Resolve Dependabot alert on ws in package-lock.json

[jsjiang]

Dependabot successfully created a pull request for this alert. Review [the pull request(https://github.com//pull/656), test the gulp build tool and EZID UI, merge pull request if there are no issues.

Develop a procedure to handle following situations

• Dependabot successfully created a pull request
• Dependabot failed to create a pull request
• Update package.json and package-lock.json manually

[jsjiang]

Procedure:

• review code to see if EZID UI uses the affected package
  • if yes, take quick actions
  • if no, this means the package is used by the build tool. Dismiss the alert or upgrade the affected package
• upgrade affected package
  • option 1: use GitHub created pull request
  • option 2: run npm update command to upgrade the affected package
• validate upgrade
  • run gulp command to see if there are issues with the "EZID UI Library" at http://localhost:3000
  • run gulp build to see if there are issues with building css, JavaScript and image files
  • test EZID UI
  • commit changes (outputs from gulp build) if there are any

[jsjiang]

Reviewed EZID code:

• ws (WebSocket) - Not used
• engine.io-client - Not used
• engine.io - not used
• socket.io-adapter - not used

[adambuttrick]

Part of #663.

[jsjiang]

Resolved - see release v3.2.14 resolve Dependabot alert