From 93641a165d13f650d0b7f84bd0344fc1faf13a58 Mon Sep 17 00:00:00 2001
From: muxator <a.mux@inwind.it>
Date: Sat, 18 Aug 2018 19:42:42 +0200
Subject: [PATCH] dependencies: update socket.io 1.7.3 -> 2.1.1

Version 2.x is not backwards compatible with 1.x.
However, according to [0], [1] and [2], it seems that the biggest concern is
when mixing different server and client versions, and this is not Etherpad's
case.

Smoke tested (successfully) on Firefox 61, Chromium 68.

npm audit before this change:
  found 12 vulnerabilities (9 low, 3 high) in 8205 scanned packages
    11 vulnerabilities require semver-major dependency updates.
    1 vulnerability requires manual review. See the full report for details.

npm audit after this change:
  found 1 low severity vulnerability in 8196 scanned packages
    1 vulnerability requires manual review. See the full report for details.

Fixes #3462

[0] https://socket.io/blog/socket-io-2-0-0/
[1] https://github.com/socketio/socket.io/issues/3007#issuecomment-336791836
[2] https://github.com/Enalean/tuleap/commit/a0d7a794ded03a0001d2164cb25a9e26b5441a89
---
 src/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/package.json b/src/package.json
index fcf5b97c0..b6df2acb3 100644
--- a/src/package.json
+++ b/src/package.json
@@ -51,7 +51,7 @@
     "security": "1.0.0",
     "semver": "5.1.0",
     "slide": "1.1.6",
-    "socket.io": "1.7.3",
+    "socket.io": "2.1.1",
     "swagger-node-express": "2.1.3",
     "tinycon": "0.0.1",
     "ueberdb2": "0.4.0",