fix(deps): resolve all Dependabot security alerts via npm audit fix

Packages updated to fix 7 Dependabot alerts:
- serialize-javascript (High: RCE via RegExp.flags / DoS via crafted arrays)
- @babel/plugin-transform-modules-systemjs (High: arbitrary code generation)
- fast-uri (High: path traversal + host confusion via percent-encoded chars)
- workbox-build / @rollup/plugin-terser (High: via serialize-javascript)
- postcss (Moderate: XSS via unescaped </style> in CSS stringify output)
- ip-address (Moderate: XSS in Address6 HTML-emitting methods)
- express-rate-limit (Moderate: via ip-address)

All dev dependencies only. 0 vulnerabilities remaining.

Author: NexaFlowFrance