RDM-5301 - yarn audit with suppression script

[smathangi]

JIRA link (if applicable)

https://tools.hmcts.net/jira/browse/RDM-5301

Change description

This change adds yarn test:audit to build pipeline as part of the security check steps. This uses a bash script to run yarn audit and compare any vulnerabilities found against a known issue list. Therefore the build will now break on PR build if any vulnerable tools are introduced / new vulnerabilities found.

Note: There is an outstanding feature request for Yarn to be able to suppress vulnerabilities so once that's been introduced the run-yarn-audit.sh script can be removed (yarnpkg/yarn#6669)

Does this PR introduce a breaking change? (check one with "x")

[ ] Yes
[ x] No

[codecov]

Codecov Report

Merging #236 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #236   +/-   ##
=======================================
  Coverage   87.41%   87.41%           
=======================================
  Files          14       14           
  Lines         286      286           
  Branches       39       39           
=======================================
  Hits          250      250           
  Misses         36       36

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3f37ab3...bfbff46. Read the comment docs.

[MSancaktutar]

Looks ok. Just a minor-most comment on echo messages..