fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WHETEXTEND-3178372

Author: snyk-bot

package.json

@@ -37,7 +37,7 @@
     "babel-preset-react": "6.11.1",
     "chalk": "1.1.3",
     "cross-spawn": "4.0.0",
-    "css-loader": "0.23.1",
+    "css-loader": "1.0.0",
     "eslint": "3.1.1",
     "eslint-loader": "1.4.1",
     "eslint-plugin-import": "1.10.3",