Apply security updates to dependencies

- Update yarn.lock with fixed versions of vulnerable packages
- Add package-lock.json to .gitignore (yarn is primary package manager)
- Fix 3 vulnerabilities: @babel/helpers, brace-expansion, and js-yaml
- Reduce total vulnerabilities from 13 to 10

Co-authored-by: warengonzaga <[email protected]>

Author: Copilot

.gitignore

@@ -6,6 +6,7 @@ npm-debug.log
 npm-debug.log.*
 yarn-error.log
 yarn-debug.log
+package-lock.json
 
 ## build
 dist