avoid arbitrary code execution in "underscore" dependency

[christopherwood]

jsonlint -> nomnom -> underscore

Underscore has an arbitrary code execution per the link below.

https://github.com/advisories/GHSA-cf4h-3jhx-xvhq

One solution is to "rm package-lock.json" before building. This file is the lock file that "npm install" left behind.

More details:

/jsonlint # npm audit

underscore 1.3.2 - 1.12.0 Severity: high Arbitrary Code Execution in underscore - https://github.com/advisories/GHSA-cf4h-3jhx-xvhq fix available via npm audit fix node_modules/underscore nomnom >=1.6.0 Depends on vulnerable versions of underscore node_modules/nomnom

2 high severity vulnerabilities

To address all issues, run: npm audit fix