[chore] Bump concat-stream to version 1.5.2 (#548)

The package concat-stream is known to be vulnerable prior 1.5.2.
 
Source: https://snyk.io/vuln/npm:concat-stream:20160901

Author: faust64

package.json

@@ -42,7 +42,7 @@
     "babel-loader": "6.2.1",
     "babel-preset-es2015": "6.3.13",
     "blob": "0.0.4",
-    "concat-stream": "1.4.6",
+    "concat-stream": "1.5.2",
     "del": "2.2.0",
     "derequire": "1.2.0",
     "engine.io": "2.0.2",