fix: package.json, yarn.lock & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HELMETCSP-469436
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:fresh:20170908
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:moment:20170905
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:tunnel-agent:20170305


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:extend:20180424
- https://snyk.io/vuln/npm:stringstream:20180511
- https://snyk.io/vuln/npm:tough-cookie:20170905

.snyk

@@ -0,0 +1,14 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.19.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:extend:20180424':
+    - request > extend:
+        patched: '2021-03-10T21:00:47.183Z'
+  'npm:stringstream:20180511':
+    - request > stringstream:
+        patched: '2021-03-10T21:00:47.183Z'
+  'npm:tough-cookie:20170905':
+    - request > tough-cookie:
+        patched: '2021-03-10T21:00:47.183Z'

package.json

@@ -5,7 +5,9 @@
   "main": "index.js",
   "scripts": {
     "test": "jest",
-    "start": "node src/index.js"
+    "start": "node src/index.js",
+    "snyk-protect": "snyk protect",
+    "prepare": "yarn run snyk-protect"
   },
   "keywords": [
     "kbot",
@@ -20,15 +22,17 @@
   "author": "Riccardo Merlin",
   "license": "ISC",
   "dependencies": {
-    "body-parser": "1.16.0",
+    "body-parser": "1.18.2",
     "es6-promise": "4.0.5",
-    "express": "4.14.0",
-    "helmet": "3.4.0",
-    "moment": "2.17.1",
+    "express": "4.16.0",
+    "helmet": "3.21.1",
+    "moment": "2.19.3",
     "nedb": "1.8.0",
-    "request": "2.79.0"
+    "request": "2.82.0",
+    "snyk": "^1.483.0"
   },
   "devDependencies": {
     "jest": "20.0.4"
-  }
+  },
+  "snyk": true
 }