chore: update dependencies and address npm audit vulnerabilities (#1544)

- Bumped @sap/ux-specification from UI5-1.139 to UI5-1.144 (resolves to
1.144.2, released 2026-04-28), fixing axios SSRF, yaml stack overflow,
@sap-ux/logger lodash prototype pollution, and two fast-xml-parser
entity expansion CVEs
- Updated @ui5/cli from 4.0.38 to 4.0.52, resolving all nested
vulnerabilities in tar, undici, path-to-regexp, picomatch, underscore,
@isaacs/brace-expansion, minimatch, qs, brace-expansion, ajv
- Updated cds-plugin-ui5 ^0.13.1 to ^0.17.0 and jest ^30.1.0 to ^30.3.0

Author: chgeo