Update dependencies.

[toolness]

I'm not sure how/why @sraby wasn't experiencing this on his local setup--perhaps he had a system-wide npm cache that was causing different versions of dependencies to be installed--but netlify and I were experiencing super weird problems like npm noticing lots of security vulnerabilities and in particular a problem in the GraphQL query on the worst evictors list of the form:

Unknown field `json` on type `subtitle_6`

I looked into things and it seems the json field was only added to gatsby-source-contentful in version 2.0.33, while this project's package.lock specified version 2.0.1. After running npm update and then npm audit fix everything seems to work fine, though!

I also mentioned this at gatsbyjs/gatsby#13109 (comment) in case anyone else runs into the same problem we ran into.

[toolness]

Update: found out that @sraby was using yarn, not npm, which meant that his system was bypassing package-lock.json entirely and obeying the ^2.0.1 version specifier for gatsby-source-contentful in package.json, which made it install 2.0.33 or above.

We should definitely make sure developers and netlify are using the same package manager (either npm or yarn) with the same lockfile or else dev/prod parity will suffer!

[sraby]

GAH! You saved me @toolness... so, turns out Netlify will default to using NPM unless there is a yarn-lock file found. My foolish self didn't realize that I had left yarn-lock in my .gitignore. Luckily, after merging your dependency updates, I was able to add it back and now Netlify is using Yarn as it should

[toolness]

Oh cool! In that case yeah, we should totes remove package-lock.json and keep only yarn.lock in the repo!

[toolness]

Oh you already did that, awesome!