Security vulnerabilities in report app dependencies

[tkaik]

Version used

• AET 3.0.1

Context of the issue/feature

After migration to gulp (see #299, #321) GitHub reports security vulnerabilities in report app dependencies - see details here: https://github.com/Cognifide/aet/network/alerts. Please fix them - possibly bower needs to be replaced with some other tool.

[fbatk]

Investigation showed that most of the troublesome dependencies indeed come from bower. Even if we bump-up those dependencies explicitly in package.json, they will still be included in older versions, as that's what bower requires and lists as explicit dependencies. In summary, it seems replacing bower with a different tool is the only way to go.