Skip to content

Releases: socketio/socket.io

[email protected]

20 May 09:35
@darrachequesne darrachequesne
[email protected]
4faff49
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

The ws dependency was bumped to ~8.20.1 following CVE-2026-45736.

Note from the ws maintainers:

Although the calculated CVSS severity is medium, the actual severity is believed to be low, as the flaw is only exploitable through misuse that is unlikely in practice.

Bug Fixes

  • do not skip local broadcast when publishAndReturnOffset throws (#5457) (f630158)
Loading

[email protected]

20 May 09:33
@darrachequesne darrachequesne
[email protected]
ffe51e2
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

The ws dependency was bumped to ~8.20.1 following CVE-2026-45736.

Note from the ws maintainers:

Although the calculated CVSS severity is medium, the actual severity is believed to be low, as the flaw is only exploitable through misuse that is unlikely in practice.

Bug Fixes

  • clean up resources upon WebTransport handshake failure (f86b95f)

Dependencies

Loading

[email protected]

20 May 09:34
@darrachequesne darrachequesne
[email protected]
8413bce
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

The ws dependency was bumped to ~8.20.1 following CVE-2026-45736.

Note from the ws maintainers:

Although the calculated CVSS severity is medium, the actual severity is believed to be low, as the flaw is only exploitable through misuse that is unlikely in practice.

Dependencies

Loading

[email protected]

27 Apr 09:24
@darrachequesne darrachequesne
[email protected]
439a8f6
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

Bug Fixes

  • close HTTP requests with invalid content type (fc11285)
  • handle invalid packets when upgrading to WebTransport (1fa1f46)
  • prevent WebTransport connections when a middleware is registered (d1f5aa9)

Dependencies

Loading

[email protected]

17 Mar 14:03
@darrachequesne darrachequesne
[email protected]
522edcd
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

This release includes a fix for CVE-2026-33151. Please upgrade as soon as possible.

Bug Fixes

  • add a limit to the number of binary attachments (b25738c)
Loading

[email protected]

18 Mar 08:21
@darrachequesne darrachequesne
[email protected]
082b683
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

This release includes a fix for CVE-2026-33151. Please upgrade as soon as possible.

Bug Fixes

  • add a limit to the number of binary attachments (719f9eb)
Loading

[email protected]

18 Mar 08:19
@darrachequesne darrachequesne
[email protected]
17bc1d6
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

This release includes a fix for CVE-2026-33151. Please upgrade as soon as possible.

Bug Fixes

  • add a limit to the number of binary attachments (9d39f1f)
Loading

[email protected]

10 Mar 10:01
@darrachequesne darrachequesne
[email protected]
84c2fb7
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

Bug Fixes

  • add @types/ws as dependency (#5458) (07cbe15)
  • uws: emit initial_headers and headers events in uServer (#5460) (44ed73f)

Dependencies

Loading

[email protected]

18 Mar 08:25
@darrachequesne darrachequesne
[email protected]
9978574
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected] Latest
Latest

Bug Fixes

  • do not throw when calling io.close() on a stopped server (9581f9b)

Dependencies

Assets 2
Loading

[email protected]

23 Dec 12:33
@darrachequesne darrachequesne
[email protected]
ee9aac3
This commit was signed with the committer’s verified signature. The key has expired.
darrachequesne Damien Arrachequesne
GPG key ID: 544D14663E7F7CF0
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
[email protected]

This release contains a bump of debug from ~4.3.1 to ~4.4.1.

Loading