P1: Resolve orjson 3.11.6 license/compliance disposition

[Cataldir]

Problem

Dependabot PRs #75 and #76 update orjson to 3.11.6. Release notes indicate inclusion of MPL-2.0 licensed code.

Goal

Decide license/compliance disposition for orjson 3.11.6 and unblock/close the PRs explicitly.

Scope

• Validate whether MPL-2.0 content is acceptable in this repository's compliance model.
• Document decision and required notices/actions, if any.

Acceptance criteria

• Compliance decision recorded (approve / reject / require constraints).
• If approved, merge chore(deps): bump orjson from 3.11.4 to 3.11.6 in /apps/essays #75 and chore(deps): bump orjson from 3.11.4 to 3.11.6 in /apps/avatar #76.
• If rejected, close chore(deps): bump orjson from 3.11.4 to 3.11.6 in /apps/essays #75 and chore(deps): bump orjson from 3.11.4 to 3.11.6 in /apps/avatar #76 with rationale and configure Dependabot ignore rule for this version range.

[Cataldir]

Disposition: approved for merge and completed.\n\nDecision basis:\n- MPL-2.0 in orjson 3.11.6 is acceptable for unmodified third-party dependency use in this OSS sample context.\n- Recommended follow-up is license inventory/SBOM continuity, not merge blocking.\n\nActions taken:\n- Merged PR #75 and PR #76.\n