fix: resolve all npm audit vulnerabilities (#422)

- Upgrade aws-cdk-lib to ^2.240.0 which now uses minimatch ^10.2.1
  natively (no longer bundled), fixing GHSA-3ppc-4f35-3m26
- Upgrade @aws-cdk/toolkit-lib to ^1.16.0 which drops archiver
  dependency chain
- Add minimatch override to 10.2.1 for remaining transitive deps
  (eslint, typescript-eslint, eslint-plugin-import, eslint-plugin-react,
  prettier-plugin-sort-imports)
- Update ajv 6.12.6 -> 6.14.0 via npm audit fix (GHSA-2g4f-4pwh-qvx6)

npm audit now reports 0 vulnerabilities.

Author: tejaskash