chore(deps): bump debug, socket.io and socket.io-client

[dependabot]

Bumps debug to 2.6.9 and updates ancestor dependencies debug, socket.io and socket.io-client. These dependencies need to be updated together.

Updates debug from 2.2.0 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

• Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​zhuangya for their help!

release 2.6.7

No release notes provided.

release 2.6.6

No release notes provided.

release 2.6.5

No release notes provided.

release 2.6.4

No release notes provided.

release 2.6.3

No release notes provided.

release 2.6.2

No release notes provided.

release 2.6.1

No release notes provided.

release 2.6.0

No release notes provided.

release 2.5.2

No release notes provided.

release 2.5.1

No release notes provided.

release 2.4.5

No release notes provided.

release 2.4.4

No release notes provided.

release 2.4.3

No release notes provided.

release 2.4.2

No release notes provided.

... (truncated)

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

• remove ReDoS regexp in %o formatter (#504)

2.6.8 / 2017-05-18

• Fix: Check for undefined on browser globals (#462, @​marbemac)

2.6.7 / 2017-05-16

• Fix: Update ms to 2.0.0 to fix regular expression denial of service vulnerability (#458, @​hubdotcom)
• Fix: Inline extend function in node implementation (#452, @​dougwilson)
• Docs: Fix typo (#455, @​msasad)

2.6.5 / 2017-04-27

• Fix: null reference check on window.documentElement.style.WebkitAppearance (#447, @​thebigredgeek)
• Misc: clean up browser reference checks (#447, @​thebigredgeek)
• Misc: add npm-debug.log to .gitignore (@​thebigredgeek)

2.6.4 / 2017-04-20

• Fix: bug that would occure if process.env.DEBUG is a non-string value. (#444, @​LucianBuzzo)
• Chore: ignore bower.json in npm installations. (#437, @​joaovieira)
• Misc: update "ms" to v0.7.3 (@​tootallnate)

2.6.3 / 2017-03-13

• Fix: Electron reference to process.env.DEBUG (#431, @​paulcbetts)
• Docs: Changelog fix (@​thebigredgeek)

2.6.2 / 2017-03-10

• Fix: DEBUG_MAX_ARRAY_LENGTH (#420, @​slavaGanzin)
• Docs: Add backers and sponsors from Open Collective (#422, @​piamancini)
• Docs: Add Slackin invite badge (@​tootallnate)

2.6.1 / 2017-02-10

• Fix: Module's export default syntax fix for IE8 Expected identifier error
• Fix: Whitelist DEBUG_FD for values 1 and 2 only (#415, @​pi0)

... (truncated)

Commits

• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (#504)
• 52e1f21 Release 2.6.8
• 2482e08 Check for undefined on browser globals (#462)
• 6bb07f7 release 2.6.7
• 15850cb Fix Regular Expression Denial of Service (ReDoS)
• 4a6c85c update "debug" to v1.0.0 (#454)
• b68dbf8 Fix typo (#455)
• 1351d2f Inline extend function in node implementation (#452)
• c211947 update version for component
• Additional commits viewable in compare view

Updates socket.io from 1.7.4 to 4.6.1

Release notes

Sourced from socket.io's releases.

4.6.1

Bug Fixes

• properly handle manually created dynamic namespaces (0d0a7a2)
• types: fix nodenext module resolution compatibility (#4625) (d0b22c6)

Links

• Diff: socketio/socket.io@4.6.0...4.6.1
• Client release: 4.6.1
• engine.io@~6.4.1 (diff)
• ws@~8.11.0 (no change)

4.6.0

Bug Fixes

• add timeout method to remote socket (#4558) (0c0eb00)
• typings: properly type emits with timeout (f3ada7d)

Features

Promise-based acknowledgements

This commit adds some syntactic sugar around acknowledgements:

• emitWithAck()

try {
  const responses = await io.timeout(1000).emitWithAck("some-event");
  console.log(responses); // one response per client
} catch (e) {
  // some clients did not acknowledge the event in the given delay
}
io.on("connection", async (socket) => {
// without timeout
const response = await socket.emitWithAck("hello", "world");
// with a specific timeout
try {
const response = await socket.timeout(1000).emitWithAck("hello", "world");
} catch (err) {
// the client did not acknowledge the event in the given delay
}
});

• serverSideEmitWithAck()

... (truncated)

Changelog

Sourced from socket.io's changelog.

