Fix HIGH severity Prototype Pollution in flatted (CVE-2026-33228) (#86)

Add npm override to pin flatted >=3.4.2, resolving the Prototype
Pollution via parse() vulnerability. flatted is a transitive dependency
of flat-cache (used by eslint).

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: haasonsaas

web/package-lock.json

@@ -34,6 +34,9 @@
     "recharts": "^3.8.0",
     "tailwindcss": "^4.2.1"
   },
+  "overrides": {
+    "flatted": ">=3.4.2"
+  },
   "devDependencies": {
     "@eslint/js": "^9.39.1",
     "@types/node": "^24.10.1",