Update socket.io version to 4.6.2 in package.json and package-lock.json

[sumansaurabh]

User description

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• server/package.json
• server/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Uncaught Exception SNYK-JS-SOCKETIO-7278048	721

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncaught Exception

---

Description

• Updated socket.io version from 4.6.0 to 4.6.2 in both package.json and package-lock.json.
• Updated other dependencies versions in package-lock.json.

---

Changes walkthrough 📝

Relevant files

Enhancement

package-lock.json Updated dependencies versions in package-lock.json              server/package-lock.json ['Updated socket.io version from 4.6.0 to 4.6.2', 'Updated @socket.io/component-emitter version to 3.1.2', 'Updated @types/cors version to 2.8.17', 'Updated @types/node version to 20.14.6'] +59/-34  package.json Updated socket.io version in package.json                                server/package.json ['Updated socket.io version from 4.6.0 to 4.6.2'] +1/-1

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are straightforward and limited to updating the socket.io version in package.json and package-lock.json.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible issue	Update the socket.io version to 4.6.2 in the package-lock.json file for consistency and compatibility Consider updating the socket.io version to 4.6.2 in the package-lock.json file. server/package-lock.json [670-680] -"version": "4.6.0", -"resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.0.tgz", -"integrity": "sha512-b65bp6INPk/BMMrIgVvX12x3Q+NqlGqSlTuvKQWt0BUJ3Hyy3JangBl7fEoWZTXbOKlCqNPbQ6MbWgok/km28w==", +"version": "4.6.2", +"resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.2.tgz", +"integrity": "sha512-Vp+lSks5k0dewYTfwgPT9UeGGd+ht7sCpB7p0e83VgO4X/AHYWhXITMrNk/pg8syY2bpx23ptClCQuHhqi2BgQ==", +"license": "MIT", "dependencies": { "accepts": "~1.3.4", "base64id": "~2.0.0", "debug": "~4.3.2", - "engine.io": "~6.4.0", + "engine.io": "~6.4.2", "socket.io-adapter": "~2.5.2", - "socket.io-parser": "~4.2.1" + "socket.io-parser": "~4.2.4" Suggestion importance[1-10]: 10 Why: The suggestion is correct and addresses a version inconsistency in the package-lock.json file, ensuring consistency and compatibility.	10