Update insecure dependencies

[J-Sek]

I use npms.io a lot and noticed some warnings:

These related to "insecure" include simple updates in package.json here and in roots-utils as displayed on nodesecurity.io

Definitely low priority and maybe it make more sense to handle all projects in Roots ecosystem...

[jescalan]

Yeah, so I'm not sure if you realized this so far, but roots is not actively maintained (there's a note about this in the readme). It has been succeeded by spike, which is built by the same team, but is superior to roots in just about every way. Spike is also very actively maintained and developed. You might want to consider changing over!

If not, and you are still interested in roots, the responsibility to keep thing up to date is going to fall into the hands of contributors like yourself. Otherwise, we would warmly welcome you to the spike community! 👬

[J-Sek]

I must have missed that. Thanks :)

I've just started new project, so there should be no problem with migration.