refactor: import single-file 3rd party modules

This commit allows to:

- provide an ESM version of those modules ([1])
- reduce the attack surface in case of supply chain attacks
- reduce the size of the bundle with tree-shaking

As a downside, we won't receive security updates for those modules
anymore.

[1]: https://github.com/socketio/socket.io-client/issues/1536