fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SSRI-1246392

package.json

@@ -27,7 +27,7 @@
     "jquery": "^3.5.1",
     "jquery-pjax": "~2.0",
     "js-yaml": "^3.14.0",
-    "laravel-mix": "^5.0.7",
+    "laravel-mix": "^5.0.8",
     "leaflet": "^1.3.4",
     "leaflet-ajax": "2.1.0",
     "leaflet-providers": "1.0.*",
@@ -44,7 +44,7 @@
     "popper.js": "^1.15.0",
     "rivets": "^0.9.6",
     "select2": "^4.0.13",
-    "ssri": "^5.3.0",
+    "ssri": "^6.0.2",
     "tar": ">=4.4.2",
     "webpack": "^4.44.2",
     "webpack-cli": "^3.3.12",