Update vulnerable dependencies

[kellyi]

Overview

GitHub reports that there are some vulnerable dependencies in the package.json & package-lock.json files. For this PR I used npm audit to fix them, making some necessary changes to webpack config in order that the project can continue to build.

The second commit here addresses an issue whereby npm expected the license to be "Apache-2.0" rather than "Apache-2"

Connects #45 Closes #30

Demo

npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN eslint-config-airbnb@13.0.0 requires a peer of eslint@^3.9.1 but none is installed. You must install peer dependencies yourself.
npm WARN eslint-config-airbnb@13.0.0 requires a peer of eslint-plugin-react@^6.6.0 but none is installed. You must install peer dependencies yourself.
npm WARN eslint-plugin-jsx-a11y@2.2.3 requires a peer of eslint@^2.10.2 || 3.x but none is installed. You must install peer dependencies yourself.
npm WARN eslint-config-airbnb-base@10.0.1 requires a peer of eslint@^3.9.1 but none is installed. You must install peer dependencies yourself.

added 1541 packages from 828 contributors and audited 13795 packages in 168.808s
found 0 vulnerabilities

Notes

47 is for fixing the eslint-config-airbnb stuff depicted above.

Once this is in I'll make a new release and upgrade GARP.

Testing Instructions

• get this branch, then rm -rf node_modules
• using Node 10.11 (you can use nvm to switch versions if necessary), run ./scripts/setup and verify that the installation works and the end result is the output pictured above
• run ./scripts/server and verify that the application loads on 7777 and that you don't see any webpack errors, aside from one about bundle size
• run ./scripts/cibuild and verify that that works, too

[kellyi]

https://github.com/azavea/pwd-unitybar/issues/51 is for addressing the node-sass conflict