Update ajv to version 8.18.0 and adjust related dependencies in package.json and pnpm-lock.yaml

[KsAkira10]

[node-core-library, rig-package] Upgrade ajv to version 8.18.0

Summary

Fixes #5647

Updated the ajv (Another JSON Schema Validator) dependency from version 8.13.0 to 8.18.0 across the monorepo. This update brings the latest improvements and bug fixes from the ajv library, ensuring improved JSON schema validation performance and compatibility.

Details

Updated ajv dependency in the following packages:

• libraries/node-core-library: ajv ~8.13.0 → ~8.18.0
• libraries/rig-package: ajv ~8.13.0 → ~8.18.0

Accordingly updated the pnpm lock files in both the default subspace and build-tests-subspace to reflect the new dependency versions and their transitive dependencies.

No breaking changes are expected as this is a patch version update within the same minor version range (~8.x.x).

How it was tested

Verified that rush install completes successfully and the monorepo builds without errors after the dependency upgrade.

Impacted documentation

No documentation updates required for this dependency upgrade.

[iclanton]

You need changelog messages. Run:

rush change --bulk --bump-type patch --message "Update `ajv` dependency to `~8.18.0` to mitigate CVE-2025-69873."

and commit the generated files.

[KsAkira10]

@KsAkira10 please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree

[KsAkira10]

You need changelog messages. Run:

rush change --bulk --bump-type patch --message "Update `ajv` dependency to `~8.18.0` to mitigate CVE-2025-69873."

and commit the generated files.

I just run the command and amend commit pushed