Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump socket.io-parser and networked-aframe #11

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump socket.io-parser and networked-aframe #11

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Oct 29, 2022

Bumps socket.io-parser to 3.4.1 and updates ancestor dependency networked-aframe. These dependencies need to be updated together.

Updates socket.io-parser from 2.3.1 to 3.4.1

Release notes

Sourced from socket.io-parser's releases.

3.4.1

Bug Fixes

  • prevent DoS (OOM) via massive packets (#95) (dcb942d)

Links

3.4.0

This release mostly contains a bump of the debug package.

Links

3.3.2

Bug Fixes

  • prevent DoS (OOM) via massive packets (#95) (89197a0)

Links

3.3.1

Links

3.3.0

Bug Fixes

  • remove any reference to the global variable (b47efb2)

Links

3.2.0

Bug fixes

  • properly detect typed arrays (#85)
  • properly handle JSON.stringify errors (#84)

Note

... (truncated)

Changelog

Sourced from socket.io-parser's changelog.

3.4.1 (2020-05-13)

Bug Fixes

  • prevent DoS (OOM) via massive packets (#95) (dcb942d)
Commits
  • a8130ce chore: release 3.4.1
  • dcb942d fix: prevent DoS (OOM) via massive packets (#95)
  • a5d0435 test: transpile to es5 with babelify
  • 652402a [chore] Release 3.4.0
  • 9b3572e [chore] Bump debug to version 4.1.0 (#92)
  • de1fd36 [docs] Fix incorrect socket.io-protocol version in Readme (#89)
  • 0de72b9 [chore] Release 3.3.0
  • b47efb2 [fix] Remove any reference to the global variable
  • d95e38f [chore] Update the Makefile
  • b57e063 [test] Update travis configuration
  • Additional commits viewable in compare view

Updates networked-aframe from 0.6.1 to 0.10.1

Release notes

Sourced from networked-aframe's releases.

0.10.1

Networked-Aframe is a framework for creating multi-user VR experiences on the Web.

Getting started guide.

Changes in 0.10.1:

  • Don't include Tours-Enthusiast.mp3 7MB in npm release
  • Update all examples to use the environment component, reformat and remove some tags #345. All examples now use the schema hack as a workaround for the unresolved issue #267
  • Update socket.io to 2.5.0 to fix engine.io vulnerability and update open-easyrtc from 2.0.13 to 2.0.14. Double check you really use those versions in your project, you should have "networked-aframe": "^0.10.0" in your package.json but you may need to remove package-lock.json and node_modules to get the updates, please read the PR description #351

Maintenance in this repository:

  • Update tests stack versions to fix peer dependencies errors with latest npm version #344
  • With npm run dev, fix webpack-dev-server not serving the bundle in-memory when examples/dist exists; build only in npm install and not in npm start; use a simplified package.json when deploying the example on glitch to avoid a build stage and installing test packages there #348

0.10.0

Networked-Aframe is a framework for creating multi-user VR experiences on the Web.

Getting started guide.

Changes in 0.10.0:

  • Handle update of positional param in networked-audio-source and refactor the component for other use cases, see PR for details (be careful if you called private _setupSound API in your project, you will need to modify your code) #245
  • Add documentation about requiresNetworkUpdate and add NAF.utils.vectorRequiresUpdate #329
  • Add compatibility with threejs r141 #343
  • Add a persistent sphere example #238
  • Add a spawned persistent spheres (peer to peer) example #327

0.9.1

Networked-Aframe is a framework for creating multi-user VR experiences on the Web.

Getting started guide.

Changes in 0.9.1:

  • Fix regression in easyrtc adapter where media streams weren't properly removed, meaning for example Chrome avatar wasn't removed right away when the participant disconnected #321
  • Update examples to use socketio client 2.4.0 #317
  • If you use glitch you may want to define engines to use node 16 otherwise glitch fallbacks to node 10, see #318 for more details

0.8.3

Networked-Aframe is a framework for creating multi-user VR experiences on the Web.

Getting started guide.

Changes in 0.8.3:

  • properly cleanup audio element in networked-audio-source remove #288

0.8.2

Networked-Aframe is a framework for creating multi-user VR experiences on the Web.

Getting started guide.

Changes in 0.8.2:

... (truncated)

Changelog

Sourced from networked-aframe's changelog.

Networked-Aframe Release Notes

0.8.2

  • Republish 0.8.1 as 0.8.2 with the correct version in the js files.

0.8.1

  • Fix an issue with easyrtc adapter enableMicrophone and enableCamera API not working properly.
  • Fix condition in socketio-server.js to remove the room if everybody left.

0.8.0

  • Add back wseasyrtc/easyrtc adapters and switch from easyrtc to open-easyrtc library. The wseasyrtc is again the default adapter.
  • Keep the socketio/webrtc adapters introduced in 0.7.0 but mark them as work in progress. The webrtc adapter wasn't tested in production condition and we had several reports of issues with it. You may continue to use the simple socketio adapter (without dependency on open-easyrtc) but be aware it may lack some keepalive mechanism if you host the node process behind nginx for example. We advice to use again wseasyrtc if you want an adapter without audio because it contains a keepalive mechanism by sending a stillAlive message every 20s by default. See issue #243 for more details.
  • Add support for sharing camera in the easyrtc adapter and add a basic-video example to share the camera without audio. The example uses a new networked-video-source component similar to networked-audio-source. You can use networked-video-source with any adapter supporting the getMediaStream(clientId, type="video") API (currently easyrtc and janus adapters).
  • Fix the shooter example where the bullets weren't visible to the person shooting the bullets. See issue #213 to know why.
  • Remove all browserify dependencies and now only use webpack in the repo. You may be impacted if you use the repo directly instead of following the getting started tutorial. See [PR #259](networked-aframe/networked-aframe#259) to know what needs to be changed.
  • Add note about using a specific networked-aframe version for production in the getting started tutorial.
  • Prevent invalid positions from freezing remote clients, see [Mozilla #43](MozillaReality/networked-aframe#43)

0.7.1

  • Fix some issues in the new socketio/webrtc adapters.

0.7.0

  • Remove wseasyrtc/easyrtc adapters and add new socketio/webrtc adapters. The socketio is the new default adapter.
Commits
Maintainer changes

This version was pushed to npm by vincentfretin, a new releaser for networked-aframe since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump socket.io-parser and networked-aframe
ccd70b7 
Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 3.4.1 and updates ancestor dependency [networked-aframe](https://github.com/networked-aframe/networked-aframe). These dependencies need to be updated together.


Updates `socket.io-parser` from 2.3.1 to 3.4.1
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io-parser@2.3.1...3.4.1)

Updates `networked-aframe` from 0.6.1 to 0.10.1
- [Release notes](https://github.com/networked-aframe/networked-aframe/releases)
- [Changelog](https://github.com/networked-aframe/networked-aframe/blob/master/docs/RELEASE_NOTES.md)
- [Commits](https://github.com/networked-aframe/networked-aframe/commits/0.10.1)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
- dependency-name: networked-aframe
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants