fix: package.json, package-lock.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746

Author: snyk-bot

package.json

@@ -32,7 +32,8 @@
     "ora": "^4.0.3",
     "signale": "^1.4.0",
     "test": "^0.6.0",
-    "tslib": "^1.11.1"
+    "tslib": "^1.11.1",
+    "snyk": "^1.316.1"
   },
   "devDependencies": {
     "@oclif/dev-cli": "^1.22.2",
@@ -93,11 +94,14 @@
     "posttest": "tslint -p test -t stylish",
     "prepack": "rm -rf lib && tsc -b && oclif-dev manifest && oclif-dev readme",
     "test": "nyc --extension .ts mocha --forbid-only \"test/**/*.test.ts\"",
-    "version": "oclif-dev readme && git add README.md"
+    "version": "oclif-dev readme && git add README.md",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
   },
   "types": "lib/index.d.ts",
   "directories": {
     "lib": "lib",
     "test": "test"
-  }
+  },
+  "snyk": true
 }