deps: Bump tar from 6.2.1 to 7.5.6

Resolves alerts for several security advisories such as:
GHSA-r6q2-hw4h-h46w
GHSA-8qq5-rm4j-mr97

As per our assessment those vulnerabilities are not exploitable in the context of UI5 MCP server.

The override for tar is specifically defined where necessary in order to not downgrade tar
in case a new major version is being used by other dependencies.

This commit also includes a minor bump of lodash to address GHSA-xxjr-mmjv-4gpg
and diff to address GHSA-73rr-hh4g-fpgx which are also not exploitable in the
context of UI5 MCP server and only used as a development dependency.

Author: matz3