chore: update NPM dependencies

I've updated some of the NPM packages to resolve known security vulnerabilities in dependencies.

Since this project uses create-react-app, not all of the dependencies are used in the production build. Many of them, especially the dependencies of react-scripts, are only used in the development environment or during CI builds. Vulnerabilities found in these dev dependencies are less of a threat because 99% of the time, the vulnerability cannot be exploited via the build output (html/js) that runs in the browser.

Here are more detailed explanations of the situation: https://github.com/facebook/create-react-app/issues/11174 https://overreacted.io/npm-audit-broken-by-design/

To ensure that we are addressing any true security concerns, we should be sure to keep any user facing code listed in the dependencies list and all build-time dependencies in devDependencies. Then we can use the command yarn audit --groups dependencies to easily list all packages that we are using with known vulnerabilities.

Here's the output of this command before the changes in this PR:

$ yarn audit --groups dependencies
yarn audit v1.22.21
...
86 vulnerabilities found - Packages audited: 1490
Severity: 56 Moderate | 27 High | 3 Critical

Here's the output of this command after the changes in this PR. The warnings are due to us now forcing updates to our dependency's dependencies.

$ yarn audit --groups dependencies
yarn audit v1.22.21
warning Resolution field "jackspeak@2.1.1" is incompatible with requested version "jackspeak@^2.3.5"
warning Resolution field "strip-ansi@6.0.1" is incompatible with requested version "strip-ansi@^7.0.1"
warning Resolution field "strip-ansi@6.0.1" is incompatible with requested version "strip-ansi@^7.0.0"
warning Resolution field "strip-ansi@6.0.1" is incompatible with requested version "strip-ansi@^7.0.1"
0 vulnerabilities found - Packages audited: 262

lightninglabs / lightning-terminal

chore: update NPM dependencies #685