Bump the npm_and_yarn group across 2 directories with 12 updates

[dependabot]

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package	From	To
ejs	3.1.7	3.1.10
express	4.18.1	4.19.2
passport	0.4.1	0.6.0
ajv	5.5.2	6.12.6
eslint	4.19.1	9.1.1
engine.io	6.2.1	6.5.4
socket.io	4.5.0	4.7.5

Bumps the npm_and_yarn group with 9 updates in the /dana-bot directory:

Package	From	To
ejs	3.1.7	3.1.10
express	4.17.3	4.19.2
passport	0.2.2	0.6.0
ajv	5.5.2	6.12.6
eslint	4.19.1	9.1.1
engine.io	6.2.1	6.5.4
socket.io	4.5.3	4.7.5
node-forge	0.10.0	1.3.1
google-p12-pem	3.1.0	3.1.4

Updates ejs from 3.1.7 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Updates express from 4.18.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates passport from 0.4.1 to 0.6.0

Changelog

Sourced from passport's changelog.

[0.6.0] - 2022-05-20

Added

• authenticate(), req#login, and req#logout accept a keepSessionInfo: true option to keep session information after regenerating the session.

Changed

• req#login() and req#logout() regenerate the the session and clear session information by default.
• req#logout() is now an asynchronous function and requires a callback function as the last argument.

Security

• Improved robustness against session fixation attacks in cases where there is physical access to the same system or the application is susceptible to cross-site scripting (XSS).

[0.5.3] - 2022-05-16

Fixed

• initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions again, reverting change from 0.5.1.

[0.5.2] - 2021-12-16

Fixed

• Introduced a compatibility layer for strategies that depend directly on passport@0.4.x or earlier (such as passport-azure-ad), which were broken by the removal of private variables in passport@0.5.1.

[0.5.1] - 2021-12-15

Added

• Informative error message in session strategy if session support is not available.

Changed

• authenticate() middleware, rather than initialize() middleware, extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

[0.5.0] - 2021-09-23

Changed

• initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

... (truncated)

Commits

• c33067b 0.6.0
• 3052bb4 Update changelog.
• 42630cb Merge pull request #900 from jaredhanson/fix-fixation
• 8dd79fe Use utils-merge rather than Object.assign for compatibility.
• 4f6bd5b Change keepSessionData to keepSessionData.
• 46756e5 Silence verbose logging.
• 987b191 Add tests.
• f8a175f Add tests.
• 29a90d6 No need to guard callback existence.
• bfba8a1 Add tests.
• Additional commits viewable in compare view

Updates ajv from 5.5.2 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

• error logging example (@​RadiationSickness)
• TypeScript usage notes (@​thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

v6.10.0

Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

v6.9.0

OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

• dependencies option in to require the presence of keywords in the same schema.

... (truncated)

Commits

• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• 490e34c docs: link to v7-beta branch
• 9cd93a1 docs: note about v7 in readme
• 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
• f1c8e45 6.12.5
• 764035e Merge branch 'ChALkeR-chalker/fix-comma'
• 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
• a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
• Additional commits viewable in compare view

Updates eslint from 4.19.1 to 9.1.1

Release notes

Sourced from eslint's releases.

v9.1.1

Bug Fixes

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

Build Related

• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

Chores

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)

v9.0.0

Breaking Changes

• b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
• 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.1.1 - April 22, 2024

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

v9.0.0 - April 5, 2024

• 19f9a89 chore: Update dependencies for v9.0.0 (#18275) (Nicholas C. Zakas)
• 7c957f2 chore: package.json update for @​eslint/js release (Jenkins)
• d73a33c chore: ignore /docs/v8.x in link checker (#18274) (Milos Djermanovic)
• d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
• e151050 docs: update get-started to the new @eslint/create-config (#18217) (唯然)
• 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
• 44a81c6 chore: upgrade knip (#18272) (Lars Kappert)
• 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
• 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
• e80b60c chore: remove code for testing version selectors (#18266) (Milos Djermanovic)

... (truncated)

Commits

• b4d2512 9.1.1
• ef36aa4 Build: changelog update for 9.1.1
• a26b402 fix: use @​eslint/create-config latest (#18373)
• b78d831 9.1.0
• e4d9c92 Build: changelog update for 9.1.0
• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357)
• 50d406d chore: package.json update for @​eslint/js release
• 8d18958 fix: Remove name from eslint/js packages (#18368)
• 155c71c chore: package.json update for @​eslint/js release
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by eslintbot, a new releaser for eslint since your current version.

Updates ansi-regex from 2.1.1 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

• Require Node.js 8 166a0d5

Enhancements

• Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• 2b56fb0 5.0.0
• f26f7fe Meta tweaks
• e77ea17 Add TypeScript definition (#32)
• 166a0d5 Require Node.js 8
• f115fca Tidelift tasks
• Additional commits viewable in compare view

Updates engine.io from 6.2.1 to 6.5.4

Release notes

Sourced from engine.io's releases.

6.5.4

This release contains some minor changes which should improve the memory usage of the server, notably this.

