstack-launcher": "^1.6.0",
     "karma-chrome-launcher": "^3.1.0",
     "karma-mocha": "^2.0.1",
-    "mocha": "^8.1.0",
+    "mocha": "^9.2.1",
     "proxyquire": "^2.1.3",
     "pump": "^3.0.0",
-    "serve-static": "^1.14.1",
-    "sockjs": "^0.3.21",
+    "serve-static": "^1.14.2",
+    "sockjs": "^0.3.24",
     "vinyl-buffer": "~1.0.0",
@@ -59,0 +62,0 @@ "vinyl-source-stream": "^2.0.0"

README.md

 
 # SockJS-client
 
-[![npm version](https://img.shields.io/npm/v/sockjs-client.svg?style=flat-square)](https://www.npmjs.com/package/sockjs-client)[![Build Status](https://img.shields.io/travis/sockjs/sockjs-client/main.svg?style=flat-square)](https://travis-ci.org/sockjs/sockjs-client)[![Dependencies](https://img.shields.io/librariesio/release/npm/sockjs-client.svg?style=flat-square)](https://libraries.io/npm/sockjs-client)[![Chat](https://img.shields.io/badge/Chat-gitter.im-blue.svg?style=flat-square)](https://gitter.im/sockjs/sockjs-client)[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg?style=flat-square)](CODE_OF_CONDUCT.md)
+[![npm version](https://img.shields.io/npm/v/sockjs-client.svg?style=flat-square)](https://www.npmjs.com/package/sockjs-client)[![Dependencies](https://img.shields.io/librariesio/release/npm/sockjs-client.svg?style=flat-square)](https://libraries.io/npm/sockjs-client)[![Chat](https://img.shields.io/badge/Chat-gitter.im-blue.svg?style=flat-square)](https://gitter.im/sockjs/sockjs-client)[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg?style=flat-square)](CODE_OF_CONDUCT.md)
 [![BrowserStack Status](https://automate.browserstack.com/badge.svg?badge_key=N3V0cStKM3RtUy9Bb2l2cHFhMVdobTZnUitBZ1lLcUkwYnl2TWgyMHppQT0tLWxncU5UeTdLb0Rqc1VQQTI5SklRelE9PQ==--596ccf9d3cd2f462f1043ee6803a9405e00446ac)](https://automate.browserstack.com/public-build/N3V0cStKM3RtUy9Bb2l2cHFhMVdobTZnUitBZ1lLcUkwYnl2TWgyMHppQT0tLWxncU5UeTdLb0Rqc1VQQTI5SklRelE9PQ==--596ccf9d3cd2f462f1043ee6803a9405e00446ac)
@@ -6,0 +6,0 @@

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Dependency count

5

decreased by-16.67%

Worsened metrics

Total package byte prevSize

698827

decreased by-17.54%

Number of package files

66

decreased by-1.49%

Lines of code

7649

decreased by-10.48%

Number of low supply chain risk alerts

92

increased by91.67%

Dependency changes

• - Removedjson3@^3.3.3

• - Removedjson3@3.3.3(transitive)

• Updateddebug@^3.2.7

• Updatedeventsource@^1.1.0

• Updatedfaye-websocket@^0.11.4

• Updatedurl-parse@^1.5.10