fix: upgrade nx transitive dep axios 1.12.0 → 1.15.0 (SECURE-3216)

Reinstall lerna to re-resolve nx 22.6.4 → 22.6.5, which upgrades its
transitive axios dependency from 1.12.0 to 1.15.0, addressing:
- CVE-2026-40175 (CRLF header injection / SSRF, CVSS 9.9)
- CVE-2025-62718 (NO_PROXY hostname normalization bypass, CVSS 9.3)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: bang9

package.json

@@ -52,7 +52,7 @@
     "eslint": "^8.52.0",
     "eslint-config-prettier": "^9.0.0",
     "jest": "^29.4.3",
-    "lerna": "^9.0.0",
+    "lerna": "^9.0.7",
     "node-fetch": "2.x",
     "patch-package": "^6.4.7",
     "postinstall-postinstall": "^2.1.0",