chore(deps): bump vulnerable website deps to resolve security alerts

[B4nan]

Lockfile-only dependency bumps in the docs website (pnpm project at `website/`) to resolve Dependabot security alerts. No Python code is affected. Done via `pnpm update -r` only — no `overrides` or hand-edited `package.json` versions.

Fixed

Package	Old → New	Severity
shell-quote	1.8.3 → 1.8.4	CRITICAL
ws (v7 line)	7.5.10 → 7.5.11	high
ws (v8 line)	8.20.1 → 8.21.0	high
@babel/core	7.29.0 → 7.29.7	— (>= 7.29.6)
joi	17.13.3 → 17.13.4	—
js-yaml (v4 line)	4.1.1 → 4.2.0	—
launch-editor	2.13.2 → 2.14.1	—
markdown-it	14.1.1 → 14.2.0	—

Not addressed here

• js-yaml 3.14.2 — pinned transitively by `gray-matter@4.0.3`, which requires js-yaml v3.x. Cannot move to v4 without an `override` (out of scope for a lockfile-only update).

🤖 Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.51%. Comparing base (949fd89) to head (fba16e1).

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #862      +/-   ##
==========================================
+ Coverage   94.49%   94.51%   +0.01%     
==========================================
  Files          48       48              
  Lines        5069     5069              
==========================================
+ Hits         4790     4791       +1     
+ Misses        279      278       -1     

Flag	Coverage Δ
integration	92.93% <ø> (+0.31%)	⬆️
unit	83.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.