Update npm dependencies to fix security vulnerabilities

There are security vulnerabilities in some dependencies we use. This MR bumps these deps in order to fix.