Audit js deps during CI

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Label this issue
• Close this issue

We should add the nsp cli tool to our CI process to audit js deps.

Note: We don't currently use npm to manage js deps so this seems almost pointless. I am however 75% sure we will end up using npm so this may become more relevant.

If we didn't end up using npm for some reason, we have even more of a reason to use nsp or another auditing tool.

Currently we cannot guarantee libs are untampered so the integrity of every new lib needs to be checked manually before merge.