Fix security vulnerabilities reported by Github dependabot (#195)

* package.json: Upgrade moment package to patched version

Github Dependabot reported a High severity vulnerability with the
current version for the moment package.

Reported impact:
This vulnerability impacts npm (server) users of moment.js, especially
if user provided locale string, eg fr is directly used to switch moment
locale.

CVE ID
CVE-2022-24785

Signed-off-by: Erick Kramer <e.kramer@rethinkrobotics.com>

* package.json: Upgrade async to patched version

Github Dependabot reported a High vulnerability with the current version
of async.

Reported impact:
A vulnerability exists in Async through 3.2.1 for 3.x and through 2.6.3
for 2.x (fixed in 3.2.2 and 2.6.4), which could let a malicious user
obtain privileges via the mapValues() method.

CVE ID
CVE-2021-43138

Signed-off-by: Erick Kramer <e.kramer@rethinkrobotics.com>

Co-authored-by: Erick Kramer <e.kramer@rethinkrobotics.com>

Author: ErickKramer

package.json

@@ -30,11 +30,11 @@
   },
   "dependencies": {
     "argparse": "1.0.10",
-    "async": "2.6.1",
+    "async": "2.6.4",
     "bn.js": "^4.11.6",
     "bunyan": "1.8.12",
     "md5": "2.2.1",
-    "moment": "2.22.2",
+    "moment": "2.29.2",
     "ultron": "1.1.1",
     "walker": "1.0.7",
     "xmlrpc-rosnodejs": "1.4.0"