Links

• Diff: socketio/engine.io@6.5.3...6.5.4
• Client release: -
• ws version: ~8.11.0 (no change)

6.5.3

Bug Fixes

• improve compatibility with node16 module resolution (#689) (c6bf8c0)
• webtransport: properly handle abruptly closed connections (ff1c861)

Links

• Diff: socketio/engine.io@6.5.2...6.5.3
• Client release: -
• ws version: ~8.11.0 (no change)

6.5.2

Bug Fixes

• webtransport: add proper framing (a306db0)

Links

• Diff: socketio/engine.io@6.5.1...6.5.2
• Client release: -
• ws version: ~8.11.0 (no change)

6.5.1

Bug Fixes

• prevent crash when accessing TextDecoder (#684) (6dd2bc4)

Credits

Huge thanks to @​iowaguy for helping!

Links

... (truncated)

Changelog

Sourced from engine.io's changelog.

6.5.4 (2023-11-09)

This release contains some minor changes which should improve the memory usage of the server, notably this.

Dependencies

• ws@~8.11.0 (no change)

6.5.3 (2023-10-06)

Bug Fixes

• improve compatibility with node16 module resolution (#689) (c6bf8c0)
• webtransport: properly handle abruptly closed connections (ff1c861)

Dependencies

• ws@~8.11.0 (no change)

6.5.2 (2023-08-01)

Bug Fixes

• webtransport: add proper framing (a306db0)

Dependencies

• ws@~8.11.0 (no change)

6.5.1 (2023-06-27)

Bug Fixes

• prevent crash when accessing TextDecoder (#684) (6dd2bc4)

Credits

... (truncated)

Commits

• ff0fbfb chore(release): 6.5.4
• 09acb17 ci: add Node.js 20 in the test matrix
• 39937f8 refactor: minor cleanups
• 43c1c1c refactor: simplify code
• 3b5e79e refactor: remove useless references
• f27a6c3 refactor: remove useless reference
• 2da559a chore(release): 6.5.3
• 9545b44 refactor: add cache-control header in the polling response
• ff1c861 fix(webtransport): properly handle abruptly closed connections
• c6bf8c0 fix: improve compatibility with node16 module resolution (#689)
• Additional commits viewable in compare view

Updates socket.io from 4.5.0 to 4.7.5

Release notes

Sourced from socket.io's releases.

4.7.5

Bug Fixes

• close the adapters when the server is closed (bf64870)
• remove duplicate pipeline when serving bundle (e426f3e)

Links

• Diff: socketio/socket.io@4.7.4...4.7.5
• Client release: 4.7.5
• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.4

Bug Fixes

• typings: calling io.emit with no arguments incorrectly errored (cb6d2e0), closes #4914

Links

• Diff: socketio/socket.io@4.7.3...4.7.4
• Client release: 4.7.4
• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.3

Bug Fixes

• return the first response when broadcasting to a single socket (#4878) (df8e70f)
• typings: allow to bind to a non-secure Http2Server (#4853) (8c9ebc3)

Links

• Diff: socketio/socket.io@4.7.2...4.7.3
• Client release: 4.7.3
• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.2

Bug Fixes

• clean up child namespace when client is rejected in middleware (#4773) (0731c0d)
• webtransport: properly handle WebTransport-only connections (3468a19)
• webtransport: add proper framing (a306db0)

Links

... (truncated)

Changelog

Sourced from socket.io's changelog.

4.7.5 (2024-03-14)

Bug Fixes

• close the adapters when the server is closed (bf64870)
• remove duplicate pipeline when serving bundle (e426f3e)

Dependencies

• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.4 (2024-01-12)

Bug Fixes

• typings: calling io.emit with no arguments incorrectly errored (cb6d2e0), closes #4914

Dependencies

• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.3 (2024-01-03)

Bug Fixes

• return the first response when broadcasting to a single socket (#4878) (df8e70f)
• typings: allow to bind to a non-secure Http2Server (#4853) (8c9ebc3)

Dependencies

• engine.io@~6.5.2 (no change)
• ws@~8.11.0 (no change)

4.7.2 (2023-08-02)

... (truncated)

Commits

• 5017681 chore(release): 4.7.5
• bf64870 fix: close the adapters when the server is closed
• 748e18c ci: test with older TypeScript version
• b9ce6a2 refactor: create specific adapter for parent namespaces (#4950)
• 54dabe5 ci: upgrade to actions/checkout@4 and actions/setup-node@4
• e426f3e fix: remove duplicate pipeline when serving bundle
• e36062c docs: update the webtransport example
• 0bbe8ae docs: only execute the passport middleware once
• 914a8bd docs: add example with JWT
• d943c3e docs: update the Passport.js example
• Additional commits viewable in compare view

Updates socket.io-parser from 4.0.4 to 4.2.4

Release notes

Sourced from socket.io-parser's releases.

4.2.4

Bug Fixes

• ensure reserved events cannot be used as event names (d9db473)
• properly detect plain objects (

[dependabot]

Superseded by #96.