Gathering detailed insights and metrics for socket.io
Gathering detailed insights and metrics for socket.io
Gathering detailed insights and metrics for socket.io
Gathering detailed insights and metrics for socket.io
Realtime application framework (Node.JS server)
npm install socket.io
socket.io@4.8.1
Published on 25 Oct 2024
socket.io-client@4.8.1
Published on 25 Oct 2024
engine.io-client@6.6.2
Published on 25 Oct 2024
engine.io@6.6.2
Published on 09 Oct 2024
socket.io@4.8.0
Published on 21 Sept 2024
socket.io-client@4.8.0
Published on 21 Sept 2024
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
61,272 Stars
7,605 Commits
10,125 Forks
1,521 Watching
24 Branches
388 Contributors
Updated on 28 Nov 2024
Minified
Minified + Gzipped
TypeScript (62.21%)
JavaScript (37.64%)
Shell (0.1%)
HTML (0.03%)
CSS (0.02%)
Cumulative downloads
Total Downloads
Last day
-2.1%
1,218,683
Compared to previous day
Last week
4%
7,078,047
Compared to previous week
Last month
11.9%
29,226,412
Compared to previous month
Last year
9.9%
290,486,484
Compared to previous year
Please check our documentation here.
Our issues list is exclusively reserved for bug reports and feature requests. For usage questions, please use the following resources:
If you think that you have found a security vulnerability in our project, please do not create an issue in this GitHub repository, but rather refer to our Security Policy.
Please make sure to read our Contributing Guide before creating an issue or making a pull request.
Thanks to everyone who has already contributed to Socket.IO!
The latest stable version of the package.
Stable Version
1
7.5/10
Summary
Insecure randomness in socket.io
Affected Versions
<= 0.9.6
Patched Versions
0.9.7
3
7.3/10
Summary
socket.io has an unhandled 'error' event
Affected Versions
>= 3.0.0, < 4.6.2
Patched Versions
4.6.2
7.3/10
Summary
socket.io has an unhandled 'error' event
Affected Versions
< 2.5.0
Patched Versions
2.5.1
4.3/10
Summary
CORS misconfiguration in socket.io
Affected Versions
< 2.4.0
Patched Versions
2.4.0
Reason
30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
security policy file detected
Details
Reason
license file detected
Details
Reason
packaging workflow detected
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
binaries present in source code
Details
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
45 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More