fix: app/api/package.json & app/api/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060

app/api/package.json

@@ -11,10 +11,10 @@
   "dependencies": {
     "async": "^2.6.0",
     "body-parser": "~1.18.2",
-    "cookie-parser": "~1.4.3",
+    "cookie-parser": "~1.4.7",
     "debug": "~2.6.9",
     "dotenv": "^4.0.0",
-    "express": "~4.15.5",
+    "express": "~4.21.1",
     "hbs": "~4.0.1",
     "mongoose": "^4.13.8",
     "morgan": "~1.9.0",