fix: update semantic-release dependencies to address security vulnerabilities

Bump semantic-release from v24 to v25 and @semantic-release/github
from v11 to v12. Resolves 13 of 18 npm audit vulnerabilities including
brace-expansion ReDoS, js-yaml prototype pollution, lodash prototype
pollution, and multiple tar path traversal issues.

Remaining 5 high-severity findings are in npm bundled inside
@semantic-release/npm (transitive dep) and require an upstream fix.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: butler54