fix(security): uninstall nodemon

[lautarodragan]

PR Process - PR Review Checklist

Release

Semantic release is enabled for this repository. Make sure you follow the right commit message convention.
We're using semantic-release's default — Angular Commit Message Conventions.

Description of Changes

See dominictarr/event-stream#116

$ npm ls event-stream flatmap-stream
@po.et/node@1.0.3 /.../poet/node
└─┬ nodemon@1.18.6
  └─┬ pstree.remy@1.1.0
    └─┬ ps-tree@1.1.0
      └─┬ event-stream@3.3.6 
        └── flatmap-stream@0.1.1 

$ npm uninstall nodemon
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but npm-shrinkwrap.json was generated for lockfileVersion@0. I'll try to do my best with it!
removed 95 packages, updated 6 packages and audited 20148 packages in 23.041s
found 1 low severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details

$ npm ls event-stream flatmap-stream
@po.et/node@1.0.3 /.../poet/node
└── (empty)

HackerOne report: https://hackerone.com/reports/450006

[poet-ci]

🎉 This PR is included in version 2.10.9 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