`package.json`, dependencies are vulnerable to supply-chain attacks

[MidSpike]

Looking at the package.json has led me to the following findings:

`package.json`, dependency versions are vulnerable to supply-chain attacks:
- barely-patched in 8.1.1, semi-patched in 10.1.3
- however 10.1.3 still contains `strong-type: ^1.0.1` along with unfixed devDependencies
- additionally node-cmd, js-queue, js-message, event-pubsub, strong-type are all owned by riaevangelist

Originally posted by @MidSpike in https://github.com/MidSpike/node-ipc/issues/3#issuecomment-1075648693

[MidSpike]

The reason behind calling these "vulnerable to supply-chain attacks" stems from @RIAEvangelist:

• authoring the commit behind CVE-2022-23812

• publicly stating (citation):

  This code serves as a [...] example of why controlling your node modules is important.

• Also saying (citation):

  [...] damn good sleuthing.

  Google defines "sleuthing" as "careful investigation into a crime or mystery"

For the reasons stated above, I believe that any code currently contained in this repository that uses packages maintained by @RIAEvangelist are at risk of a supply-chain attack.