fix: root libs security

[jsomsanith-tlnd]

What is the problem this PR is trying to solve?
We have security issues on talend/ui (here only the root folder is impacted).

What is the chosen solution to this problem?

Direct dependencies removal

• cpx: it's not used at root. It's still present in the packages, need to replace it with cpx2 (out of scope for now).
• pixelmatch, pngjs, puppeteer, tmp-promise: remove along with the associated scripts (test:nonreg not used)
• slimerjs: this was added with the visual non-regs via screenshots. This has been removed. Remove the dependency and clean associated packages
• storybook-chroma: not used on talend/ui, consider it on talend/design-system instead
• surge: we use it as cli only, to upload our public SB on this public repo. Remove and use it via npx.

Direct dependencies upgrade

• Lerna: ^2.5.1 -> ^3.20.2 (breaking changes are features we don't use)

Indirect dependencies exact resolutions

• lodash: resolve to ^4.17.15 (compatible with all the required versions)
• set-value: resolve to ^3.1.2 (compatible with current 3.1.1)
• mixin-deep: resolve to ^1.3.2 (compatible with current 1.3.1)
• acorn: resolve all 6.x to 6.4.1
• kind-of: resolve all 6.x to 6.0.3

Indirect dependencies resolutions

• dot-prop: resolve to ^5.2.0 (from 3.x - lerna and 4.x - lerna). Looking at their history, major version are due to node requirements >4 (from 3.x to 4.x) and >8 (from 4.x to 5.x).
• minimist: resolve to ^1.2.5 (from 0.0.8 - lerna | 1.2.0 - lerna). History doesn't seem to have breaking changes, don't understand their release process.

After

Waiting for those issues/PRs to remove resolution

• lerna: Security: CVE-2020-8116 (High) detected in dot-prop-3.0.0.tgz, dot-prop-4.2.0.tgz lerna/lerna#2492 (dot-prop)
• surge: Bump minimist from 1.1.1 to 1.2.3 sintaxi/surge#402 (minimist)

Please check if the PR fulfills these requirements

• The PR commit message follows our guidelines
• Tests for the changes have been added (for bug fixes / features) And non reg done before need review
• Docs have been added / updated (for bug fixes / features)
• Related design / discussions / pages (not in jira), if any, are all linked or available in the PR

[ ] This PR introduces a breaking change

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here

[build-travis-ci]

Demo is available here