chore: fix vuln: override autolinker >= 4.0.0 ^4.0.0

[ramonpetgrave64]

fixes https://github.com/slsa-framework/slsa-verifier/security/code-scanning/11

markdown-toc's latest v1.2.0 is still vulnerable via a transitive dependency, but hasn't received updates in a long time.

This PR overrides one of the other transitive dependencies to a non-vulnerable version.

more info here https://github.com/jonschlinkert/markdown-toc/issues/156

Testing process

• Manually invoked make markdown-toc and it did succeed, while also adding a missing header in the README.
• Made a few typos in the headers and markdown-toc did fix them.
• Cloned markdown-toc, added the override, and its unit tests passed

[ramonpetgrave64]

@laurentsimon @ianlewis @slugclub