(and various other lockfile upgrades. "npm audit" is clean.)
The date picker to use with 4.0 is unmaintained, and the new one is
apparently quite different.
Given that 5.0 is expected to be released this quarter, I prefer to
jump straight to the new one and get things working with it, even if
it means using an alpha in the short-term.
This eases build setup. Where Yarn requires a separate package
repository, npm is available in the standard one.
yarn's package repository signature was recently expired, and apparently
will expire again in a year. Avoid dealing with that.
Fixes#110.
