[Snyk] Security upgrade socket.io from 1.7.4 to 2.5.0

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- cla_socketserver/package.json
- cla_socketserver/package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: socket.io

The new version differs by 110 commits.

baa6804 chore(release): 2.5.0
f223178 fix: prevent the socket from joining a room after disconnection
226cc16 fix: only set 'connected' to true after middleware execution
05e1278 fix: fix race condition in dynamic namespaces
22d4bdf fix: ignore packet received after disconnection
dfded53 chore: update engine.io version to 3.6.0
e6b8697 chore(release): 2.4.1
a169050 revert: fix(security): do not allow all origins by default
873fdc5 chore(release): 2.4.0
f78a575 fix(security): do not allow all origins by default
d33a619 fix: properly overwrite the query sent in the handshake
3951a79 chore: bump engine.io version
6fa026f ci: migrate to GitHub Actions
47161a6 [chore] Release 2.3.0
cf39362 [chore] Bump socket.io-parser to version 3.4.0
4d01b2c test: remove deprecated Buffer usage (#3481)
8227192 [docs] Fix the default value of the 'origins' parameter (#3464)
1150eb5 [chore] Bump engine.io to version 3.4.0
9c1e73c [chore] Update the license of the chat example (#3410)
df05b73 [chore] Release 2.2.0
b00ae50 [feat] Add cache-control header when serving the client source (#2907)
d3c653d [docs] Add Touch Support to the whiteboard example (#3104)
a7fbd1a [fix] Throw an error when trying to access the clients of a dynamic namespace (#3355)
190d22b [chore] Bump dependencies