fix: add safe yarn resolutions for known vulnerabilities

Patch-level resolutions within existing major versions, minimal
breakage risk:

- lodash ^4.17.23: forces transitive consumers to patched version
  (prototype pollution via _.unset/_.omit)
- nanoid ^3.3.8: CVE-2024-55565 predictable ID generation (patch in 3.x)
- validator ^13.15.22: URL bypass + special element filtering (patch in 13.x)
- @babel/runtime ^7.26.10: ReDoS in named capturing groups (patch in 7.x)
- ajv ^6.14.0: ReDoS via $data option (patch in 6.x, subsumes Dependabot #1774)
- systeminformation ^5.31.0: raises existing CVE-2026-26318 command
  injection resolution from ^5.24.0 to latest patched release

Author: motsc

package.json

@@ -77,6 +77,11 @@
     "diff": "^5.2.2",
     "on-headers": "^1.1.0",
     "fast-xml-parser": "^4.4.0",
-    "systeminformation": "^5.24.0"
+    "systeminformation": "^5.31.0",
+    "lodash": "^4.17.23",
+    "nanoid": "^3.3.8",
+    "validator": "^13.15.22",
+    "@babel/runtime": "^7.26.10",
+    "ajv": "^6.14.0"
   }
 }