chore: upgrade lerna to fix CVE with tar dependency (#4555)

See GHSA-f5x3-32g6-xq36
The affected version of `tar` is only used in build tooling, i.e. no risk to published packages.

---

By submitting this pull request, I confirm that my contribution is made under the terms of the [Apache 2.0 license].

[Apache 2.0 license]: https://www.apache.org/licenses/LICENSE-2.0

Author: mrgrain

package.json

@@ -31,7 +31,7 @@
     "jest-circus": "^28.1.3",
     "jest-config": "^28.1.3",
     "jest-expect-message": "^1.1.3",
-    "lerna": "^8.1.2",
+    "lerna": "^8.1.5",
     "prettier": "^3.2.5",
     "standard-version": "^9.5.0",
     "ts-node": "^10.9.2",