chore: fix dependabot security vulnerabilities via pnpm overrides (#394)

Added pnpm overrides to resolve 20 known vulnerabilities:
- svgo@^3: ^3.3.3 (DoS via DOCTYPE entity expansion, GHSA-xpqw-6gx7-v673)
- svgo@^4: ^4.0.1 (DoS via DOCTYPE entity expansion, GHSA-xpqw-6gx7-v673)
- tar@^7: ^7.5.11 (hardlink/symlink path traversal, GHSA-qffp-2rhf-9h96, GHSA-9ppj-qmqm-q256)
- flatted: >=3.4.0 (unbounded recursion DoS, GHSA-25h7-pfq9-p65f)
- undici@^5||^6: ^6.24.0 (WebSocket overflow + memory issues, GHSA-f269-vfmq-vjvj)
- undici@^7: ^7.24.0 (WebSocket overflow + memory issues, GHSA-f269-vfmq-vjvj)
- dompurify: >=3.3.2 (XSS bypass, GHSA-*)
- devalue: >=5.6.4 (proto pollution, GHSA-mwv9-gp5h-frr4)
- yauzl@^3: >=3.2.1 (off-by-one error, GHSA-gmq8-994r-jv83)

Co-authored-by: Cursor Agent <cursoragent@cursor.com>

Author: gregnazario

package.json

@@ -140,9 +140,17 @@
     },
     "overrides": {
       "minimatch@^10": "^10.2.1",
-      "undici@^5||^6": "^6.23.0",
+      "undici@^5||^6": "^6.24.0",
+      "undici@^7": "^7.24.0",
       "lodash@4": "^4.17.23",
-      "ajv@^8": "^8.18.0"
+      "ajv@^8": "^8.18.0",
+      "svgo@^3": "^3.3.3",
+      "svgo@^4": "^4.0.1",
+      "tar@^7": "^7.5.11",
+      "flatted": ">=3.4.0",
+      "dompurify": ">=3.3.2",
+      "devalue": ">=5.6.4",
+      "yauzl@^3": ">=3.2.1"
     }
   },
   "simple-git-hooks": {