security: fix picomatch ReDoS vulnerability across all package-lock.json files (#83)

* SPO-338: [high] Picomatch has a ReDoS vulnerability via extglob quantifiers in getditto/react-ditto

* security: upgrade picomatch to fix ReDoS vulnerability

- Root: picomatch 2.3.1 → 2.3.2
- examples/vite-typescript-example: picomatch 2.3.1 → 2.3.2
- examples/vite-typescript-example (tinyglobby): picomatch 4.0.3 → 4.0.4

Resolves dependabot alerts: #246, #247, #249
Resolves: SPO-338, SPO-339, SPO-340

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: SausCode