Add badge of vulnerabilities from snyk.io

[trivikr]

Summary

• Adds confidence in viewers about the project
• It's easy to identify vulnerabilities if they appear in future

Test plan

N/A

[SimenB]

I updated it to point to the correct package.json, and now it's complaining :(

• mem fixed in chore: bump package versions #6978
• we'll upgrade micromatch when v4 is released: v4.0 micromatch/micromatch#137
• not sure what to do about the last one (chownr), it's apparently unfixable: This package appears to have a TOCTOU bug isaacs/chownr#14

[spencern]

@SimenB
Have you had discussions or made any decisions about what to do with the chownr issue?
This is an issue we're trying to decide what to do with for our OSS project as well.

As this issue is linked to the isaacs/chownr#14 issue, there may be other people who land here with similar questions.

Apologies for the necropost if this is not a good forum for asking about this.

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.