[AN-294] Address Dependabot security findings

[LizBaldo]

JIRA Ticket: https://broadworkbench.atlassian.net/browse/AN-294

Note that a lot of security findings were due to dependencies coming from the rawls model that I had to override. It looks like workbenchlibs only uses it for testing though, but still this is a bit strange.

PR checklist

• For each library you've modified here, decide whether it requires a major, minor, or no version bump. (Click here for guidance)

If you're doing a major or minor version bump to any libraries:

• Bump the version in project/Settings.scala createVersion()
• Update CHANGELOG.md for those libraries
• I promise I used @deprecated instead of deleting code where possible

In all cases:

• Replace the appropriate version hashes in README.md and the CHANGELOG.md for any libs you changed with TRAVIS-REPLACE-ME to auto-update the version string
• Get two thumbsworth of PR review
• Verify all tests go green (CI and coverage tests)
• Squash commits and merge to develop
• Delete branch after merge

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 24.48%. Comparing base (87d8637) to head (8133bca).
Report is 8 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #1716      +/-   ##
===========================================
- Coverage    24.66%   24.48%   -0.19%     
===========================================
  Files          104      105       +1     
  Lines         2724     2745      +21     
  Branches       247      253       +6     
===========================================
  Hits           672      672              
- Misses        2052     2073      +21     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.