fix(deps): bump hono to 4.12.14 / @hono/node-server to 1.19.14

[hxy91819]

Summary

• Bump hono pnpm override from 4.12.12 → 4.12.14 and @hono/node-server from 1.19.13 → 1.19.14
• Picks up the latest patch releases for both packages

Testing

• Override bumps are lockfile-only; no source changes required.
• CI will validate that the lockfile resolves cleanly and the existing test suite passes.

[greptile-apps]

Greptile Summary

This PR bumps hono from 4.12.12 → 4.12.14 and @hono/node-server from 1.19.13 → 1.19.14 via pnpm overrides to address GHSA-458j-xx4x-4375 (HTML injection via improper JSX attribute name handling in hono/jsx SSR). The lockfile is updated consistently across all snapshot entries — @buape/carbon, @modelcontextprotocol/sdk, and direct hono snapshots — with no source code changes required.

Confidence Score: 5/5

Safe to merge — minimal, focused security patch with consistent lockfile updates and no source changes.

All pnpm override pins and lockfile snapshot entries are updated consistently. No source code changes, no logic risk. Addresses a known moderate-severity CVE with the first-patched versions indicated by the advisory.

No files require special attention.

_{Reviews (1): Last reviewed commit: "fix(deps): bump hono to 4.12.14 and @hon..." | Re-trigger Greptile}