Bump ws, react-native and socket.io-client in /mobile/tindev

[dependabot]

Bumps ws to 5.2.4 and updates ancestor dependencies ws, react-native and socket.io-client. These dependencies need to be updated together.

Updates ws from 5.2.2 to 5.2.4

Release notes

Sourced from ws's releases.

5.2.4

Bug fixes

• Backported e55e5106 to the 5.x release line (4abd8f6d).

5.2.3

Bug fixes

• Backported 00c425ec to the 5.x release line (76d47c14).

Commits

• aa8fe0a [dist] 5.2.4
• 4abd8f6 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 36a3f4d [lint] Add space before function parentheses
• 6dd88e7 [dist] 5.2.3
• 76d47c1 [security] Fix ReDoS vulnerability
• See full diff in compare view

Updates react-native from 0.60.4 to 0.74.2

Release notes

Sourced from react-native's releases.

0.74.2

Changed

• Updated typescript-eslint monorepo to v7 (91d725136e by @​huntie)
• Upgrade CLI to 13.6.8 (335f6ed833 by @​szymonrybczak)

Fixed

• Warn only in init command when CLI uses cached npx version (b98c5b960c by @​szymonrybczak)
• selection prop in TextInput was not being applied at component creation (be09d12667 by @​alanleedev)

Android specific

• Fixed dangling mAttachedSurfaces after ReactHost.destroy() (c70d791036 by @​Kudo)
• ReactSoftExceptions in ReactHostImpl only when Context is null (ac3261ff60 by @​arushikesarwani94)

iOS specific

• Privacy Manifest aggregation failing due to no NSPrivacyAccessedAPITypes key (fc4e099920 by @​renchap)
• In privacy manifest post install script, handle the case where the file reference doesn't have a path (4ad65ac59a by @​robertying)
• Fixed an issue where the selectionColor prop was not being applied on the TextInput component. (2bde626a9f by @​robinshin)

---

Hermes dSYMS:

• Debug
• Release

---

You can file issues or pick requests against this release here.

---

To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

---

View the whole changelog in the CHANGELOG.md file.

0.74.1

Added

iOS Specific

• Implement privacy manifest aggregation (4be1fafec8 by @​aleqsio)

... (truncated)

Changelog

Sourced from react-native's changelog.

Changelog (pre 0.70)

This file contains all changelogs for releases in the 0.60-0.69 range. Please check out the other CHANGELOG-*.md files for newer and older versions.

v0.69.12

Changed

• [0.69] Bump CLI to ^8.0.7, Metro to 0.70.4 (56807fadfa by @​robhogan)

iOS specific

• [0.69] Use Content-Location header in bundle response as JS source URL (#37501) (367fc7ad52 by @​robhogan)

Fixed

Android specific

• Prevent crash in runAnimationStep on OnePlus and Oppo devices (#37487) (4db7a10e25 by @​hsource)

v0.69.11

Fixed

iOS specific

• Make 0.69 compatible with Xcode 15 (thanks to @​AlexanderEggers for the commit in main) (37e8df1cdc)

v0.69.10

Fixed

Android specific

• Minimize EditText Spans 8/N: CustomStyleSpan (b384bb613b by @​NickGerleman)
• Minimize EditText Spans 6/N: letterSpacing (5791cf1f7b by @​NickGerleman)
• Minimize Spans 5/N: Strikethrough and Underline (0869ea29db by @​NickGerleman)
• Minimize Spans 4/N: ReactForegroundColorSpan (8c9c8ba5ad by @​NickGerleman)
• Minimize Spans 3/N: ReactBackgroundColorSpan (cc0ba57ea4 by @​NickGerleman)
• Minimize Spans 1/N: Fix precedence (1743dd7ab4 by @​NickGerleman)
• Fix measurement of uncontrolled TextInput after edit (8a0fe30591 by @​NickGerleman)

v0.69.9

Changed

iOS specific

• Relax Ruby requirements (4e015c69d6 by @​cipolleschi)

Fixed

... (truncated)

