From 0841bd562351c3d45a5288e2adf9707cc8a3131d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 25 Jan 2023 07:23:55 +0100
Subject: [PATCH 1/4] chore: bump ua-parser-js from 1.0.32 to 1.0.33 (#121)

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 1.0.32 to 1.0.33.
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md)
- [Commits](https://github.com/faisalman/ua-parser-js/compare/1.0.32...1.0.33)

---
updated-dependencies:
- dependency-name: ua-parser-js
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 85630e9..b6dd966 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "socket.io-parser",
-  "version": "4.2.1",
+  "version": "4.2.2",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "socket.io-parser",
-      "version": "4.2.1",
+      "version": "4.2.2",
       "license": "MIT",
       "dependencies": {
         "@socket.io/component-emitter": "~3.1.0",
@@ -7251,9 +7251,9 @@
       }
     },
     "node_modules/ua-parser-js": {
-      "version": "1.0.32",
-      "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.32.tgz",
-      "integrity": "sha512-dXVsz3M4j+5tTiovFVyVqssXBu5HM47//YSOeZ9fQkdDKkfzv2v3PP1jmH6FUyPW+yCSn7aBVK1fGGKNhowdDA==",
+      "version": "1.0.33",
+      "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.33.tgz",
+      "integrity": "sha512-RqshF7TPTE0XLYAqmjlu5cLLuGdKrNu9O1KLA/qp39QtbZwuzwv1dT46DZSopoUMsYgXpB3Cv8a03FI8b74oFQ==",
       "dev": true,
       "funding": [
         {
@@ -13832,9 +13832,9 @@
       "dev": true
     },
     "ua-parser-js": {
-      "version": "1.0.32",
-      "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.32.tgz",
-      "integrity": "sha512-dXVsz3M4j+5tTiovFVyVqssXBu5HM47//YSOeZ9fQkdDKkfzv2v3PP1jmH6FUyPW+yCSn7aBVK1fGGKNhowdDA==",
+      "version": "1.0.33",
+      "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.33.tgz",
+      "integrity": "sha512-RqshF7TPTE0XLYAqmjlu5cLLuGdKrNu9O1KLA/qp39QtbZwuzwv1dT46DZSopoUMsYgXpB3Cv8a03FI8b74oFQ==",
       "dev": true
     },
     "unbzip2-stream": {

From 3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3 Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Mon, 22 May 2023 07:37:31 +0200
Subject: [PATCH 2/4] fix: check the format of the event name

A packet like '2[{"toString":"foo"}]' was decoded as:

{
  type: EVENT,
  data: [ { "toString": "foo" } ]
}

Which would then throw an error when passed to the EventEmitter class:

> TypeError: Cannot convert object to primitive value
>    at Socket.emit (node:events:507:25)
>    at .../node_modules/socket.io/lib/socket.js:531:14

History of the isPayloadValid() method:

- added in [78f9fc2](https://github.com/socketio/socket.io-parser/commit/78f9fc2999b15804b02f2c22a2b4007734a26af9) (v4.0.1, socket.io@3.0.0)
- updated in [1c220dd](https://github.com/socketio/socket.io-parser/commit/1c220ddbf45ea4b44bc8dbf6f9ae245f672ba1b9) (v4.0.4, socket.io@3.1.0)
---
 lib/index.ts   | 5 ++++-
 test/parser.js | 3 +++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/index.ts b/lib/index.ts
index 6b77094..4319d2c 100644
--- a/lib/index.ts
+++ b/lib/index.ts
@@ -275,7 +275,10 @@ export class Decoder extends Emitter<{}, {}, DecoderReservedEvents> {
         return typeof payload === "string" || typeof payload === "object";
       case PacketType.EVENT:
       case PacketType.BINARY_EVENT:
-        return Array.isArray(payload) && payload.length > 0;
+        return (
+          Array.isArray(payload) &&
+          (typeof payload[0] === "string" || typeof payload[0] === "number")
+        );
       case PacketType.ACK:
       case PacketType.BINARY_ACK:
         return Array.isArray(payload);
diff --git a/test/parser.js b/test/parser.js
index 1b99166..c78e675 100644
--- a/test/parser.js
+++ b/test/parser.js
@@ -118,6 +118,9 @@ describe("socket.io-parser", () => {
     isInvalidPayload("1/admin,{}");
     isInvalidPayload('2/admin,"invalid');
     isInvalidPayload("2/admin,{}");
+    isInvalidPayload('2[{"toString":"foo"}]');
+    isInvalidPayload('2[true,"foo"]');
+    isInvalidPayload('2[null,"bar"]');
 
     expect(() => new Decoder().add("999")).to.throwException(
       /^unknown packet type 9$/

From dcc70d9678ac896de08294d6e8d668be6a68680a Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Mon, 22 May 2023 08:19:57 +0200
Subject: [PATCH 3/4] refactor: export typescript declarations for the commonjs
 build

Related: https://github.com/socketio/socket.io/issues/4621#issuecomment-1551853243
---
 tsconfig.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tsconfig.json b/tsconfig.json
index f033355..b9e4980 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -3,7 +3,7 @@
     "outDir": "build/cjs/",
     "target": "es2018", // Node.js 10 (https://github.com/microsoft/TypeScript/wiki/Node-Target-Mapping)
     "module": "commonjs",
-    "declaration": false
+    "declaration": true
   },
   "include": [
     "./lib/**/*"

From b6c824f82421aa44dfd5ef395f5132866543de59 Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Mon, 22 May 2023 08:23:45 +0200
Subject: [PATCH 4/4] chore(release): 4.2.3

Diff: https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3
---
 CHANGELOG.md | 10 ++++++++++
 package.json |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cfb5b91..4058886 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## 2023
 
+- [4.2.3](#423-2023-05-22) (May 2023)
 - [4.2.2](#422-2023-01-19) (Jan 2023)
 
 ## 2022
@@ -41,6 +42,15 @@
 
 # Release notes
 
+## [4.2.3](https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3) (2023-05-22)
+
+
+### Bug Fixes
+
+* check the format of the event name ([9be1167](https://github.com/socketio/socket.io-parser/commit/9be11670dfef7745cef9f17e28ebd2f4fc522e9e))
+
+
+
 ## [4.2.2](https://github.com/socketio/socket.io-parser/compare/4.2.1...4.2.2) (2023-01-19)
 
 
diff --git a/package.json b/package.json
index d672f88..0f375d5 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "socket.io-parser",
-  "version": "4.2.2",
+  "version": "4.2.3",
   "description": "socket.io protocol parser",
   "repository": {
     "type": "git",