Merge #3637

3637: Update dependencies and fix minimist CVE r=matklad a=darinmorrison

This PR just updates some dependencies and also regenerates the `package-lock.json` to fix the recent [minimist CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598) (a dependency of eslint).

Co-authored-by: Darin Morrison <[email protected]>

Author: bors[bot]