Jsonwebtoken has a security flaw that needs to be updated

There's a CWE issued for jws library that's used on jsonwebtoken library that needs to be updated.

https://github.com/auth0/node-jsonwebtoken/commit/ed59e76ea37a80f54b833668c02a5271984dcba3

The bump is simple and just goes from 9.0.2 to 9.0.3

This is indirectly affecting both socketcluster client and socketcluster server.

Ps: It would be nice to have dependabot enabled for socketcluster repos