Update dependency socket.io-client to v4

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
socket.io-client	devDependencies	major	^3.1.0 -> ^4.5.0
socket.io-client	dependencies	major	^3.1.0 -> ^4.5.0

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
Critical	9.8	CVE-2022-2421	#142
High	7.5	CVE-2023-32695	#203

---

Release Notes

socketio/socket.io-client (socket.io-client)

v4.5.0

Compare Source

Features

Additional details for the disconnect event

The "disconnect" event will now include additional details to help debugging if anything has gone wrong.

Example when a payload is over the maxHttpBufferSize value in HTTP long-polling mode:

socket.on("disconnect", (reason, details) => {
  console.log(reason); // "transport error"

  // in that case, details is an error object
  console.log(details.message); "xhr post error"
  console.log(details.description); // 413 (the HTTP status of the response)

  // details.context refers to the XMLHttpRequest object
  console.log(details.context.status); // 413
  console.log(details.context.responseText); // ""
});

Added in b862924.

Catch-all listeners for outgoing packets

This is similar to onAny(), but for outgoing packets.

Syntax:

socket.onAnyOutgoing((event, ...args) => {
  console.log(event);
});

Added in 74e3e60.

Slice write buffer according to the maxPayload value

The server will now include a "maxPayload" field in the handshake details, allowing the clients to decide how many packets they have to send to stay under the maxHttpBufferSize value.

Added in 46fdc2f.

Dependencies

• engine.io-client@~6.2.1 (socketio/engine.io-client@6.1.1...6.2.1)
• ws@~8.2.3 (no change)

4.4.1 (2022-01-06)

v4.4.1

Compare Source

v4.4.0

Compare Source

Bug Fixes

• add package name in nested package.json (53d8fca), closes socketio/socket.io-client#1513
• fix socket.disconnect().connect() usage (99c2cb8)
• prevent socket from reconnecting after middleware failure (d54d12c)

Features

• add timeout feature (ccf7998)

socket.timeout(5000).emit("my-event", (err) => {
  if (err) {
    // the server did not acknowledge the event in the given delay
  }
});

4.3.2 (2021-10-16)

Bug Fixes

• restore the default export (bis) (6780f29)

4.3.1 (2021-10-15)

Bug Fixes

• restore the default export (f0aae84)
• restore the namespace export (8737d0a)

v4.3.2

Compare Source

Bug Fixes

• restore the default export (bis) (6780f29)

v4.3.1

Compare Source

Bug Fixes

• restore the default export (f0aae84)
• restore the namespace export (8737d0a)

v4.3.0

Compare Source

An ESM bundle is now provided:

<script type="module">
  import { io } from "https://cdn.socket.io/4.3.0/socket.io.esm.min.js";

  const socket = io();

  socket.emit("hello", "world");
</script>

Features

• typings: add missing types for some emitter methods (#​1502) (a9e5b85)
• provide an ESM build with and without debug (16b6569)
• migrate to rollup (0661564)

v4.2.0

Compare Source

Bug Fixes

• typings: allow async listener in typed events (66e00b7)
• allow to set randomizationFactor to 0 (#​1447) (dfb46b5)

Features

• add an option to use native timer functions (#​1479) (4e1b656)

4.1.3 (2021-07-10)

4.1.2 (2021-05-17)

Bug Fixes

• typings: add missing closeOnBeforeunload option (#​1469) (35d27df)
• typings: add missing requestTimeout option (#​1467) (c8dfbb1)

4.1.1 (2021-05-11)

There were some minor bug fixes on the server side, which mandate a client bump.

v4.1.3

Compare Source

v4.1.2

Compare Source

Bug Fixes

• typings: add missing closeOnBeforeunload option (#​1469) (35d27df)
• typings: add missing requestTimeout option (#​1467) (c8dfbb1)

v4.1.1

Compare Source

There were some minor bug fixes on the server side, which mandate a client bump.

v4.1.0

Compare Source

Features

• add the "closeOnBeforeunload" option (dcb85e9, from engine.io-client)

4.0.2 (2021-05-06)

Bug Fixes

• typings: add fallback to untyped event listener (5394669)
• ensure buffered events are sent in order (34f822f)
• ensure connections are properly multiplexed (dd2a8fc)
• properly export the Socket class (e20d487)

4.0.1 (2021-03-31)

Bug Fixes

• typings: make auth property public (#​1455) (c150223)
• typings: update definition to match wrapper.mjs (#​1456) (48f573f)

3.1.3 (2021-03-12)

Bug Fixes

• bundle: restore support for JS modules (afa7953)

v4.0.2

Compare Source

Bug Fixes

• typings: add fallback to untyped event listener (5394669)
• ensure buffered events are sent in order (34f822f)
• ensure connections are properly multiplexed (dd2a8fc)
• properly export the Socket class (e20d487)

v4.0.1

Compare Source

Bug Fixes

• typings: make auth property public (#​1455) (c150223)
• typings: update definition to match wrapper.mjs (#​1456) (48f573f)

v4.0.0

Compare Source

The major bump is due to some breaking changes on the server side.

Bug Fixes

• bundle: restore support for JS modules (43613d1)

Features

• add autoUnref option (6abfa1f)
• add support for typed events (5902365)

3.1.2 (2021-02-26)

Bug Fixes

• restore support for web workers (13b32b3)
• silently close the transport in the beforeunload hook (ed48b5d, from engine.io-client)

3.1.1 (2021-02-03)

Bug Fixes

• include the path in the manager ID (7a0c2b5)
• remove polyfill for process in the bundle (61afc5d)
• typings: add return types and general-case overload signatures (#​1440) (47f917a)
• typings: fix the type of the "query" option (#​1439) (f02ab3b)

v3.1.3

Compare Source

Bug Fixes

• bundle: restore support for JS modules (afa7953)

v3.1.2

Compare Source

Bug Fixes

• restore support for web workers (13b32b3)
• silently close the transport in the beforeunload hook (ed48b5d, from engine.io-client)

v3.1.1

Compare Source

Bug Fixes

• include the path in the manager ID (7a0c2b5)
• remove polyfill for process in the bundle (61afc5d)
• typings: add return types and general-case overload signatures (#​1440) (47f917a)
• typings: fix the type of the "query" option (#​1439) (f02ab3b)

---

• If you want to rebase/retry this PR, check this box