[Snyk] Fix for 5 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	No Known Exploit
	Prototype Pollution npm:deep-extend:20180409	No	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	Insecure Randomness npm:ws:20160920	No	No Known Exploit
	Denial of Service (DoS) npm:ws:20171108	No	Mature

Commit messages

Package name: socket.io

The new version differs by 83 commits.

• a10dc8d [chore] Release 2.0.2
• 2b21690 [fix] Fix timing issues with middleware (#2948)
• 832b8fc [chore] Release 2.0.1
• a005690 [fix] Update path of client file (#2934)
• 3367eaa [chore] Release 2.0.0
• 6c0705f [docs] Add an example of custom parser (#2929)
• 1980fb4 [chore] Merge history of 1.7.x and 0.9.x branches (#2930)
• 0d07c47 [chore] Added backers and sponsors on the README (#2933)
• a086588 [chore] Bump dependencies (#2926)
• 87b06ad [feat] Move binary detection to the parser (#2923)
• 199eec6 [docs] Replace non-breaking space with proper whitespace (#2913)
• f1b39a6 [docs] Update emit cheatsheet (#2906)
• 240b154 [docs] Explicitly document that Server extends EventEmitter (#2874)
• c5b7738 [docs] Add server.engine.generateId attribute (#2880)
• 03f3bc9 [docs] Fix wrong space character in README (#2900)
• e40accf [docs] Fix documentation for 'connect' event (#2898)
• 01a4623 [feat] Allow to join several rooms at once (#2879)
• 2d5b002 [docs] Add webpack build example (#2828)
• 5ae06e6 [chore] Bump socket.io-adapter to version 1.0.0 (#2867)
• 4d8f68c [chore] Bump engine.io to version 2.0.2 (#2864)
• 5b79ab1 [docs] Update the wording to match the code example (#2853)
• 54ff591 [feature] Merge Engine.IO and Socket.IO handshake packets (#2833)
• e1facd5 [docs] Small addition to the Express Readme Part (#2846)
• 3b92cc2 [feature] Allow the use of custom parsers (#2829)

See the full diff

Package name: twitter

The new version differs by 30 commits.

• 296e82e 1.7.1
• 458dde9 Merge pull request #232 from gvnn/master
• 87cc24c Allow users to specify a full path (avoid default `.json`)
• 3be527f Merge pull request #226 from desmondmorris/greenkeeper/deep-extend-0.5.0
• 9895136 fix(package): update deep-extend to version 0.5.0
• d2ef30d Merge pull request #203 from omarchehab98/patch-1
• b34114e Merge pull request #208 from IvanJov/patch-1
• 1046032 Changed `../lib/twitter` to `twitter` in examples
• 28493da fixed typo in code example
• 5ec603f Disable eslint on versions < 4.x
• 93a8e0b chore(package): update dependencies
• 87225a0 1.7.0
• 080f509 Adds note about Promises to the REST API docs
• 749b34d Merge pull request #197 from rneilson/onresponse
• 6f0003f Merge pull request #187 from rneilson/promises
• 16cde0d Added response event to stream on 200 response
• 5dd5add Add Promise global and increase max-statements in .eslintrc
• 79ed977 Tiny formatting tweak to take off a couple eslint errors
• 1f2cfe5 Add promisified return path to __request() (if no callback given)
• 8ee8d11 1.6.0
• 5d61c2c Create CNAME
• 882eed1 Fix for JSLint failiure
• eb51190 Apply the PING method from https://github.com/rneilson/node-twitter/blob/8a483ed3fcea3904536c794f1edd0149624a1416/lib/parser.js
• 7108db3 Release v1.5.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic