Update dependency socket.io to v4

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
socket.io	dependencies	major	^3.1.0 -> ^4.5.2

By merging this PR, the issue #19 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	7.5	CVE-2023-32695
Medium	6.5	CVE-2022-41940

---

Release Notes

socketio/socket.io

v4.5.2

Compare Source

Bug Fixes

• prevent the socket from joining a room after disconnection (18f3fda)
• uws: prevent the server from crashing after upgrade (ba497ee)

Dependencies

• engine.io@~6.2.0 (no change)
• ws@~8.2.3 (no change)

v4.5.1

Compare Source

Bug Fixes

• forward the local flag to the adapter when using fetchSockets() (30430f0)
• typings: add HTTPS server to accepted types (#​4351) (9b43c91)

Dependencies

• engine.io@~6.2.0 (no change)
• ws@~8.2.3 (no change)

v4.5.0

Compare Source

Bug Fixes

• typings: ensure compatibility with TypeScript 3.x (#​4259) (02c87a8)

Features

Catch-all listeners for outgoing packets

This is similar to onAny(), but for outgoing packets.

Syntax:

socket.onAnyOutgoing((event, ...args) => {
  console.log(event);
});

Added in 531104d.

Broadcast and expect multiple acknowledgements

Syntax:

io.timeout(1000).emit("some-event", (err, responses) => {
  // ...
});

Added in 8b20457.

maxHttpBufferSize value negotiation

A "maxPayload" field is now included in the Engine.IO handshake, so that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:

0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}

Added in 088dcb4.

Dependencies

• engine.io@~6.2.0 (socketio/engine.io@6.1.0...6.2.0)
• ws@~8.2.3 (no change)

4.4.1 (2022-01-06)

Bug Fixes

• types: make RemoteSocket.data type safe (#​4234) (770ee59)
• types: pass SocketData type to custom namespaces (#​4233) (f2b8de7)

v4.4.1

Compare Source

Bug Fixes

• types: make RemoteSocket.data type safe (#​4234) (770ee59)
• types: pass SocketData type to custom namespaces (#​4233) (f2b8de7)

v4.4.0

Compare Source

Bug Fixes

• only set 'connected' to true after middleware execution (02b0f73)

Features

• add an implementation based on uWebSockets.js (c0d8c5a)
• add timeout feature (f0ed42f)
• add type information to socket.data (#​4159) (fe8730c)

4.3.2 (2021-11-08)

Bug Fixes

• fix race condition in dynamic namespaces (#​4137) (9d86397)

4.3.1 (2021-10-16)

Bug Fixes

• fix server attachment (#​4127) (0ef2a4d)

v4.3.2

Compare Source

Bug Fixes

• fix race condition in dynamic namespaces (#​4137) (9d86397)

v4.3.1

Compare Source

Bug Fixes

• fix server attachment (#​4127) (0ef2a4d)

v4.3.0

Compare Source

Bug Fixes

• typings: add name field to cookie option (#​4099) (033c5d3)
• send volatile packets with binary attachments (dc81fcf)

Features

• serve ESM bundle (60edecb)

v4.2.0

Compare Source

Bug Fixes

• typings: allow async listener in typed events (ccfd8ca)

Features

• ignore the query string when serving client JavaScript (#​4024) (24fee27)

4.1.3 (2021-07-10)

Bug Fixes

• fix io.except() method (94e27cd)
• remove x-sourcemap header (a4dffc6)

4.1.2 (2021-05-17)

Bug Fixes

• typings: ensure compatibility with TypeScript 3.x (0cb6ac9)
• ensure compatibility with previous versions of the adapter (a2cf248)

4.1.1 (2021-05-11)

Bug Fixes

• typings: properly type server-side events (b84ed1e)
• typings: properly type the adapter attribute (891b187)

v4.1.3

Compare Source

Bug Fixes

• fix io.except() method (94e27cd)
• remove x-sourcemap header (a4dffc6)

v4.1.2

Compare Source

Bug Fixes

• typings: ensure compatibility with TypeScript 3.x (0cb6ac9)
• ensure compatibility with previous versions of the adapter (a2cf248)

v4.1.1

Compare Source

Bug Fixes

• typings: properly type server-side events (b84ed1e)
• typings: properly type the adapter attribute (891b187)

v4.1.0

Compare Source

Features

• add support for inter-server communication (93cce05)
• notify upon namespace creation (499c892)
• add a "connection_error" event (7096e98, from engine.io)
• add the "initial_headers" and "headers" events (2527543, from engine.io)

Performance Improvements

• add support for the "wsPreEncoded" writing option (dc381b7)

4.0.2 (2021-05-06)

Bug Fixes

• typings: make "engine" attribute public (b81ce4c)
• properly export the Socket class (d65b6ee)

4.0.1 (2021-03-31)

Bug Fixes

• typings: add fallback to untyped event listener (#​3834) (a11152f)
• typings: update return type from emit (#​3843) (1a72ae4)

v4.0.2

Compare Source

Bug Fixes

• typings: make "engine" attribute public (b81ce4c)
• properly export the Socket class (d65b6ee)

v4.0.1

Compare Source

Bug Fixes

• typings: add fallback to untyped event listener (#​3834) (a11152f)
• typings: update return type from emit (#​3843) (1a72ae4)

v4.0.0

Compare Source

Bug Fixes

• make io.to(...) immutable (ac9e8ca)

Features

• add some utility methods (b25495c)
• add support for typed events (#​3822) (0107510)
• allow to exclude specific rooms when broadcasting (#​3789) (7de2e87)
• allow to pass an array to io.to(...) (085d1de)

3.1.2 (2021-02-26)

Bug Fixes

• ignore packets received after disconnection (494c64e)

3.1.1 (2021-02-03)

Bug Fixes

• properly parse the CONNECT packet in v2 compatibility mode (6f4bd7f)
• typings: add return types and general-case overload signatures (#​3776) (9e8f288)
• typings: update the types of "query", "auth" and "headers" (4f2e9a7)

v3.1.2

Compare Source

Bug Fixes

• ignore packets received after disconnection (494c64e)

v3.1.1

Compare Source

Bug Fixes

• properly parse the CONNECT packet in v2 compatibility mode (6f4bd7f)
• typings: add return types and general-case overload signatures (#​3776) (9e8f288)
• typings: update the types of "query", "auth" and "headers" (4f2e9a7)

---

• If you want to rebase/retry this PR, check this box