fix: package.json & package-lock.json to reduce vulnerabilities

[at0S]

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-ADMZIP-1065796
• https://snyk.io/vuln/SNYK-JS-EJS-1049328
• https://snyk.io/vuln/SNYK-JS-EXPRESSFILEUPLOAD-473997
• https://snyk.io/vuln/SNYK-JS-EXPRESSFILEUPLOAD-595969
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
• https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
• https://snyk.io/vuln/SNYK-JS-INI-1048974
• https://snyk.io/vuln/SNYK-JS-JQUERY-174006
• https://snyk.io/vuln/SNYK-JS-JQUERY-565129
• https://snyk.io/vuln/SNYK-JS-JQUERY-567880
• https://snyk.io/vuln/SNYK-JS-KERBEROS-568900
• https://snyk.io/vuln/SNYK-JS-LODASH-1018905
• https://snyk.io/vuln/SNYK-JS-LODASH-1040724
• https://snyk.io/vuln/SNYK-JS-LODASH-450202
• https://snyk.io/vuln/SNYK-JS-LODASH-567746
• https://snyk.io/vuln/SNYK-JS-LODASH-590103
• https://snyk.io/vuln/SNYK-JS-LODASH-608086
• https://snyk.io/vuln/SNYK-JS-LODASH-73638
• https://snyk.io/vuln/SNYK-JS-LODASH-73639
• https://snyk.io/vuln/SNYK-JS-MARKED-174116
• https://snyk.io/vuln/SNYK-JS-MARKED-451540
• https://snyk.io/vuln/SNYK-JS-MARKED-584281
• https://snyk.io/vuln/SNYK-JS-MONGODB-473855
• https://snyk.io/vuln/SNYK-JS-MONGOOSE-1086688
• https://snyk.io/vuln/SNYK-JS-MONGOOSE-472486
• https://snyk.io/vuln/SNYK-JS-MQUERY-1050858
• https://snyk.io/vuln/SNYK-JS-MQUERY-1089718
• https://snyk.io/vuln/SNYK-JS-TYPEORM-590152
• https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
• https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090599
• https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090600
• https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090601
• https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090602
• https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
• https://snyk.io/vuln/npm:adm-zip:20180415
• https://snyk.io/vuln/npm:debug:20170905
• https://snyk.io/vuln/npm:dustjs-linkedin:20160819
• https://snyk.io/vuln/npm:ejs:20161128
• https://snyk.io/vuln/npm:ejs:20161130
• https://snyk.io/vuln/npm:ejs:20161130-1
• https://snyk.io/vuln/npm:fresh:20170908
• https://snyk.io/vuln/npm:jquery:20150627
• https://snyk.io/vuln/npm:lodash:20180130
• https://snyk.io/vuln/npm:marked:20150520
• https://snyk.io/vuln/npm:marked:20170112
• https://snyk.io/vuln/npm:marked:20170815
• https://snyk.io/vuln/npm:marked:20170815-1
• https://snyk.io/vuln/npm:marked:20170907
• https://snyk.io/vuln/npm:marked:20180225
• https://snyk.io/vuln/npm:mem:20180117
• https://snyk.io/vuln/npm:mime:20170907
• https://snyk.io/vuln/npm:moment:20161019
• https://snyk.io/vuln/npm:moment:20170905
• https://snyk.io/vuln/npm:mongoose:20160116
• https://snyk.io/vuln/npm:ms:20170412
• https://snyk.io/vuln/npm:negotiator:20160616
• https://snyk.io/vuln/npm:npmconf:20180512
• https://snyk.io/vuln/npm:qs:20170213
• https://snyk.io/vuln/npm:semver:20150403
• https://snyk.io/vuln/npm:st:20140206
• https://snyk.io/vuln/npm:st:20171013