[DUOS-877][risk=no] Remove unused dev dependencies

[rushtong]

Addresses

https://broadinstitute.atlassian.net/browse/DUOS-877

Changes

Removed only the unused dev dependencies. Others will be addressed in other stories

---

Have you read Terra's Contributing Guide lately? If not, do that first.

I, the developer opening this PR, do solemnly pinky swear that:

• PR is labeled with a Jira ticket number and includes a link to the ticket
• PR is labeled with a security risk modifier [no, low, medium, high]
• PR describes scope of changes

In all cases:

• Get a minimum of one thumbs worth of review, preferably 2 if enough team members are available
• Get PO sign-off for all non-trivial UI or workflow changes
• Verify all tests go green
• Squash and merge; you can delete your branch after this
• Test this change deployed correctly and works on dev environment after deployment

[JVThomas]

Just curious, the package.json file has a comment on how handlebars and js-yaml are "security related updates for indirect dependencies". What was that about?

[rushtong]

@JVThomas

Just curious, the package.json file has a comment on how handlebars and js-yaml are "security related updates for indirect dependencies". What was that about?

Great question ... and I missed that. I added that back in #168 and I am hoping they do not trigger a new security check. At the time, I think we were using source clear for these checks, but now we're pretty reliant on either dependabot or github.

[rushtong]

Also, we run npm audit on every PR - now that we know it's passing, there is no longer a security issue with these libraries.