chore: pin set-cookie-parser to 2.7.2 to mitigate prototype pollution

[jaredwray]

Motivation

• Address a reported prototype pollution vulnerability in set-cookie-parser by requiring the fixed patch release.
• Ensure the repo and lockfile consistently use the safe set-cookie-parser version across installs.
• Prevent transitive installs from pulling the vulnerable 2.7.1 version.

Description

• Add a pnpm.overrides entry in package.json to pin set-cookie-parser to 2.7.2.
• Refresh pnpm-lock.yaml so the lockfile reflects set-cookie-parser@2.7.2 and updates transitive references.
• Re-ran package installation which triggered the repository prepare build and produced updated artifacts.

Testing

• Ran pnpm install, which completed successfully and applied the override.
• The prepare/pnpm run build step executed during install and the tsup build reported success.

---

Codex Task

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (6b1516a) to head (3bbd10d).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #114   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           32        32           
  Lines          847       847           
  Branches       147       147           
=========================================
  Hits           847       847           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.