chore(deps): Add lodash-es override to address vulnerability CVE-2025-13465

[tkislan]

Summary by CodeRabbit

• Chores
  • Pinned dependency lodash‑es to version 4.17.23 in the project manifest.
  • Minor formatting update to the manifest’s overrides section to accommodate the new entry.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Added an override in package.json: "lodash-es": "^4.17.23". The preceding override entry for "tar@<7.5.4": "7.5.4" was given a trailing comma to keep JSON valid. This is a dependency-resolution configuration change.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	Title directly describes the main change: adding a lodash-es override to fix a specific CVE vulnerability.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• CVE-2025: Entity not found: Issue - Could not find referenced Issue.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0%. Comparing base (01eeadd) to head (64c0b32).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@     Coverage Diff     @@
##   main   #305   +/-   ##
===========================
===========================

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@package.json`:
- Around line 2879-2880: Update the lodash-es dependency to ensure
CVE-2025-13465 is addressed by pinning or tightening the range: change
"lodash-es": "^4.17.23" in package.json to at least 4.17.23 (or to the exact
"4.17.23" if your policy requires deterministic pinning) so the patched version
that fixes prototype pollution in _.unset and _.omit is used.