build(deps): bump lodash-es and js-toml

[dependabot]

Removes lodash-es. It's no longer used after updating ancestor dependency js-toml. These dependencies need to be updated together.

Removes lodash-es

Updates js-toml from 1.0.2 to 1.1.0

Release notes

Sourced from js-toml's releases.

v1.1.0

What's New

• TOML serialization: New dump() function to convert JavaScript objects to TOML strings
• Security: Resolved all Dependabot alerts by upgrading chevrotain (11→12), vitest, and transitive dependencies

Bug Fixes

• Fix silent error swallowing in tryCreateKey (non-DuplicateKeyError exceptions were silently dropped)
• Fix tokenInterpreters Map misuse (declared as Map but used as plain object)
• Remove dead/broken octal escape code path in string unescaping

Internal

• Add createCategoryToken helper to reduce token registration boilerplate
• Simplify hasRenderableHeader logic in TOML generator
• Upgrade chevrotain 11→12 (drops lodash-es dependency)
• Upgrade vitest/coverage-v8 to 4.1.4

v1.0.3

Upgrade dependencies

Full Changelog: sunnyadn/js-toml@v1.0.2...v1.0.3

Changelog

Sourced from js-toml's changelog.

[1.1.0] - 2026-04-15

Added

• TOML serialization via dump() function with support for all TOML v1.0.0 value types
• DumpOptions for controlling newline style, undefined handling, and key quoting

Changed

• Upgraded Chevrotain to v12
• Migrated ESLint to flat configuration

[1.0.3] - 2026-02-24

Fixed

• Replaced @digitak/esrun with tsx to resolve esbuild vulnerability
• Upgraded dependencies to resolve security vulnerabilities

Changed

• Extracted isPlainObject utility and replaced redundant implementations

Commits

• ff2d70e chore: release v1.1.0
• d30bc0f refactor: simplify inline table check logic in generator and update lockfile ...
• 292c149 refactor: upgrade to chevrotain v12 and simplify token registration with a he...
• 0f28f55 feat: implement full TOML serialization support and refactor dump logic
• 0461c29 feat: Introduce TOML serialization (dump) functionality with new modules, com...
• 3179bc6 chore: update ESLint and @eslint/js dependencies to version 9.39.3.
• ee76b90 chore: Migrate ESLint to flat configuration, update related dependencies, and...
• 7f1f543 ci: add explicit permissions to CI workflow
• aee2317 chore: gitignore example lock files to reduce maintenance burden
• 9e72059 chore: bump version to 1.0.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.