fix: code review cleanup

- Add missing dependencies: ioredis, adm-zip, archiver, gray-matter, @types/multer, @types/archiver
- Fix import statements: use default imports for AdmZip, archiver, gray-matter
- Remove unused imports: ArrayMinSize
- Fix export types: use 'export type' for type-only exports
- Replace 'any' types with proper types:
  - AuthUser for user parameters
  - ExportEntry interface for entry data
  - unknown for frontmatter parsing parameters
  - Record<string, unknown> for dynamic objects
- Add security improvements:
  - File upload size limit: 50MB max
  - File type validation in FileInterceptor
  - Path traversal protection in zip extraction
  - Zip bomb protection: max 1000 files, 100MB uncompressed
- Fix exactOptionalPropertyTypes issues: use conditional spreading for optional fields

apps/api/package.json

@@ -36,10 +36,14 @@
     "@nestjs/websockets": "^11.1.12",
     "@prisma/client": "^6.19.2",
     "@types/marked": "^6.0.0",
+    "adm-zip": "^0.5.16",
+    "archiver": "^7.0.1",
     "better-auth": "^1.4.17",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.3",
+    "gray-matter": "^4.0.3",
     "highlight.js": "^11.11.1",
+    "ioredis": "^5.9.2",
     "marked": "^17.0.1",
     "marked-gfm-heading-id": "^4.1.3",
     "marked-highlight": "^2.2.3",
@@ -61,7 +65,7 @@
     "@types/archiver": "^7.0.0",
     "@types/express": "^5.0.1",
     "@types/highlight.js": "^10.1.0",
-    "@types/ioredis": "^5.0.0",
+    "@types/multer": "^2.0.0",
     "@types/node": "^22.13.4",
     "@types/sanitize-html": "^2.16.0",
     "@vitest/coverage-v8": "^4.0.18",