Upgrade vulnerable dependencies fixing npm audit reports

[sudheesh001]

• The current base branch of the webservice repository contains 10 dependencies with vulnerabilities
• This patch upgrades the dependencies keeping compatibility and fixes the remaining dependencies
• npm audit shows the result as found 0 vulnerabilities

Signed-off-by: Sudheesh Singanamalla sudheesh@cs.washington.edu

[danyalaytekin]

Hi @sudheesh001, thank you for this contribution, and sorry it's taken a while to review it.

This repo's assumptions had grown stale, as they had done in a few sibling repos, so I've made a few further changes to bring it closer to passing, such as using ubuntu-20.04 instead of ubuntu-latest until we can do a full dependency update for pa11y-webservice@5, and I've also restored the lockfile to v1 as it had been previously, since this'll probably go into a minor release first - hope that's ok. I think I've hit a wall now, where hapi@21 is failing here for Node 12 but hapi@20 is failing for Node 16, each of which we need to support in pa11y-webservice@4. Hopefully I'm wrong though and it's a flake or something else innocuous - I'll look into this again. Thanks again 🙂

[danyalaytekin]

Aha, I'd reverted hapi too far! Again, assuming this successful build isn't also a flake.

[sudheesh001]

@danyalaytekin Thank you for following up on this one! This looks great, I'm looking forward to seeing this merged. It does look like github actions indicates a few warnings. Do they need to be resolved before this merge goes through?

[danyalaytekin]

Hi @sudheesh001, the warnings are about the structure of functions, but neither of us have touched the relevant functions here, so the warnings don't indicate a regression. I think we're good.

[josebolos]

Excellent! Thanks all!

[hollsk]

co-signed! Thank you very much, @sudheesh001 and @danyalaytekin 🙏