Use @versatica/sctp fork to fix npm audit vulnerability

## Details - I've forked NPM `ip` package (see https://github.com/versatica/node-ip), removed public API affected by the [vulnerability](GHSA-2p57-rm9w-gvfp) and published version 3.0.0 under `@versatica` NPM organization. - I've forked NPM `sctp` package(see https://github.com/versatica/node-sctp), updated deps and (of course) replace `ip` with `@versativa/ip` dependency, and published version 1.1.0 under `@versatica` NPM organization. - And of course I've replaced `sctp` with `@versativa/sctp` in mediasoup, so now `npm audit` is ok.
versatica · Dec 17, 2024 · e80f727 · e80f727
1 parent 363fb04
commit e80f727
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 47 deletions.
diff --git a/node/src/test/test-node-sctp.ts b/node/src/test/test-node-sctp.ts
@@ -1,6 +1,6 @@
 import * as dgram from 'node:dgram';
 // @ts-expect-error -- sctp library doesn't have TS types.
-import * as sctp from 'sctp';
+import * as sctp from '@versatica/sctp';
 import * as mediasoup from '../';
 import { enhancedOnce } from '../enhancedEvents';
 import type { WorkerEvents } from '../types';

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -114,6 +114,7 @@
 		"@types/debug": "^4.1.12",
 		"@types/jest": "^29.5.14",
 		"@types/node": "^22.10.2",
+		"@versatica/sctp": "^1.1.0",
 		"eslint": "^9.17.0",
 		"eslint-config-prettier": "^9.1.0",
 		"eslint-plugin-jest": "^28.9.0",
@@ -124,7 +125,6 @@
 		"open-cli": "^8.0.0",
 		"pick-port": "^2.1.0",
 		"prettier": "^3.4.2",
-		"sctp": "^1.0.0",
 		"ts-jest": "^29.2.5",
 		"typescript": "^5.7.2",
 		"typescript-eslint": "^8.18.1"