fix: update lodash to ^4.18.1 to fix code injection vulnerability (#992)

Resolve Dependabot alert #116 - lodash vulnerable to Code Injection
via `_.template` imports key names. Updated from ^4.17.21 to ^4.18.1.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: decyjphr

package-lock.json

@@ -30,7 +30,7 @@
     "deepmerge": "^4.3.1",
     "eta": "^3.5.0",
     "js-yaml": "^4.1.0",
-    "lodash": "^4.17.21",
+    "lodash": "^4.18.1",
     "minimatch": "^10.2.1",
     "node-cron": "^4.2.1",
     "octokit": "^5.0.2",