fix(deps): patch axios DoS and transitive prototype pollution/decompression vulns

Bump axios ^1.13.4→^1.13.5 (GHSA-43fc-jf86-j433). Add pnpm overrides for
lodash/lodash-es >=4.17.23 and undici >=6.23.0 to resolve transitive
vulnerabilities via chevrotain and discord.js.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

apps/api/package.json

@@ -50,7 +50,7 @@
     "@types/multer": "^2.0.0",
     "adm-zip": "^0.5.16",
     "archiver": "^7.0.1",
-    "axios": "^1.13.4",
+    "axios": "^1.13.5",
     "better-auth": "^1.4.17",
     "bullmq": "^5.67.2",
     "class-transformer": "^0.5.1",