[GROOMING] Fix library security warning

[renaudboyer]

Update outdated libraries according to the security report.

https://github.com/OpenPaaS-Suite/esn-frontend-common-libs/security/dependabot

CRITERIA:

• [ ] List of libraries that can be updated
• [ ] Breaking changes of libraries upgrades.

[rezk2ll]

what can't be upgraded?

• lodash ( the version we have is 7 years old )
• angular

dependencies that can be upgraded without problems:

DomPurify ( used in the esnDomPurify filter )

used in

• esn-frontend-inbox ( message-body-html.pug template )
• version in common-libs: 1.0.9
• version in esn-frontend-inbox ( overrided version ): ~2.2.0

can be upgraded to ~2.2.0

jekyll

used in gruntfile to validate bootstrap html documentation

kramdown

Jekyll dependency and not specified in the package files, upgrading Jekyll upgrades automatically this dependency

ffi

ruby package, only present in lockfile and not in package files

bower 1.2.8

used in angular-recaptcha as a dev dependency

semver

used in Chart.js gulpfile task just to bump chart.js version: dev dependency

bootstrap

we used static bootstrap package files for version 3.3.7, upgrading the package.json means nothing, to upgrade we need to change the files in src/frontend/components/bootstrap. also, no problems going from 3.3.7 to 3.4.1

jquery