fix: package.json & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746

Author: snyk-bot

.snyk

@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - gulp-sass > node-sass > sass-graph > lodash:
+        patched: '2020-04-30T21:47:30.022Z'
+    - gulp-sass > node-sass > gaze > globule > lodash:
+        patched: '2020-04-30T21:47:30.022Z'