fix: resolve Dependabot security vulnerabilities

- Update @react-native-community/cli from 11.3.2 to 17.0.1
- Add resolutions to force secure versions:
  - js-yaml: ^3.14.2 (fixes prototype pollution CVE)
  - min-document: ^2.19.1 (fixes prototype pollution)
  - logkitty: ^0.7.1 (fixes arbitrary shell command execution)
  - node-fetch: ^2.6.7 (fixes header forwarding to untrusted sites)
  - ws: ^8.17.1 (fixes DoS with many HTTP headers)
- Transitive dependency updates via yarn.lock:
  - on-headers: 1.1.0 (fixes CVE-2025-7339)
  - compression: 1.8.1 (fixes CVE-2025-7339)
  - brace-expansion: 1.1.12 (fixes ReDoS vulnerability)

Resolves: #21, #25, #30, #51, #53, #54, #59, #61

Author: giolaq

apps/vega/package.json

@@ -45,7 +45,7 @@
     "@amazon-devices/kepler-cli-platform": "^0",
     "@babel/core": "^7.20.0",
     "@babel/traverse": "^7.20.0",
-    "@react-native-community/cli": "11.3.2",
+    "@react-native-community/cli": "17.0.1",
     "@react-native-community/cli-tools": "^11.0.0",
     "@react-native/eslint-config": "0.72.2",
     "@react-native/metro-config": "^0.72.6",

package.json

@@ -7,6 +7,13 @@
     "packages/*"
   ],
   "packageManager": "yarn@4.5.0",
+  "resolutions": {
+    "js-yaml": "^3.14.2",
+    "min-document": "^2.19.1",
+    "logkitty": "^0.7.1",
+    "node-fetch": "^2.6.7",
+    "ws": "^8.17.1"
+  },
   "scripts": {
     "dev": "yarn workspace @multi-tv/expo-multi-tv start",
     "dev:android": "yarn workspace @multi-tv/expo-multi-tv android",