MVP of CLI to file PRs with Package Updates

[freeqaz]

There are still a few bugs left to shake out here, but the code is 99% of the way there now.

Example PR generated with this command: yarn run dev github-pr replace-package freeqaz/jira_clone --githubToken <SECRET> --old js-yaml@^3.13.1 --new js-yaml@^3.14.0

https://github.com/freeqaz/jira_clone/pull/2

Bugs left:

• [ ] Figure out why packages are marked "extraneous" in the generated lockfile
• [ ] Name the folder where these packages are inserted to be the same as the repo (the package-lock gets a new name currently and it's annoying)

Items left:

• [ ] Call this module from the backend by adding a new Endpoint for it
• [ ] Write the front-end changes to call the endpoint
• [ ] Write some basic unit tests to test this functionality

[factoidforrest]

Neat! Seems like arborist is doing all of the work and youre just lining it up so that it can knock em down. We should have done this a while ago! Piece of cake.

Amazing how it seems to support the different lockfile formats without a hitch. Any testing of that?