4.6.1 (2023-02-20)

Bug Fixes

• properly handle manually created dynamic namespaces (0d0a7a2)
• types: fix nodenext module resolution compatibility (#4625) (d0b22c6)

Dependencies

• engine.io@~6.4.0 (no change)
• ws@~8.11.0 (no change)

4.6.0 (2023-02-07)

Bug Fixes

• add timeout method to remote socket (#4558) (0c0eb00)
• typings: properly type emits with timeout (f3ada7d)

Features

Promise-based acknowledgements

This commit adds some syntactic sugar around acknowledgements:

• emitWithAck()

try {
  const responses = await io.timeout(1000).emitWithAck("some-event");
  console.log(responses); // one response per client
} catch (e) {
  // some clients did not acknowledge the event in the given delay
}
io.on("connection", async (socket) => {
// without timeout
const response = await socket.emitWithAck("hello", "world");
// with a specific timeout
try {
const response = await socket.timeout(1000).emitWithAck("hello", "world");
} catch (err) {
// the client did not acknowledge the event in the given delay
</tr></table>

... (truncated)

Commits

• 7952312 chore(release): 4.6.1
• 0d0a7a2 fix: properly handle manually created dynamic namespaces
• 2a8565f refactor: catch errors when trying to restore the connection state
• d0b22c6 fix(types): fix nodenext module resolution compatibility (#4625)
• e71f3d7 docs: minor style fix (#4619)
• a2e5d1f chore(release): 4.6.0
• d8143cc refactor: do not persist session if connection state recovery if disabled
• b2dd7cf chore: bump engine.io to version 6.4.0
• 3734b74 revert: feat: expose current offset to allow deduplication
• 8aa9499 feat: add description to the disconnecting and disconnect events (#4622)
• Additional commits viewable in compare view

Updates socket.io-client from 1.7.4 to 4.6.1

Release notes

Sourced from socket.io-client's releases.

4.6.1

Bug Fixes

• do not drain the queue while the socket is offline (4996f9e)
• prevent duplicate connections when multiplexing (46213a6)

Links

• Diff: socketio/socket.io-client@4.6.0...4.6.1
• Server release: 4.6.1
• engine.io-client version: ~6.4.0 (no change)
• ws version: ~8.11.0 (no change)

4.6.0

Bug Fixes

• typings: do not expose browser-specific types (4d6d95e)
• ensure manager.socket() returns an active socket (b7dd891)
• typings: properly type emits with timeout (#1570) (33e4172)

Features

A new "addTrailingSlash" option

The trailing slash which was added by default can now be disabled:

import { io } from "socket.io-client";
const socket = io("https://example.com", {
addTrailingSlash: false
});

In the example above, the request URL will be https://example.com/socket.io instead of https://example.com/socket.io/.

Added in 21a6e12.

Promise-based acknowledgements

This commit adds some syntactic sugar around acknowledgements:

// without timeout
const response = await socket.emitWithAck("hello", "world");
// with a specific timeout
try {
const response = await socket.timeout(1000).emitWithAck("hello", "world");
</tr></table>

... (truncated)

Changelog

Sourced from socket.io-client's changelog.

4.6.1 (2023-02-20)

Bug Fixes

• do not drain the queue while the socket is offline (4996f9e)
• prevent duplicate connections when multiplexing (46213a6)

Dependencies

• engine.io-client@~6.4.0 (no change)
• ws@~8.11.0 (no change)

4.6.0 (2023-02-07)

Bug Fixes

• typings: do not expose browser-specific types (4d6d95e)
• ensure manager.socket() returns an active socket (b7dd891)
• typings: properly type emits with timeout (#1570) (33e4172)

Features

A new "addTrailingSlash" option

The trailing slash which was added by default can now be disabled:

import { io } from "socket.io-client";
const socket = io("https://example.com", {
addTrailingSlash: false
});

In the example above, the request URL will be https://example.com/socket.io instead of https://example.com/socket.io/.

Added in 21a6e12.

Promise-based acknowledgements

This commit adds some syntactic sugar around acknowledgements:

// without timeout
</tr></table> 

... (truncated)

Commits

• 89175d0 chore(release): 4.6.1
• 121fd7c refactor: do not reuse the same packet ID for retries
• 46213a6 fix: prevent duplicate connections when multiplexing
• 4996f9e fix: do not drain the queue while the socket is offline
• 5980918 chore(release): 4.6.0
• dff34a3 chore: bump engine.io-client to version 6.4.0
• 4d6d95e fix(typings): do not expose browser-specific types
• c54e09d test: add more tests for the retry mechanism
• 0110e46 chore: bump engine.io-client to version 6.3.1
• 5ba0d49 refactor: minor edit
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.