You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In a recent git push, both GitHub and npm said there was an issue with express-status-monitor coming out of a vulnerability in socket.io-parser, as shown below.
When I ran npm audit fix, npm updated the socket.io-parser version to 4.0.5. This fixed the previous issue, but when running my app again, I noticed that the express-status-monitor page didn't work.
So I tried uninstalling the package and installing it again, and it works, but then it brings back the vulnerable version of socket.io-parser.
This might be a better question for the socket.io team, but is there a change from version 3.4.x to version 4.0.5 that makes express-status-monitor not work?
The text was updated successfully, but these errors were encountered:
In a recent git push, both GitHub and npm said there was an issue with express-status-monitor coming out of a vulnerability in socket.io-parser, as shown below.
When I ran
npm audit fix, npm updated the socket.io-parser version to 4.0.5. This fixed the previous issue, but when running my app again, I noticed that the express-status-monitor page didn't work.So I tried uninstalling the package and installing it again, and it works, but then it brings back the vulnerable version of socket.io-parser.
This might be a better question for the socket.io team, but is there a change from version 3.4.x to version 4.0.5 that makes express-status-monitor not work?
The text was updated successfully, but these errors were encountered: