chore(deps): pin qs >=6.15.2 under typed-rest-client via overrides — durable GHSA-q8mj-m7cp-5q26 curation (queue #94)

Stryker's transitive typed-rest-client@2.3.1 exact-pins vulnerable
qs@6.15.1 (GHSA-q8mj-m7cp-5q26 DoS). A lockfile-only pin does not
survive clean regens — applied and lost twice before. This adds a
regen-invariant overrides block forcing qs>=6.15.2 within the
typed-rest-client subtree, so curation holds across any future
npm install from scratch.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Author: Goosterhof