fix(security): address dependency vulnerabilities

[jsjoeio]

This PR addresses various vulnerabilities, mainly under lib/vscode including:

• https://github.com/cdr/code-server/security/code-scanning/135?query=ref%3Arefs%2Fpull%2F4127%2Fmerge+ref%3Arefs%2Fpull%2F4127%2Fhead+ref%3Arefs%2Fheads%2Fjsjoeio-fix-screenshot
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23406

Fixes #4126

H/T to @axelgobletbdr for bringing one of these to our attention!

[codecov]

Codecov Report

Merging #4129 (458474f) into main (7a73501) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #4129   +/-   ##
=======================================
  Coverage   64.12%   64.12%           
=======================================
  Files          36       36           
  Lines        1873     1873           
  Branches      379      379           
=======================================
  Hits         1201     1201           
  Misses        571      571           
  Partials      101      101           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7a73501...458474f. Read the comment docs.

[github-actions]

✨ Coder.com for PR #4129 deployed! It will be updated on every commit.

• Host: https://codercom-43eud5vec-codercom.vercel.app/docs/code-server
• Last deploy status: success
• Commit: 458474f
• Workflow status: https://github.com/cdr/code-server/actions/runs/1219333166