chore(deps): patch dependabot vulnerabilities (axios, fast-uri, uuid)

[DjamilaBaroudi]

Summary

Resolve 5 of 6 open Dependabot alerts:

Alert	Package	Fix	Manifest
#113, #116	axios	^1.15.2 via root overrides (resolves to 1.16.1)	package.json
#114, #115	fast-uri	^3.1.2 via root overrides	package.json
#122	uuid	^10.0.0 → ^11.1.1 (direct dep)	webview-ui/package.json

• axios was pinned exactly to 1.15.1 by @rudderstack/rudder-sdk-node, so a transitive bump via npm update was not possible — added to overrides.
• fast-uri was already constrained as ^3.0.1 by ajv, but added to overrides to be explicit.
• uuid is a major bump (10 → 11). Only the v4 named import is used (4 call sites: bruinStore.ts, BruinSettings.vue, AssetColumns.vue, CustomChecks.vue), and that API has been stable since v7.

Not included

Alert #119 — js-cookie (high): patched at 3.0.7, published 2026-05-16, which is past the team's npm config before supply-chain cutoff (2026-05-15). It is a dev-only transitive dep via @vue/test-utils → js-beautify and never reaches the webview runtime. Suggest a follow-up once the cutoff naturally rolls forward.

Test plan

• npm run compile (root) — clean
• vitest run (webview-ui) — 156/156 pass
• npm audit confirms the 4 root + 1 webview Dependabot CVEs are gone
• CI green

🤖 Generated with Claude Code

[greptile-apps]

_{Reviews (1): Last reviewed commit: "chore(deps): patch dependabot vulnerabil..." | Re-trigger Greptile}