[Snyk] Fix Prototype Pollution in devalue dependency (#29)

* fix: upgrade Astro to fix devalue prototype pollution vulnerability (SNYK-JS-DEVALUE-12205530)

Upgraded Astro from ^5.2.5 to ^5.14.0 to resolve critical prototype pollution
vulnerability in the transitive dependency 'devalue'. Astro 5.14.0 uses
devalue ^5.3.2, which includes the fix for CVE-related prototype pollution.

The vulnerability allowed attackers to inject properties into JavaScript object
prototypes, potentially leading to RCE or DoS. This was fixed in devalue 5.3.2
by disallowing __proto__ properties and array method access during parsing.

Snyk Issue: SNYK-JS-DEVALUE-12205530

Co-authored-by: bdougieyo <[email protected]>
Generated with Continue (https://continue.dev)
Co-Authored-By: Continue <[email protected]>

* chore: update package-lock.json for Astro 5.14.0+ upgrade

Update package-lock.json to reflect the Astro upgrade from 5.2.5 to 5.16.0.
This updates devalue from 5.1.1 to 5.5.0, resolving the prototype pollution
vulnerability (SNYK-JS-DEVALUE-12205530).

Co-authored-by: bdougieyo <[email protected]>
Generated with Continue (https://continue.dev)
Co-Authored-By: Continue <[email protected]>

---------

Co-authored-by: continue[bot] <continue[bot]@users.noreply.github.com>
Co-authored-by: bdougieyo <[email protected]>
Co-authored-by: Continue <[email protected]>

Author: 3 people