fix 'yarn audit' failures

[eragon512]

Currently, running yarn audit reveals a bunch of potential vulnerabilities. This should not be an issue for most situations, since they originate from the text fixture setup and do not impact the source code

However, developers at some organisations would find it convenient to get this package through their security checks by upgrading the devDependencies

This PR aims to achieve the above.

Reference: https://javascriptbit.com/yarn-audit-fix-security-issues/