Remove ts-jest and add dependency overrides for glob utilities (#9)

* Fix high/medium security vulnerabilities in transitive dev dependencies

- Remove unused ts-jest devDependency (eliminates handlebars@4.7.8 CVE)
- Add npm overrides to pin patched versions of transitive dependencies:
  - minimatch@3.1.5 (fixes CVE-2026-26996, CVE-2026-27904, CVE-2026-27903)
  - picomatch@4.0.4 (fixes CVE-2026-33671, CVE-2026-33672)
  - brace-expansion@5.0.5 (fixes CVE-2026-33750)
  - glob@13.0.6 (replaces deprecated glob@7.2.3, eliminates inflight@1.0.6)

https://claude.ai/code/session_01VB7YaJhrDqVX8SShoFocPt

* Fix security vulnerabilities with API-compatible overrides

Address PR review feedback: removed glob and brace-expansion overrides
that caused cross-major version incompatibilities (glob@13 requires
minimatch@^10 but minimatch was pinned to 3.x; minimatch@3 requires
brace-expansion@^1 but it was pinned to 5.x).

Changes:
- Remove unused ts-jest devDependency (eliminates handlebars@4.7.8 CVE)
- Override minimatch to 3.1.5 (fixes CVE-2026-26996, CVE-2026-27904,
  CVE-2026-27903) - API-compatible within 3.x line
- Override picomatch to 4.0.4 (fixes CVE-2026-33671, CVE-2026-33672)

Remaining moderate-severity brace-expansion@1.1.12 (CVE-2026-33750)
cannot be fixed without breaking Jest 29 compatibility - minimatch@3.x
requires brace-expansion@^1, and no patched 1.x exists. This is a
dev-only transitive dependency; full resolution requires upgrading
to Jest 30+.

https://claude.ai/code/session_01VB7YaJhrDqVX8SShoFocPt

---------

Co-authored-by: Claude <noreply@anthropic.com>

Author: yosriady