[TASK] Update vulnerable build dependencies

Update (most) vulnerable dependencies/packages found by
`npm audit fix --force --dry-run`.

Notes redarding package changes:

 * The outdated grunt-postcss plugin is replaced by a (maintained)
   fork for compatibility with newer grunt versions.

 * karma is updated to v6 and pulls in @types/node which conflicts with
   TypeScript type definitions by @types/requirejs. Therefore 3rd party
   type declarations from packages (@types/*) are now explicitly
   enabled in tsconfig.json – note that there is no other way to exclude
   from typeRoots:
   microsoft/TypeScript#18588

 * grunt-lintspaces and grunt-contrib-imagemin are replaced
   as these packages have been not been updated to not depend
   on vulnerabe dependencies, while grunt-lintspaces and
   grunt-contrib-imagemin would cause downgrades to older
   version when running `npm audit fix --force` (because only
   the older versions do not depend on vulnerable software).

 * (grunt-contrib-)imagemin is replaced by squoosh (by google) as
   a) imagemin dependencies ("bin-build" > "download") rely on vulnerable
      versions of "got".
      Neither of these packages is currently updated,see
      kevva/download#224
   b) imagemin is unmaintained:
      imagemin/imagemin#385
      and suggests squoosh as replacement

 * stylefmt is replaced by a maintained fork.

There is one remaining packages that pulls in a vulnerability alerts:

  * jquery-ui is marked as vulnerable (severity: high), but worked on
    in a separate patch #96497.
    (We don't actually use the vulnerable library parts though).

Vulnerability report before this patch:

    74 vulnerabilities (1 low, 30 moderate, 38 high, 5 critical)

Vulnerability report after this patch:

    1 high severity vulnerability
    (this is jquery-ui)

Commands executed:

  # Supposed to be non breaking, but broke grunt-css
  npm audit fix
  npm remove grunt-postcss
  npm install @lodder/grunt-postcss

  # Preparation for `npm audit fix --force` (breaking changes)
  npm install grunt@^1.5
  npm install grunt-lintspaces@^0.10.0
  npm remove grunt-lintspaces
  npm install --save-dev lintspaces-cli
  npm remove grunt-contrib-imagemin
  npm install --save-dev
  npm remove stylefmt
  npm install --save-dev @ronilaukkarinen/stylefmt
  npm audit fix --force

Releases: main
Resolves: #98198
Change-Id: I09df87fe131a499790e6c5f95f1c51e9216b71c2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/75539
Tested-by: core-ci <[email protected]>
Tested-by: Georg Ringer <[email protected]>
Tested-by: Stefan Bürk <[email protected]>
Tested-by: Benjamin Franzke <[email protected]>
Reviewed-by: Georg Ringer <[email protected]>
Reviewed-by: Stefan Bürk <[email protected]>
Reviewed-by: Benjamin Franzke <[email protected]>

Resources/Public/JavaScript/configuration-view.js

@@ -10,4 +10,4 @@
  *
  * The TYPO3 project - inspiring people to share!
  */
-import DocumentService from"@typo3/core/document-service.js";import RegularEvent from"@typo3/core/event/regular-event.js";class ConfigurationView{constructor(){if(this.searchForm=document.querySelector("#ConfigurationView"),this.searchField=this.searchForm.querySelector('input[name="searchString"]'),this.searchResultShown=""!==this.searchField.value,DocumentService.ready().then(()=>{new RegularEvent("search",()=>{""===this.searchField.value&&this.searchResultShown&&this.searchForm.submit()}).bindTo(this.searchField)}),self.location.hash){let e=document.querySelector(self.location.hash);document.querySelector(".list-tree .active ")?e=document.querySelector(".list-tree .active "):e&&e.parentElement.parentElement.classList.add("active"),e&&e.scrollIntoView({block:"center"})}}}export default new ConfigurationView;
+import DocumentService from"@typo3/core/document-service.js";import RegularEvent from"@typo3/core/event/regular-event.js";class ConfigurationView{constructor(){if(this.searchForm=document.querySelector("#ConfigurationView"),this.searchField=this.searchForm.querySelector('input[name="searchString"]'),this.searchResultShown=""!==this.searchField.value,DocumentService.ready().then((()=>{new RegularEvent("search",(()=>{""===this.searchField.value&&this.searchResultShown&&this.searchForm.submit()})).bindTo(this.searchField)})),self.location.hash){let e=document.querySelector(self.location.hash);document.querySelector(".list-tree .active ")?e=document.querySelector(".list-tree .active "):e&&e.parentElement.parentElement.classList.add("active"),e&&e.scrollIntoView({block:"center"})}}}export default new ConfigurationView;

Resources/Public/JavaScript/reference-index.js

@@ -10,4 +10,4 @@
  *
  * The TYPO3 project - inspiring people to share!
  */
-import NProgress from"nprogress";import RegularEvent from"@typo3/core/event/regular-event.js";var Selectors;!function(e){e.actionsContainerSelector=".t3js-reference-index-actions"}(Selectors||(Selectors={}));class ReferenceIndex{constructor(){this.registerActionButtonEvents()}registerActionButtonEvents(){new RegularEvent("click",(e,r)=>{NProgress.configure({showSpinner:!1}),NProgress.start(),Array.from(r.parentNode.querySelectorAll("button")).forEach(e=>{e.classList.add("disabled")})}).delegateTo(document.querySelector(Selectors.actionsContainerSelector),"button")}}export default new ReferenceIndex;
+import NProgress from"nprogress";import RegularEvent from"@typo3/core/event/regular-event.js";var Selectors;!function(e){e.actionsContainerSelector=".t3js-reference-index-actions"}(Selectors||(Selectors={}));class ReferenceIndex{constructor(){this.registerActionButtonEvents()}registerActionButtonEvents(){new RegularEvent("click",((e,r)=>{NProgress.configure({showSpinner:!1}),NProgress.start(),Array.from(r.parentNode.querySelectorAll("button")).forEach((e=>{e.classList.add("disabled")}))})).delegateTo(document.querySelector(Selectors.actionsContainerSelector),"button")}}export default new ReferenceIndex;