Add vulnerable production dependency
Add a vulnerable production dependency to ensure that reports always
contain a vulnerability regardless of enabled/disabled filter options.
For example, setting DS_INCLUDE_DEV_DEPENDENCIES=0
will not cause the
report artifact to contain zero vulnerabilities.
Edited by Adam Cohen