npmpackage.info

Gathering detailed insights and metrics for socket.io-client

Other packages similar to socket.io-client

vue-socket.io

3.0.10

socket.io implementation for Vue.js and Vuex

@types/socket.io-client

3.0.0

Stub TypeScript definitions entry for socket.io-client, which provides its own types definitions

engine.io

6.6.4

The realtime engine behind Socket.IO. Provides the foundation of a bidirectional connection between client and server

vue-3-socket.io

1.0.5

socket.io implementation for Vue.js and Vuex

Gathering detailed insights and metrics for socket.io-client

socket.io-client - 4.8.1 | npmpackage.info

socket.io-client

Realtime application framework (Node.JS server)

4.8.1

61,992

MIT

TypeScript

12.72 kB

1,618,333,038 5.7

Installations

npm install socket.io-client

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM, UMD

Min. Node Version

>=10.0.0

Node Version

20.18.0

NPM Version

10.8.2 Score

98.7

Supply Chain

81.2

Quality

80.1

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

16

Total

882

Closed

431

Merged

435

Issues

Open

181

Total

3,599

Closed

3,418

Releases

engine.io@6.6.4

Updated on Jan 28, 2025

engine.io@6.6.3

Updated on Jan 23, 2025

engine.io-client@6.6.3

Updated on Jan 23, 2025

socket.io@4.8.1

Updated on Oct 25, 2024

socket.io-client@4.8.1

Updated on Oct 25, 2024

engine.io-client@6.6.2

Updated on Oct 25, 2024

View All 75 releases

Languages

TypeScript

JavaScript

Shell

HTML

CSS

TypeScript (62.4%)

JavaScript (37.44%)

Shell (0.1%)

HTML (0.03%)

CSS (0.02%)

Developer

socketio

Download Statistics

Total Downloads

1,618,333,038

Last Day

1,042,725

Last Week

4,942,960

Last Month

22,685,686

Last Year

243,000,320

GitHub Statistics

MIT License

61,992 Stars

7,611 Commits

10,146 Forks

1,509 Watchers

26 Branches

388 Contributors

Updated on May 09, 2025

Bundle Size

41.87 kB

Minified

12.72 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 388 Contributors

Package Meta Information

Latest Version

4.8.1

Package Id

socket.io-client@4.8.1

Unpacked Size

1.35 MB

Size

322.72 kB

File Count

NPM Version

10.8.2

Node Version

20.18.0

Published on

Oct 25, 2024

Total Downloads

Cumulative downloads

Total Downloads

1,618,333,038

Last Day

5.1%

1,042,725

Compared to previous day

Last Week

-11%

4,942,960

Compared to previous week

Last Month

2.4%

22,685,686

Compared to previous month

Last Year

16%

243,000,320

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@socket.io/component-emitter debug engine.io-client socket.io-parser

socket.io-client

Downloads

Documentation

Please see the documentation here.

The source code of the website can be found here. Contributions are welcome!

Debug / logging

In order to see all the client debug output, run the following command on the browser console – including the desired scope – and reload your app page:

localStorage.debug = '*';

And then, filter by the scopes you're interested in. See also: https://socket.io/docs/v4/logging-and-debugging/

License

MIT

No vulnerabilities found.

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

9

Maintained

Determines if the project is "actively maintained".

9

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

9

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-examples.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/build-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-examples.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/build-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-browser.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/ci-browser.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-browser.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/ci-browser.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/socketio/socket.io/publish.yml/main?enable=pin
Warn: containerImage not pinned by hash: examples/cluster-haproxy/server/Dockerfile:1: pin your Docker image by updating node:14-alpine to node:14-alpine@sha256:434215b487a329c9e867202ff89e704d3a75e554822e07f3e0c0f9e606121b33
Warn: containerImage not pinned by hash: examples/cluster-httpd/server/Dockerfile:1: pin your Docker image by updating node:14-alpine to node:14-alpine@sha256:434215b487a329c9e867202ff89e704d3a75e554822e07f3e0c0f9e606121b33
Warn: containerImage not pinned by hash: examples/cluster-nginx/client/Dockerfile:1: pin your Docker image by updating node:14-alpine to node:14-alpine@sha256:434215b487a329c9e867202ff89e704d3a75e554822e07f3e0c0f9e606121b33
Warn: containerImage not pinned by hash: examples/cluster-nginx/server/Dockerfile:1: pin your Docker image by updating node:14-alpine to node:14-alpine@sha256:434215b487a329c9e867202ff89e704d3a75e554822e07f3e0c0f9e606121b33
Warn: containerImage not pinned by hash: examples/cluster-traefik/server/Dockerfile:1: pin your Docker image by updating node:14-alpine to node:14-alpine@sha256:434215b487a329c9e867202ff89e704d3a75e554822e07f3e0c0f9e606121b33
Warn: containerImage not pinned by hash: examples/connection-state-recovery-example/cjs/.codesandbox/Dockerfile:1: pin your Docker image by updating node:20-bullseye to node:20-bullseye@sha256:218b79a1d4c9d749dc793c21ecae7d7e04feaefc19e4cc2c3f5994358a310491
Warn: containerImage not pinned by hash: examples/connection-state-recovery-example/esm/.codesandbox/Dockerfile:1: pin your Docker image by updating node:20-bullseye to node:20-bullseye@sha256:218b79a1d4c9d749dc793c21ecae7d7e04feaefc19e4cc2c3f5994358a310491
Warn: npmCommand not pinned by hash: examples/cluster-haproxy/server/Dockerfile:9
Warn: npmCommand not pinned by hash: examples/cluster-httpd/server/Dockerfile:9
Warn: npmCommand not pinned by hash: examples/cluster-nginx/client/Dockerfile:9
Warn: npmCommand not pinned by hash: examples/cluster-nginx/server/Dockerfile:9
Warn: npmCommand not pinned by hash: examples/cluster-traefik/server/Dockerfile:9
Warn: npmCommand not pinned by hash: .github/workflows/build-examples.yml:44
Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 3 out of 9 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

57 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-vp56-6g26-6827
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-mpg4-rc92-vx8v
Warn: Project is vulnerable to: GHSA-m5qc-5hw7-8vg7
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-75v8-2h7p-7m2m
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j
Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-wrvr-8mpx-r7pp
Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-qg8p-v9q4-gh34
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-34r7-q49f-h37c
Warn: Project is vulnerable to: GHSA-c9f4-xj24-8jqx

Score

5.7

/10

Last Scanned on 2025-04-28

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More