fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-15789759
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-15789775
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-15789761

Author: snyk-bot