Update depenendencies for vulnerability fixes

[mikecbrant]

Running npm audit against latest package version reveals several problems which likely need dependency updates in this library.

First and foremost is the fact that this package still relies on jade rather modern pug replacement. There are 5 vulnerabilities related to this package alone.

Second, an update should be made to multimatch to get latest version which would eliminate underlying lodash vulnerabilities as multimatch no longer uses this package as dependency.

This would leave only a single remaining vulnerability exposed by the multimatch library for which I have already opened an issue - sindresorhus/multimatch#26

[mikecbrant]

Multimatch package 3.0.0 was just released and addresses which includes fix for vulnerability noted above.