fix: .snyk, package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-450202

Author: snyk-test

.snyk

@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-450202:
+    - hlsdownloader > async > lodash:
+        patched: '2019-07-04T07:28:12.175Z'
+    - hlsdownloader > request-promise > request-promise-core > lodash:
+        patched: '2019-07-04T07:28:12.175Z'