Dedupe ajv to close Dependabot alert #106

ajv-formats@2.1.1 requests ajv@^8.0.0 and the lockfile retained a
separate ajv@8.17.1 entry alongside the 8.18.0 used by the
^8.9.0 consumers (schema-utils@4.x). yarn dedupe ajv consolidates
them — 8.18.0 satisfies both ranges.

Closes #106 (medium, ReDoS via $data option).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: ctauchen

yarn.lock

@@ -7546,19 +7546,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"ajv@npm:^8.0.0":
-  version: 8.17.1
-  resolution: "ajv@npm:8.17.1"
-  dependencies:
-    fast-deep-equal: "npm:^3.1.3"
-    fast-uri: "npm:^3.0.1"
-    json-schema-traverse: "npm:^1.0.0"
-    require-from-string: "npm:^2.0.2"
-  checksum: 10c0/ec3ba10a573c6b60f94639ffc53526275917a2df6810e4ab5a6b959d87459f9ef3f00d5e7865b82677cb7d21590355b34da14d1d0b9c32d75f95a187e76fff35
-  languageName: node
-  linkType: hard
-
-"ajv@npm:^8.9.0":
+"ajv@npm:^8.0.0, ajv@npm:^8.9.0":
   version: 8.18.0
   resolution: "ajv@npm:8.18.0"
   dependencies: