fix: update dependencies to have semantic-release working

[mmatur]

Description

• Upgrade semantic-release (v19 → v25) and all its plugins to support npm trusted publishing with provenance
• Upgrade @storybook/* (10.0.8 → 10.2.10), vite (7.1.3 → 7.1.11), conventional-changelog-conventionalcommits (^4 → ^9)
• Pin webpack to 5.104.1
• Disable Yarn hardened mode in .yarnrc.yml to avoid conflicts with safe-chain's minimum package age policy — safe-chain already provides equivalent supply chain protection
• Remove unnecessary dependency resolutions that were only needed due to the hardened mode / safe-chain conflict

Context

Following PR #5126 (trusted publishing), @semantic-release/npm v13+ is required for provenance: true support. The major version upgrades of semantic-release plugins pulled in newer transitive dependencies that conflicted with Yarn's hardened mode + safe-chain's SAFE_CHAIN_MINIMUM_PACKAGE_AGE_HOURS=360 policy.

Yarn hardened mode re-resolves all packages from the registry on public PRs, but safe-chain filters out versions published less than 15 days ago from registry responses — making it impossible to pin all transitive dependencies (e.g., npm alone has 65+ direct deps). Disabling hardened mode lets Yarn trust the lockfile while safe-chain continues to protect against malicious packages on direct downloads.

[github-actions]

🎉 This PR is included in version 12.0.12-rc.1 🎉

The release is available on:

• npm package (@fix/release dist-tag)
• GitHub release

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 12.0.12 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