This change bumps us up to the latest versions of jQuery and jQuery-UI.

While we didn't actually have any exposure, the versions that we had

been using were triggering alerts from various security scanning tools.
With this, we also now load jQuery-UI from node_modules instead of

vendoring it into our source tree.
The one thing that I hit was some changes with the timing of the

remove event causing a callback to hit after tests had already cleaned

up the DnDUploader instance.

Ran npm install.
Ran js-tests.
Tested autocomplete on various inline editors and quick search.
Tested that modal dialogs worked correctly.
Tested dragging and resizing the comment dialog on desktop and

  mobile.