fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-BOWER-73627
- https://snyk.io/vuln/SNYK-JS-DECOMPRESSZIP-73598
- https://snyk.io/vuln/SNYK-JS-DOT-174124
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-INI-1048974
- https://snyk.io/vuln/SNYK-JS-ISMYJSONVALID-597165
- https://snyk.io/vuln/SNYK-JS-ISMYJSONVALID-597167
- https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288
- https://snyk.io/vuln/SNYK-JS-JSONPOINTER-598804
- https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOUT-1014544
- https://snyk.io/vuln/SNYK-JS-MOUT-2342654
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-REQUEST-3361831
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506
- https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUEST-1082935
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:handlebars:20151207
- https://snyk.io/vuln/npm:hawk:20160119
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:http-signature:20150122
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:minimatch:20160620
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:request:20160119
- https://snyk.io/vuln/npm:semver:20150403
- https://snyk.io/vuln/npm:tough-cookie:20160722
- https://snyk.io/vuln/npm:tough-cookie:20170905
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/npm:uglify-js:20150824
- https://snyk.io/vuln/npm:uglify-js:20151024
- https://snyk.io/vuln/npm:ws:20160104
- https://snyk.io/vuln/npm:ws:20160624
- https://snyk.io/vuln/npm:ws:20160920
- https://snyk.io/vuln/npm:ws:20171108

package.json

@@ -31,7 +31,7 @@
     "base-64": "^0.1.0",
     "catbox-disk": "^3.0.0",
     "code": "^4.1.0",
-    "gh-badges": "^1.3.0",
+    "gh-badges": "^2.2.2",
     "handlebars": "^4.3.0"
   },
   "engines": {