fix: package.json & package-lock.json to reduce vulnerabilities

fix: package.json & package-lock.json to reduce vulnerabilities #421