Update dependencies (v2)

[kibertoad]

fixes #312

There are two major updates, engine.io and engine.io-client. The only significant changes are on server side, client was only updated to accommodate for it. Here is the list of potentially breaking changes:

• handlePreflightRequest removed from CORS (was not used in the airtap);
• In Engine.IO v3, the io cookie was sent by default. This cookie can be used to enable sticky-session, which is required when you have several servers (doesn't seem to be relevant for airtap);
• perMessageDeflate is now disabled by default (shouldn't make much difference for airtap);
• Support for Node.js 8 was dropped (airtap is 10+);
• the syntax of the "wsEngine" option is updated (airtap does not use wsEngine option).

[kibertoad]

CI seems to be broken, btw. Would you be open to a PR, switching from Travis to GitHub Actions?

[vweevers]

Thanks so much for this! Limiting the amount of updates makes this easier to review and merge than #315. As for the changes:

• In Engine.IO v3, the io cookie was sent by default. This cookie can be used to enable sticky-session, which is required when you have several servers (doesn't seem to be relevant for airtap);

Correct. Airtap does run multiple servers, but it's one per browser, so a browser only ever connects to one server.

• handlePreflightRequest removed from CORS (was not used in the airtap);
• perMessageDeflate is now disabled by default (shouldn't make much difference for airtap);
• Support for Node.js 8 was dropped (airtap is 10+);
• the syntax of the "wsEngine" option is updated (airtap does not use wsEngine option).

👍

[vweevers]

CI seems to be broken, btw. Would you be open to a PR, switching from Travis to GitHub Actions?

That would be most welcome. Thanks!

[vweevers]

I do have two remaining questions - same as #315 (comment):

1. Is latest engine.io-client using ES6+ features? Which is why we currently pin to 3.3.2.
2. Does it support the same browsers (versions)?

[kibertoad]

@vweevers I see classes and default arguments, I take it that means "yes" on the first one?
How can I check supported versions?

[vweevers]

I see classes and default arguments, I take it that means "yes" on the first one?

In that case we will (unfortunately) need to transpile the client bundle to ES5 (#276). E.g. by adding a babel transform to this browserify instance.

How can I check supported versions?

If not documented by engine-io (?) then we can run tests in Sauce Labs. Which would be good anyway. To do so, clone airtap/sauce, run npm i airtap/airtap#kibertoad:chore/deps-2021-09-05 --save-dev and open a draft PR on that repo. Which won't immediately run tests for lack of access to secrets, but I will trigger them. This will cover a whole bunch of browsers.

[vweevers]

I see that engine-io-client has a dist folder, perhaps it's already transpiled?

[YoDaMa]

Hey folks is this stalled? Does anyone need help getting this landed?

[vweevers]

Feel free to pick this up, the state is as written above (and in addition this PR needs a rebase). I'm not going to work on this in the foreseeable future, because it's only about removing a false positive alert. Which is not a priority for me especially if it results in breaking changes that necessitate adding a transpiler. Do you want to send a PR to tackle that?