chore(deps): bump socks to ^2.8.8 to fix ip-address vulnerability

[antonis]

📢 Type of change

• Bugfix
• New feature
• Enhancement
• Refactoring

📜 Description

Adds a yarn resolution to bump socks from 2.8.3 to ^2.8.8. This causes ip-address (a transitive dependency of socks) to upgrade from 9.0.5 to ^10.1.1, fixing the XSS vulnerability in Address6 HTML-emitting methods.

This is a dev-only dependency (used by socks-proxy-agent in dev tooling). It does not affect the SDK runtime.

💡 Motivation and Context

Fixes https://github.com/getsentry/sentry-react-native/security/dependabot/527

💚 How did you test it?

• yarn install ✅
• yarn build ✅
• yarn test (263 tests passed) ✅
• yarn lint:lerna ✅

📝 Checklist

• I added tests to verify changes
• No new PII added or SDK only sends newly added PII if sendDefaultPII is enabled
• I updated the docs if needed.
• I updated the wizard if needed.
• All tests passing
• No breaking changes

🔮 Next steps

[github-actions]

Semver Impact of This PR

⚪ None (no version bump detected)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

• chore(deps): bump socks to ^2.8.8 to fix ip-address vulnerability by antonis in #6117

• chore(deps): bump uuid to ^13.0.1 to fix buffer bounds check vulnerability by antonis in #6118
• test(replay): Add passthrough tests for device-state replay breadcrumbs by antonis in #6115
• chore(deps): update JavaScript SDK to v10.52.0 by github-actions in #6108
• chore(deps): bump basic-ftp from 5.3.0 to 5.3.1 by dependabot in #6111

---

_{🤖 This preview updates automatically when you update the PR.}

[github-actions]

	Fails
🚫	Pull request is not ready for merge, please add the "ready-to-merge" label to the pull request

Generated by 🚫 dangerJS against f687d9d

[lucas-zimerman]

LGTM! once tests passes