Fix NPM braces and other package vulnerabilities

[charlesfu001]

Pull Request Checklist

Please leverage this checklist as a reminder to address commonly occurring feedback when submitting a pull request to make sure your PR can be reviewed quickly:

See the detailed list in the contributing guide.

• C++ Guidelines
• Doxygen docs
• Unit tests
• No unwanted commits/changes
• Descriptive title/description
  • PR is single purpose
  • Related issue listed
• Comments in source
• No typos
• Update changelog
• Not work-in-progress
• External references or docs updated
• Self review of PR done
• Any breaking changes?

[charlesfu001]

@charlesfu001 please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree company="Microsoft"

[weshaggard]

@charlesfu001 why are you trying to update this lock file? It is in our common code and would need to be updated in our azure-sdk-tools repo.

[charlesfu001]

@charlesfu001 why are you trying to update this lock file? It is in our common code and would need to be updated in our azure-sdk-tools repo.
@weshaggard, we don't plan to merge this change into main. A short history, our speech SDK is based on the feature branch feature/websockets, which Larry helped to develope the websocket work. This feature banch has not been merged back to main and we don't plan to merge it back to main. Does this clarify your question? Thanks.

BTW, we created a new feature branch feature/websockets_speech from the commit which we have been based on at feature/websockets. This change is applied to this new feature branch.

[weshaggard]

OK so this is just a merge from main to update this. In which case that should be fine.

[charlesfu001]

@weshaggard , @danieljurek , @benbp , I am not familiar with the process. Does this PR need to be approved by the repo owner to merge it into the feature branch or can it be approved by anyone with write permission, such as Ryan? If it needs to be approved by the repo owner, could you please approve the PR or if you have concerns, just let me know. Thanks.