Move frontend configurations #1653
Description
When introducing the dependabot yaml file, there was a suggestion to clean the frontend configurations to where the actual frontend code exists.
This will involve tweaking the build process and adjusting the dependabot file to reflect the new directory for package.json and package-lock.json.
"... We may want to move our package.json and lock files into the assets directory (which is essentially the frontend) to clean up the root which would involve a slight change here (and in the build) "
Originally posted by @jonespm in #1652 (review)