Prioritise `dependencies` and `peerDependencies` over `devDependencies`.

[Bubblyworld]

Currently the generator takes version constraints from devDependencies, even if the same package is present in dependencies or peerDependencies.

[Bubblyworld]

I think this was actually caused by the issue in the linked PR: it wasn't that jspm was picking the dev dependencies over ordinary dependencies, it was that jspm was missing the lock entirely and installing latest from the pjson (which happened to coincide with the dev version).