diff --git a/.snyk b/.snyk
index f348695..7220521 100644
--- a/.snyk
+++ b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.7.0
+version: v1.7.1
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   'npm:ws:20160920':
@@ -12,4 +12,8 @@ ignore:
     - socket.io > socket.io-client > engine.io-client > ws:
         reason: None given
         expires: '2017-03-18T14:30:25.299Z'
-patch: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - socket.io > socket.io-adapter > socket.io-parser > debug:
+        patched: '2017-09-28T08:41:12.116Z'
diff --git a/package.json b/package.json
index 691a90c..ae097f8 100644
--- a/package.json
+++ b/package.json
@@ -9,9 +9,9 @@
     "express": "^4.13.4",
     "morgan": "^1.7.0",
     "mqtt": "^1.7.2",
-    "socket.io": "^1.4.5",
-    "socket.io-client": "^1.4.5",
-    "snyk": "^1.25.0"
+    "socket.io": "^2.0.2",
+    "socket.io-client": "^2.0.2",
+    "snyk": "^1.41.1"
   },
   "devDependencies": {},
   "scripts": {