fix: resolve Dependabot security alerts (vite, picomatch, path-to-regexp)

- vite: 7.3.1 -> 7.3.2 (fixes arbitrary file read via WebSocket, server.fs.deny bypass, path traversal in optimized deps)
- picomatch: updated in both frontend and frontend-server (fixes ReDoS via extglob quantifiers, method injection in POSIX character classes)
- path-to-regexp: updated in frontend-server (fixes ReDoS via multiple route parameters)
- brace-expansion: updated in frontend (fixes DoS via zero-step sequence)

Resolves Dependabot alerts #177, #179, #180, #181, #183, #185, #186, #187

Author: Shubhangi-Microsoft