chore!: Fix dependency vulnerabilities discovered by Snyk

[gregsinclair42]

This is a small PR that fixes a few high and critical dependency vulnerabilities discovered by Snyk:

                                                                                                                                    
Testing https://github.com/gulpjs/gulp-cli...                                                                                       
                                                                                                                                    
✗ High severity vulnerability found in unset-value                                                                                  
  Description: Prototype Pollution                                                                                                  
  Info: https://security.snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660                                                                    
  Introduced through: matchdep@2.0.0, liftoff@3.1.0                                                                                 
  From: matchdep@2.0.0 > micromatch@3.1.10 > snapdragon@0.8.2 > base@0.11.2 > cache-base@1.0.1 > unset-value@1.0.0                  
  From: matchdep@2.0.0 > micromatch@3.1.10 > braces@2.3.2 > snapdragon@0.8.2 > base@0.11.2 > cache-base@1.0.1 > unset-value@1.0.0   
  From: matchdep@2.0.0 > micromatch@3.1.10 > extglob@2.0.4 > snapdragon@0.8.2 > base@0.11.2 > cache-base@1.0.1 > unset-value@1.0.0  
  and 12 more...                                                                                                                    
                                                                                                                                    
✗ High severity vulnerability found in ansi-regex                                                                                   
  Description: Regular Expression Denial of Service (ReDoS)                                                                         
  Info: https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908                                                                     
  Introduced through: yargs@7.1.2                                                                                                   
  From: yargs@7.1.2 > string-width@1.0.2 > strip-ansi@3.0.1 > ansi-regex@2.1.1                                                      
  From: yargs@7.1.2 > cliui@3.2.0 > strip-ansi@3.0.1 > ansi-regex@2.1.1                                                             
  From: yargs@7.1.2 > cliui@3.2.0 > string-width@1.0.2 > strip-ansi@3.0.1 > ansi-regex@2.1.1                                        
  and 2 more...               ```

The fix requires overriding some transitive dependencies, upgrading yargs, and adding the correct version of ansi-regex as a main dependency rather than a transitive dependency.

[phated]

These will be updated with our other updates that are being batched in preparation of gulp 5. See #239