fix(security): fix high severity dev dependencies

[PMerlet]

Definition of Done

General

• Write an explicit title for the Pull Request, following Conventional Commits specification
• Test manually the implemented changes
• Validate the code quality (indentation, syntax, style, simplicity, readability)

Security

• Consider the security impact of the changes made

[qltysh]

Coverage Impact

This PR will not change total coverage.

🚦 See full report on Qlty Cloud »

🛟 Help

• Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

• Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

• File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

  • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

[Scra3]

Review: Root resolutions cleanup

Resolutions removed (commit 50ec62f)

Resolution	Was	Issue	Fix
tar	^7.5.7	Forced v7 on all tar@^6.x consumers (sqlite3, node-gyp, etc.) — breaking API changes	Removed. v6.2.1 and v7.5.7 resolve naturally as separate entries
jws	>=4.0.1	Forced v4 on jws@^3.2.2 consumers (@azure/identity via tedious) — different API	Removed. v3.2.3 (CVE fix) and v4.0.1 resolve naturally as separate entries
validator	>=13.15.22	Redundant — already resolves to 13.15.26 without any override	Removed

Resolutions kept (justified)

Resolution	Version	Why needed
axios	>=1.13.5	Fixes CVE-2026-25639, transitive dep resolves to vulnerable 1.12.0 without override
qs	>=6.14.1	Fixes CVE-2025-15284, transitive dep pinned to vulnerable 6.13.0
@isaacs/brace-expansion	>=5.0.1	Fixes CVE-2026-25547, transitive dep at 5.0.0 without override
lerna/**/glob	>=10.5.0	Fixes CVE-2025-64756 (CLI injection), dev-only via lerna
micromatch	^4.0.8	Pre-existing, still needed
semantic-release	^25.0.0	Pre-existing, still needed

Verification

• Build: 20/20 packages pass
• Tests: agent (889), forestadmin-client (269), mcp-server (520), ai-proxy (107), datasource-toolkit (457), datasource-customizer (834) — all pass
• Lockfile: jws v3.2.3 / v4.0.1 and tar v6.2.1 / v7.5.7 resolve as separate entries (no cross-major forcing)
• Remaining high vulns: 2, both in _example only (fastify v3 / path-to-regexp) — not shipped packages

Additional note

The NestJS bump from v10 to v11 in _example/package.json is inconsistent with packages/agent devDeps which remain at v10. NestJS 11 expects Express 5 by default, but _example still declares express@^4.18.2. Consider aligning or deferring to a separate PR.

[Scra3]

Revert NestJS v11 in _example (commit 01dc7f6)

Reverted @nestjs/* from ^11.0.0 back to ^10.4.16 in _example/package.json.

Why:

• NestJS 11 is a major upgrade with breaking changes (Express 5 by default, route path syntax changes)
• _example still declares express@^4.18.2 — incompatible with NestJS 11
• This bump is unrelated to any CVE — it doesn't belong in a security fix PR
• packages/agent devDeps remain at NestJS v10, creating an inconsistency

Kept: superagent bump ^10.2.3 → ^10.3.0 (actual security fix, minor version).

The NestJS 11 migration should be done in a dedicated PR with proper testing.