fix(ci): clear PR #61 lint error + bump fast-uri/next over high-sev advisories

CI on PR #61 surfaced three issues. Two are real and fixed here; the
third was an act-runner flake (actions/setup-node container cleanup
race) that resolves on retrigger.

1. Lint error in apps/web/src/components/allocations/AllocationModal.tsx
   The `// eslint-disable-next-line @typescript-eslint/no-explicit-any`
   sat one line above the `as any` cast, so it suppressed nothing and
   eslint flagged it as an unused directive. Moved the comment to the
   line immediately above the cast.

2. pnpm audit --audit-level=high reported 9 high-severity findings,
   all transitive through two packages:
   - fast-uri <=3.1.1 (GHSA-q3j6-qgpj-74h6, host confusion via
     percent-encoded authority delimiters) — pinned to >=3.1.2 via
     pnpm.overrides since it's only reachable through @sentry/webpack-
     plugin > webpack > schema-utils > ajv > fast-uri
   - next 15.5.15 — bumped to ^15.5.16 (patched range starts here)

Quality gates green: typecheck (7/7), test:unit (7/7), lint (0 errors).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

apps/web/package.json

@@ -34,7 +34,7 @@
     "dompurify": "^3.4.0",
     "exceljs": "^4.4.0",
     "framer-motion": "^12.38.0",
-    "next": "^15.5.15",
+    "next": "^15.5.16",
     "next-auth": "^5.0.0-beta.25",
     "otpauth": "^9.5.0",
     "qrcode": "^1.5.4",