chore: bump uuid to v14 to clear GHSA-w5hq-g745-h8pq, bump node to v20

[kshmidt]

GHSA-w5hq-g745-h8pq (moderate) affects uuid <= 13.0.0: missing buffer bounds validation in v3/v5/v6 silently writes partial UUIDs into undersized buffers. This project only uses v4 (src/devTool.tsx), which is not affected, but consumers running npm audit on projects depending on @hookform/devtools see the advisory surface through the transitive dependency.

Node 20 (required by uuid 14)

uuid@14 drops support for Node 18 and below, so the
CI matrix moves from Node 16.x (EOL September 2023) to 20.x.

rollup-plugin-typescript2 (required by Node 20)

On Node 17+, rollup-plugin-typescript2@0.30 fails to build:

Package subpath './package.json' is not defined by "exports" in
node_modules/rollup-plugin-typescript2/node_modules/tslib/package.json

The plugin used require('tslib/package.json'), which Node now blocks
due to tslib's exports field. Fixed upstream by declaring tslib as a
regular dependency; ^0.37.0 is the current stable. No breaking changes
affect this repo's usage; peer deps (rollup >= 1.26.3,
typescript >= 2.4.0) remain satisfied.

actions/setup-node v1 → v4

@v1 runs on the deprecated Node 12 action runtime, which GitHub has
been sunsetting. While there, fixed a latent bug in release.yml where
the input key was version (silently ignored by setup-node) instead
of node-version

Change	Before	After
uuid	^8.3.2	^14.0.0
@types/uuid	^8.3.4	^11.0.0
rollup-plugin-typescript2	^0.30.0	^0.37.0
CI node-version	16.x	20.x
actions/setup-node	@v1	@v4