fix(deps): add undici override to resolve mend security issues

[SteinGabriel]

A full post-merge Mend scan surfaced 7 vulnerabilities in undici@7.24.6 via @forgerock/login-framework-cli → platform-node. An override pins it to >=7.28.0, which resolves to 8.5.0.

Changes

• package.json: added undici >=7.28.0 override
• pnpm-lock.yaml: resolves undici@8.5.0

Fixes

• CVE-2026-6734, CVE-2026-12151, CVE-2026-9697 (high, CVSS 7.4–7.5)
• CVE-2026-9679, CVE-2026-9678 (medium, CVSS 5.9)
• CVE-2026-6733, CVE-2026-11525 (low, CVSS 3.7)

All via undici@7.24.6 → platform-node → @forgerock/login-framework-cli.

Tested

• pnpm install --frozen-lockfile passes locally
• 244 unit tests pass
• 54 E2E tests pass (2 skipped — pre-existing, unrelated)
• Manually verified install and build complete without errors

[changeset-bot]

⚠️ No Changeset found

Latest commit: c7d6252

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR