fix(security): remediate mcp-server and website sub-project deps (#152)

mcp-server (npm): override qs>=6.15.2, fast-uri>=3.1.2 (audit 4->0). website (docusaurus): migrate overrides to pnpm-workspace.yaml + add serialize-javascript, webpack-dev-server, fast-uri, qs, ws, @babel/plugin-transform-modules-systemjs, path-to-regexp (audit 8->1, build verified). Accepted: uuid moderate (major bump, build-time only).

Author: webdevcom01-cell

mcp-server/package-lock.json

@@ -26,5 +26,9 @@
     "@types/pg": "^8.11.6",
     "tsx": "^4.19.2",
     "typescript": "^5.7.2"
+  },
+  "overrides": {
+    "qs": ">=6.15.2",
+    "fast-uri": ">=3.1.2"
   }
 }

mcp-server/package.json

@@ -43,14 +43,5 @@
   },
   "engines": {
     "node": ">=20.0"
-  },
-  "pnpm": {
-    "overrides": {
-      "brace-expansion": ">=1.1.13",
-      "follow-redirects": ">=1.16.0",
-      "lodash": ">=4.18.1",
-      "postcss": ">=8.5.10",
-      "serialize-javascript": ">=7.0.0"
-    }
   }
 }