fix: 2 high severity vulnerabilities

- `npm audit` result

```
# npm audit report

semver  7.0.0 - 7.5.1
Severity: high
semver vulnerable to Regular Expression Denial of Service - GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix`
node_modules/@cucumber/cucumber/node_modules/semver
  @cucumber/cucumber  8.0.0-rc.1 - 9.2.0
  Depends on vulnerable versions of semver
  node_modules/@cucumber/cucumber
```

Author: hsinn0