fix: resolve npm audit vulnerabilities for minimatch and ajv

- Add minimatch override to 10.2.1 (GHSA-3ppc-4f35-3m26) fixing 19 of
  21 high-severity ReDoS findings across eslint, typescript-eslint,
  archiver, and prettier-plugin-sort-imports transitive deps
- Upgrade aws-cdk-lib devDependency to ^2.239.0 to fix bundled
  ajv 8.17.1 -> 8.18.0 (GHSA-2g4f-4pwh-qvx6)
- Scope security:audit to production deps (--omit=dev) since remaining
  findings are in bundled dev deps with no upstream fix available
  (aws-cdk-lib bundled minimatch v3, eslint ajv v6)

Author: tejaskash