A few outdated modules

[pdehaan]

Steps to reproduce

$ git clone https://github.com/karma-runner/karma.git karma
$ npm install
[WARN] deprecated - [email protected]: Package was renamed to 'grunt-jscs'

$ npm shrinkwrap --dev
wrote npm-shrinkwrap.json

# $ sudo npm i nsp -g
$ nsp audit-shrinkwrap --no-color
Name  Installed  Patched  Vulnerable Dependency
qs      0.6.6     >= 1.x  karma > connect
qs      0.5.6     >= 1.x  karma > grunt-contrib-watch > tiny-lr-fork
qs      0.6.6     >= 1.x  karma > karma-phantomjs-launcher > phantomjs > request
qs      0.6.6     >= 1.x  karma > karma-sauce-launcher > wd > request

$ npm outdated --depth 0
Package      Current  Wanted  Latest  Location
glob          3.2.11  3.2.11   4.0.5  glob
minimatch     0.2.14  0.2.14   1.0.0  minimatch
q              0.9.7   0.9.7   1.0.1  q
graceful-fs    2.0.3   2.0.3   3.0.2  graceful-fs
socket.io     0.9.17  0.9.17   1.0.6  socket.io
connect       2.12.0  2.12.0   3.1.1  connect
http-proxy    0.10.4  0.10.4   1.3.0  http-proxy
mocha         1.20.1  1.20.1  1.21.4  mocha

$ travis-lint
- env.global: unexpected pair

Actual results

The version of connect currently being used has an issue with the version of qs that it targets, see https://nodesecurity.io/advisories/methodOverride_Middleware_Reflected_Cross-Site_Scripting.

Not sure what the issue being reported by travis-lint is, but it's giving warnings in the online linter too, http://lint.travis-ci.org/karma-runner/karma

[bazilio91]

Partial fix in #1170

[dignifiedquire]

Closing in favor of #1410