Address CVE-2022-0144, resolve shelljs to 0.8.5

[stefanobaghino-da]

Addresses the following @dependabot alerts:

• https://github.com/digital-asset/daml/security/dependabot/20
• https://github.com/digital-asset/daml/security/dependabot/21

Introduced #12923 as the apollo package needed to be re-introduced as a development dependency to generate the client-side code for the Navigator GraphQL API.

changelog_begin
changelog_end

Pull Request Checklist

• Read and understand the contribution guidelines
• Include appropriate tests
• Set a descriptive title and thorough description
• Add a reference to the issue this PR will solve, if appropriate
• Include changelog additions in one or more commit message bodies between the CHANGELOG_BEGIN and CHANGELOG_END tags
• Normal production system change, include purpose of change in description
• If you mean to change the status of a component, please make sure you keep the Component Status page up to date.

NOTE: CI is not automatically run on non-members pull-requests for security
reasons. The reviewer will have to comment with /AzurePipelines run to
trigger the build.

[S11001001]

Upstream fix was in shelljs/shelljs#1060.

[stefanobaghino-da]

Upstream fix was in shelljs/shelljs#1060.

Yes, thanks. Unfortunately it still hasn't propagated to Apollo, which is why @dependabot couldn't make an automated fix. One of these days I should set aside some time to clean up resolutions that are no longer needed to work around the slow propagation of security patches along the dependency chain.