Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Analyze @rocketsoftware/express-ws 5.0.0 #1012

Open
balhar-jakub opened this issue Mar 6, 2024 · 2 comments
Open

Analyze @rocketsoftware/express-ws 5.0.0 #1012

balhar-jakub opened this issue Mar 6, 2024 · 2 comments
Assignees
@1000TurquoisePogs
Labels
chore

Comments

@balhar-jakub
Copy link
Member

No description provided.

@1000TurquoisePogs
Copy link
Member

This is a fork of express-ws because it had a CVE which was in a dependency.
So we forked it to update the dependency ourselves.
Since then, there have been 2 more releases of express-ws and it's now slightly newer than our fork.
Yet, it's still a relatively unmaintained library, because it points to an outdated ws ( #1003 )

The best thing to do would be to fork the express-ws library again, but this time to bring it up to ws v8.

@1000TurquoisePogs
Copy link
Member

I looked into this more and our fork diverged a little other than simple library differences, so it's a good idea to keep the fork.
But, we'll just bring its dependencies up to date.

@1000TurquoisePogs 1000TurquoisePogs self-assigned this Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@1000TurquoisePogs 1000TurquoisePogs

Labels
chore
Projects
WebUI planning board
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@balhar-jakub @1000TurquoisePogs