Remove save-exact from .npmrc and add save

Since we can no longer use Dependabot due to CFS,
we just have to update manually (with `--save`, but automatic).
Which means we need `^` semver so `npm update` does what we expect
(which is to update to the latest minor version).
Except for the VS Code types, those use `~` so we only get patch updates.
This is because it must match our engine version of VS Code.

Also just omit the resolved registry from the lockfile
(since the replace option didn't really work as expected).

Author: andyleejordan