fix(deps): use public npm registry for fallow tarballs in lockfile

The fallow package was added to devDependencies in #77 while npm was
configured to use the internal Databricks npm proxy, which baked
`https://npm-proxy.dev.databricks.com/...` URLs into 8 lockfile entries
(fallow + its 7 platform-specific binaries). Vercel's build server
cannot reach that internal proxy, so production deploys fail with
ETIMEDOUT during `npm install`.

Rewrites the 8 affected `resolved` URLs to `https://registry.npmjs.org/`.
Integrity hashes are content-based and unchanged, so installs still
verify against the public registry's tarballs.

Author: andrelandgraf