Patch vulnerabilities where possible

We install and use `yarn-audit-fix` to find dependencies with security
vulnerabilities and update them where possible.

We go from 17 moderate and 14 high severity vulnerabilities, to 12
moderate vulnerabilities.

The default `yarn-audit-fix` command only updates minor semver versions.
We might be able to eliminate more vulnerabilities by running
`yarn-audit-fix --force` to also update majore semver versions, but
there's more risk of upgrading to a dependency that is incompatible with
our codebase. Since we've at least eliminated the high severity
vulnerabilities, this change should suffice for now.

Author: davezuch

package.json

@@ -14,7 +14,8 @@
     "parcel": "2.2.1",
     "purescript": "0.14.4",
     "purescript-psa": "0.8.2",
-    "spago": "0.20.3"
+    "spago": "0.20.3",
+    "yarn-audit-fix": "^9.0.9"
   },
   "dependencies": {
     "big-integer": "^1.6.31",