use rollup-plugin-terser instead of rollup-plugin-uglify

[gavinr]

Right now there's a security issue:

High            Remote Code Execution
  Package         serialize-javascript
  Patched in      >=3.1.0
  Dependency of   rollup-plugin-uglify [dev]
  Path            rollup-plugin-uglify > serialize-javascript
  More info       https://npmjs.com/advisories/1548
found 1 high severity vulnerability in 832 scanned packages

It seems like this plugin might not be supported anymore, (TrySound/rollup-plugin-uglify#87) so switching this to an alternate. It seems like the copyright note is not on the output esri-leaflet.js file though - may need to look into this.

[jwasilgeo]

If this change goes through, then I suggest we also think about updating these plugins' npm deps that rely on esri-leaflet's own Rollup config:

• https://github.com/Esri/esri-leaflet-vector
• https://github.com/Esri/esri-leaflet-geocoder
• https://github.com/Esri/esri-leaflet-cluster
• https://github.com/Esri/esri-leaflet-heatmap

This plugin does its own Rollup config, but we should see if anything needs to be done:

• https://github.com/Esri/esri-leaflet-renderers

Am I missing anything?

[gavinr]

Closing in favor of #1315