Bump @inquirer/prompts to 7.9.0 and version to 1.0.4 (#488)

`@inquirer/prompts@^5.3.8` transitively depends on the unmaintained
`external-editor@3.1.0`, which pulls in the vulnerable `tmp@0.0.33`
package.

## Changes

- Updated `@inquirer/prompts` from `^5.3.8` to `^7.9.0` in
`packages/cli/package.json`
- Bumped package version from `1.0.3` to `1.0.4`
- Updated `yarn.lock` with new dependency resolutions

## Impact

Version 7.x uses `@inquirer/editor@4.2.21` →
`@inquirer/external-editor@1.0.2`, which has no `tmp` dependency. The
vulnerable dependency chain is completely eliminated from the CLI
package.

The API for `input`, `select`, and `confirm` functions used by the CLI
remains unchanged.

- Fixes #486

<!-- START COPILOT CODING AGENT SUFFIX -->



<details>

<summary>Original prompt</summary>

> 
> ----
> 
> *This section details on the original issue you should resolve*
> 
> <issue_title>Bump @inquirer/prompts to 7 to remove vulnerable
tmp@0.0.33 sub-dependency</issue_title>
> <issue_description>Hi Reflag team,
> 
> A small request to update `@inquirer/prompts` in the dependencies for
the `@reflag/cli` package, since the current version
(`@inquirer/prompts@5.5.0`) has a dependency to a package that isn't
maintained anymore (`external-editor`) which includes a vulnerable
dependency (`tmp@0.0.33`).
> 
> Thanks in advance 🙏 </issue_description>
> 
> <agent_instructions>Update @inquirer/prompts to
7.9.0</agent_instructions>
> 
> ## Comments on the Issue (you are @copilot in this section)
> 
> <comments>
> </comments>
> 


</details>

- Fixes #486

<!-- START COPILOT CODING AGENT TIPS -->
---

✨ Let Copilot coding agent [set things up for
you](https://github.com/reflagcom/javascript/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot)
— coding agent works faster and does higher quality work when set up for
your repo.

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Swiftwork <455178+Swiftwork@users.noreply.github.com>

Author: Copilot

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@reflag/cli",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "packageManager": "yarn@4.1.1",
   "description": "CLI for Reflag service",
   "main": "./dist/index.js",
@@ -42,7 +42,7 @@
     "preversion": "yarn lint && yarn prettier && yarn vitest run -c vite.config.js && yarn build"
   },
   "dependencies": {
-    "@inquirer/prompts": "^5.3.8",
+    "@inquirer/prompts": "^7.9.0",
     "ajv": "^8.17.1",
     "chalk": "^5.3.0",
     "change-case": "^5.4.4",