Dependency vulnerabilities.

[janzenz]

I got a notification from Github reporting vulnerabilities in the packages: https://github.com/springload/madewithwagtail/network/dependencies

These vulnerabilities seems to occur on transitive dependencies, which can be fixed by specifying the version of these sub-dependencies. There seem to be 2 options to achieve this:

• Using https://github.com/rogeriochaves/npm-force-resolutions to force the resolution of these sub-dependencies to a specific version.
• Another option is use yarn instead of npm which natively supports this. The first option is actually inspired by this feature in yarn.