chore(deps): bump fast-uri 3.1.0 -> 3.1.2 via npm audit fix

Resolves the CI npm audit gate failure currently blocking every dependabot
PR. The vulnerable version sits at a transitive depth:
  @stryker-mutator/core -> ajv -> fast-uri (dev-only)

Advisories addressed:
- GHSA-q3j6-qgpj-74h6  path traversal via percent-encoded dot segments
- GHSA-v39h-62p7-jpjc  host confusion via percent-encoded authority delimiters

Lockfile-only change; no package.json edits. Verified locally:
- npm audit            -> 0 vulnerabilities
- npm run format:check -> 532 files clean
- npm run lint         -> 0 warnings / 0 errors
- npm run build        -> 8 artifacts built

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: Goosterhof