deps: update lockfile, ignore a vulnerability (#449)

Author: gadomski

.safety-policy.yml

@@ -0,0 +1,4 @@
+security:
+  ignore-vulnerabilities:
+    70612:
+      reason: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.