fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-7361793

Author: snyk-bot

package-lock.json

@@ -57,7 +57,7 @@
     "@nextcloud/paths": "^2.1.0",
     "@nextcloud/router": "^3.0.0",
     "@nextcloud/sharing": "^0.2.3",
-    "@nextcloud/upload": "^1.4.2",
+    "@nextcloud/upload": "^1.5.0",
     "@nextcloud/vue": "^8.15.1",
     "@simplewebauthn/browser": "^10.0.0",
     "@skjnldsv/sanitize-svg": "^1.0.2",
@@ -187,7 +187,7 @@
     "typescript": "^5.5.3",
     "vue-loader": "^15.9.8",
     "vue-template-compiler": "^2.7.16",
-    "wait-on": "^7.2.0",
+    "wait-on": "^8.0.0",
     "webpack": "^5.93.0",
     "webpack-cli": "^5.0.2",
     "webpack-merge": "^5.8.0",