Dependency vulnerabilities

[gkallenberg]

Reported by GitHub security:

• hoek should be upgraded to at least v4.2.1 to mitigate a moderately severe vulnerability
• url-parse should be upgraded to at least v1.4.3 to mitigate a highly severe vulnerability
• cryptiles should be upgraded to at least v4.1.2 to mitigate a highly severe vulnerability
• webpack-dev-server should be upgraded to at least v3.1.11 to mitigate a low severity vulnerability
• just-extend should be upgraded to at least v4.0.0 to mitigate a low severity vulnerability
• lodash should be upgraded to at least v4.17.11 to mitigate a low severity vulnerability

[siberry]

@gkallenberg, we do need to do a manual auditing of our package some point. Is this something that was autogenerated (like from dependabot or running npm audit)? Or did you curate this list to some degree?