chore: patch transitive tmp and uuid lockfiles

[santoshkumarradha]

Summary

• bump tmp from 0.2.5 to 0.2.7 in control-plane/web/client/pnpm-lock.yaml
• bump uuid from 11.1.0 to 11.1.1 in examples/benchmarks/100k-scale/mastra-bench/package-lock.json
• leave @ai-sdk/provider-utils alone because the current GitHub advisory does not publish a patched version

Verification

• cd control-plane && go test ./internal/storage -run "TestLocalStorageConfigLifecycle|TestStorageConfigCRUDPostgresAndDeleteMiss" -count=1
• cd control-plane/web/client && pnpm install --frozen-lockfile
• cd examples/benchmarks/100k-scale/mastra-bench && npm ci
• cd examples/benchmarks/100k-scale/mastra-bench && npm ls uuid @a2a-js/sdk && npm audit --omit=dev --audit-level=moderate

Notes

• cd control-plane/web/client && pnpm test currently fails on missing date-fns imports in existing workflow visualization tests. That failure is pre-existing and unrelated to these lockfile changes.

[github-actions]

📊 Coverage gate

Thresholds from .coverage-gate.toml: per-surface ≥ 84%, aggregate ≥ 85%, max per-surface regression ≤ 1.0 pp, max aggregate regression ≤ 0.50 pp.

Surface	Current	Baseline	Δ
control-plane	87.40%	87.40%	→ +0.00 pp	🟡
sdk-go	92.00%	92.00%	→ +0.00 pp	🟢
sdk-python	93.73%	93.73%	↑ +0.00 pp	🟢
sdk-typescript	90.42%	90.42%	→ +0.00 pp	🟢
web-ui	84.82%	84.79%	↑ +0.03 pp	🟡
aggregate	85.77%	85.75%	↑ +0.02 pp	🟡

✅ Gate passed

No surface regressed past the allowed threshold and the aggregate stayed above the floor.

[github-actions]

📐 Patch coverage gate

Threshold: 80% on lines this PR touches vs origin/main (from .coverage-gate.toml:thresholds.min_patch).

Surface	Touched lines	Patch coverage	Status
control-plane	0	—	➖ no changes
sdk-go	0	—	➖ no changes
sdk-python	0	—	➖ no changes
sdk-typescript	0	—	➖ no changes
web-ui	0	—	➖ no changes

✅ Patch gate passed

Every surface whose lines were touched by this PR has patch coverage at or above the threshold.