fix: bump hono override to ^4.12.7 (GHSA-v8w9-8mx6-g223)

[Daghis]

Summary

• Bumps the hono npm override from ^4.11.7 to ^4.12.7 to resolve Dependabot alert deps(deps): bump dotenv from 16.6.1 to 17.2.2 #39
• Fixes GHSA-v8w9-8mx6-g223 (prototype pollution via parseBody({ dot: true }))
• Not exploitable in this project (we don't use parseBody with dot notation), but good to clear the alert

Test plan

• npm run check passes (typecheck, lint, format)
• CI passes

🤖 Generated with Claude Code

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.43%. Comparing base (9326a16) to head (4eafefd).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

@@           Coverage Diff           @@
##             main     #423   +/-   ##
=======================================
  Coverage   82.43%   82.43%           
=======================================
  Files          49       49           
  Lines        7003     7003           
  Branches     2110     2110           
=======================================
  Hits         5773     5773           
  Misses        482      482           
  Partials      748      748           

Flag	Coverage Δ
unittests	82.22% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.