Semver package security issue

The package `semver` version 5.4.1 has a security issue and allows attackers to do a **ReDoS**.
Can you please update that package to the latest version ?

https://github.com/serverless/serverless-plugin-log-retention/blob/master/package.json#L27