Commits

• 17c0b17 Release 0.74.2
• 053f1d9 Fix dangling surfaces in ReactHostImpl (#44393)
• 0f44ca6 chore: Increase iOS script portability (#44417)
• 2e21543 [LOCAL] Fix prettier
• 58f232c [LOCAL] Bump hermes version
• 1e3d216 Merge branch '0.74-stable' of https://github.com/facebook/react-native into 0...
• 335f6ed feat: upgrade CLI to 13.6.8 (#44757)
• 752c173 Fix Privacy Manifest generator when it does not contain a `NSPrivacyAccessedA...
• 1860441 fix: warn only in init command when CLI uses cached npx version (#44644)
• a88a3c5 iOS: Fixes textinput onscroll event payload (#43445)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.

Updates socket.io-client from 2.2.0 to 2.5.0

Release notes

Sourced from socket.io-client's releases.

2.5.0

Bug Fixes

• ensure buffered events are sent in order (991eb0b)

Links:

• Diff: socketio/socket.io-client@2.4.0...2.5.0
• Server release: 2.5.0
• engine.io-client version: ~3.5.0
• ws version: ~7.4.2

2.4.0

The minor bump is matching the bump of the server, but there is no new feature in this release.

Links:

• Milestone: -
• Diff: socketio/socket.io-client@2.3.1...2.4.0
• Server release: 2.4.0
• engine.io-client version: ~3.5.0
• ws version: ~7.4.2

2.3.1

The debug dependency has been reverted to ~3.1.0, as the newer versions contains ES6 syntax which breaks in IE browsers.

Please note that this only applied to users that bundle the Socket.IO client in their application, with webpack for example, as the "official" bundles (in the dist/ folder) were already transpiled with babel.

For webpack users, you can also take a look at the webpack-remove-debug plugin.

Bug Fixes

• fix reconnection after opening socket asynchronously (#1253) (050108b)

Links:

• Milestone: 2.3.1
• Diff: socketio/socket.io-client@2.3.0...2.3.1
• Server release: -
• engine.io-client version: ~3.4.0
• ws version: ~6.1.0
• Build size
  • socket.io.js:
    • min: 61.3 KB (- 5.7 KB)
    • min+gzip: 19.7 KB (- 0.8 KB)
  • socket.io.slim.js:
    • min: 52.6 KB (+ 0.4 KB)

... (truncated)

Changelog

Sourced from socket.io-client's changelog.

2.5.0 (2022-06-26)

Bug Fixes

• ensure buffered events are sent in order (991eb0b)

Dependencies

• engine.io-client@~3.5.0 (no change)
• ws@~7.4.2 (no change)

4.5.1 (2022-05-17)

There were some minor bug fixes on the server side, which mandate a client bump.

Dependencies

• engine.io-client@~6.2.1 (no change)
• ws@~8.2.3 (no change)

4.5.0 (2022-04-23)

Features

Additional details for the disconnect event

The "disconnect" event will now include additional details to help debugging if anything has gone wrong.

Example when a payload is over the maxHttpBufferSize value in HTTP long-polling mode:

socket.on("disconnect", (reason, details) => {
  console.log(reason); // "transport error"
// in that case, details is an error object
console.log(details.message); "xhr post error"
console.log(details.description); // 413 (the HTTP status of the response)
// details.context refers to the XMLHttpRequest object
console.log(details.context.status); // 413
console.log(details.context.responseText); // ""
});

... (truncated)

Commits

• 2b8e318 chore(release): 2.5.0
• 991eb0b fix: ensure buffered events are sent in order
• b1d7eef ci: remove Node.js 8 from the test matrix
• de2ccff chore(release): 2.4.0
• e9dd12a chore: bump engine.io-client version
• 7248c1e ci: migrate to GitHub Actions
• 4631ed6 chore(release): 2.3.1
• 7f73a28 test: fix tests in IE
• 67c54b8 chore: bump engine.io-parser and socket.io-parser
• 15a52ab test: remove arrow function (for now)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.