Update JS build and test libraries

This patch updates a couple of build and test libraries used in
Opencast's administrative user interface.

The updates also fix an (uncritical) security vulnerability in one of
the libraries which gets replaced by this patch:

• timespan (CVE-2017-16115):
  The timespan module is vulnerable to regular expression denial of
  service. Given 50k characters of untrusted user input it will block
  the event loop for around 10 seconds.