[Snyk] Security upgrade socket.io from 1.4.7 to 2.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: socket.io

The new version differs by 157 commits.

• 3367eaa [chore] Release 2.0.0
• 6c0705f [docs] Add an example of custom parser (Using Karma to test Gulp Tasks karma-runner/karma#2929)
• 1980fb4 [chore] Merge history of 1.7.x and 0.9.x branches (Karma 2 no longer correctly reports the original error stack when using source maps karma-runner/karma#2930)
• 0d07c47 [chore] Added backers and sponsors on the README (Subsequent test cases or specs do not run if browser gets disconnected with Karma. karma-runner/karma#2933)
• a086588 [chore] Bump dependencies (NSP Check package upgrades needed karma-runner/karma#2926)
• 87b06ad [feat] Move binary detection to the parser (Headless Chrome version detected to be 0.0.0 on Linux karma-runner/karma#2923)
• 199eec6 [docs] Replace non-breaking space with proper whitespace (fix(common): show more detailed info about error logged in console karma-runner/karma#2913)
• f1b39a6 [docs] Update emit cheatsheet (Unsupported engine for karma@1.7.1 karma-runner/karma#2906)
• 240b154 [docs] Explicitly document that Server extends EventEmitter (Karma should start a new browser instance when disconnected by a SyntaxError karma-runner/karma#2874)
• c5b7738 [docs] Add server.engine.generateId attribute (fix(deps): update socket.io to version 2.0.3. karma-runner/karma#2880)
• 03f3bc9 [docs] Fix wrong space character in README (Support question - why do promises magically run synchronously karma-runner/karma#2900)
• e40accf [docs] Fix documentation for 'connect' event (Error in CSS file: Module not found karma-runner/karma#2898)
• 01a4623 [feat] Allow to join several rooms at once (fix(config): Retry install with appveyor-retry. karma-runner/karma#2879)
• 2d5b002 [docs] Add webpack build example (Provide clarity in upgrade path karma-runner/karma#2828)
• 5ae06e6 [chore] Bump socket.io-adapter to version 1.0.0 (Server(config, callback).start() causes node process to hang karma-runner/karma#2867)
• 4d8f68c [chore] Bump engine.io to version 2.0.2 (feat(config): Allow programmatic config karma-runner/karma#2864)
• 5b79ab1 [docs] Update the wording to match the code example (Disconnecting a browser sends browser_error event to reporters karma-runner/karma#2853)
• 54ff591 [feature] Merge Engine.IO and Socket.IO handshake packets (Angular2 - KarmaJS - unit Tests not executed automatically on npm test karma-runner/karma#2833)
• e1facd5 [docs] Small addition to the Express Readme Part (feat(middleware): added manual file type option karma-runner/karma#2846)
• 3b92cc2 [feature] Allow the use of custom parsers ("karma run" re-runs preprocessors for unmodified files karma-runner/karma#2829)
• 3d695c6 [chore] Bump engine.io to version 2.0.0 (Can't execute tests - Executed 0 of 0 ERROR (0.005 secs / 0 secs) karma-runner/karma#2832)
• 3b5f433 [fix] Use path.resolve by default and require.resolve as a fallback (Feature: Testing Global Errors in Karma karma-runner/karma#2797)
• 23c9dd3 [docs] Add a 'Features' section in the README (Include css file without .css extension karma-runner/karma#2824)
• e28b475 [docs] Add httpd cluster example (Passed --grep option persists across test runs karma-runner/karma#2819)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic