Use 'yarn audit' for security checks

nsp has been retired and 'npm audit' is the recommended alternative.
Since yarnpkg/yarn#6409 yarn v1.12.0 has an
audit capability.  Use that instead.

Author: Dwayne Bailey

src/uk/gov/hmcts/contino/YarnBuilder.groovy

@@ -82,7 +82,7 @@ class YarnBuilder extends AbstractBuilder {
   }
 
   def securityCheck() {
-    yarn("test:nsp")
+    yarn("audit")
   }
 
   @Override

test/uk/gov/hmcts/contino/YarnBuilderTest.groovy

@@ -77,11 +77,11 @@ class YarnBuilderTest extends Specification {
         1 * steps.sh({ it.startsWith(YARN_CMD) && it.contains('test:mutation') })
   }
 
-  def "securityCheck calls 'yarn test:nsp'"() {
+  def "securityCheck calls 'yarn audit'"() {
     when:
       builder.securityCheck()
     then:
-      1 * steps.sh({ GString it -> it.startsWith(YARN_CMD) && it.contains('test:nsp') })
+      1 * steps.sh({ GString it -> it.startsWith(YARN_CMD) && it.contains('audit') })
   }
 
   def "full functional tests calls 'yarn test:fullfunctional'"() {