Fix npm dependency issues

[jackc94]

There are currently 8 npm dependency issues that can't be resolved without breaking your project... please could you explore and remedy these as one is DoS.

npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE   package: 'sonos-http-api@1.6.9',
npm WARN EBADENGINE   required: { node: '>=4.0.0', npm: '^2.0.0' },
npm WARN EBADENGINE   current: { node: 'v12.22.12', npm: '7.5.2' }
npm WARN EBADENGINE }

up to date, audited 311 packages in 13s

38 packages are looking for funding
  run `npm fund` for details

# npm audit report

ajv  <6.12.3
Severity: moderate
Prototype Pollution in Ajv - https://github.com/advisories/GHSA-v88g-cgmw-v5xw
fix available via `npm audit fix --force`
Will install eslint@8.22.0, which is a breaking change
node_modules/ajv
  eslint  2.5.0 - 2.5.2 || 4.2.0 - 5.0.0-rc.0
  Depends on vulnerable versions of ajv
  Depends on vulnerable versions of table
  node_modules/eslint
  table  3.7.10 - 4.0.2
  Depends on vulnerable versions of ajv
  node_modules/table

lodash  <=4.17.20
Severity: critical
Prototype Pollution in lodash - https://github.com/advisories/GHSA-jf85-cpcp-j695
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-fvqr-27wr-82fm
fix available via `npm audit fix --force`
Will install request-promise@4.2.6, which is a breaking change
node_modules/request-promise/node_modules/lodash
  request-promise  0.2.4 - 2.0.0
  Depends on vulnerable versions of lodash
  node_modules/request-promise

minimist  <=1.2.5
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m
fix available via `npm audit fix`
node_modules/minimist
  optimist  >=0.6.0
  Depends on vulnerable versions of minimist
  node_modules/optimist

node-static  *
Severity: moderate
Denial of Service in node-static - https://github.com/advisories/GHSA-8r4g-cg4m-x23c
No fix available
node_modules/node-static

8 vulnerabilities (6 moderate, 2 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues possible (including breaking changes), run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

[jsiegenthaler]

I've found that you can update the dependencies as below, and the plugin still works.
It doesn't resolve everything, but it resolves a lot.
I've written a script to update everything to the highest working versions.
Here's my working dependencies:

"dependencies": {
"anesidora": "^1.2.0",
"aws-sdk": "^2.1295.0",
"basic-auth": "^2.0.1",
"fuse.js": "^6.6.2",
"html-entities": "^1.4.0",
"json5": "^2.2.3",
"mime": "^3.0.0",
"music-metadata": "^7.13.3",
"node-static": "^0.7.11",
"request-promise": "^4.2.6",
"sonos-discovery": "https://github.com/jishi/node-sonos-discovery/archive/v1.7.3.tar.gz",
"wav-file-info": "0.0.10"
},
"engines": {
"node": "^18.12.1",
"npm": "^9.2.0"
},