Updating lerna to latest version

[aliabbasrizvi]

No description provided.

[aliabbasrizvi]

@spencerwilson-optimizely recommended to push package-lock.json as well

[aliabbasrizvi]

This was an update that was recommended by SourceClear

[coveralls]

Coverage increased (+0.0009%) to 97.114% when pulling 4a5e28f on ali/update_library into 8f9bcb3 on master.

[spencerwilson-optimizely]

[javascript] > lerna bootstrap && lerna run build
[javascript] 
[javascript] lerna info version 2.11.0
[javascript] lerna ERR! EMISMATCH Incompatible local version of lerna detected!
[javascript] lerna ERR! EMISMATCH The running version of lerna is 2.11.0, but the version in lerna.json is 3.2.1.
[javascript] lerna ERR! EMISMATCH You can either run 'lerna init' again or install 'lerna@^3.2.1'.
[javascript] npm info lifecycle optimizely-sdk-packages@1.0.0~postinstall: Failed to exec postinstall script

Looks like in the repo's postinstall hook triggered during the testapp's installation step, global lerna detects a mismatch from the version in lerna.json (which maybe comes, in turn, from the version in package.json?).

I think the testapp being aware of lerna is lame, and I'd like to move in a direction where that's not the case. As a first step, I tried moving this repo's top-level package.json's lerna from devDependencies to dependencies, and that installed okay. The testapp globally installing is a patch to fix the real problem: postinstall is requiring that things in devDependencies are installed, but devDependencies aren't always installed. (e.g., if you do npm install foo, foo's devDependencies are not installed).

I'll commit to this PR and see if it works against quay's javascript-testapp:latest.

[spencerwilson-optimizely]

Oh, and for the record, this PR is to satisfy SourceClear reporting vulns in this repo.

[spencerwilson-optimizely]

Cool, it works.

[aliabbasrizvi]

@mikeng13 good to go?

[mikeproeng37]

Yep! This is exactly what I was talking to you about yesterday. Thanks @spencerwilson-optimizely

[mikeproeng37]

lgtm