feat: add cve-lite learn interactive guided learning command

[sonukapoor]

Summary

Add a cve-lite learn command that teaches dependency security through an interactive, hands-on tutorial.

Motivation

Developers who encounter CVE Lite CLI output for the first time often lack context for what direct vs transitive vulnerabilities mean, how severity levels should drive prioritization, and what the right fix action is in each case. A guided learning mode addresses this directly, turning the CLI into a teaching tool as well as a scanner.

What it does

• Fetches scenario files from examples/learn/ on GitHub (npm lockfiles with known vulnerabilities, pre-authored Q&A steps)
• Runs a silent scan against the vulnerable lockfile
• Walks the user through multiple-choice questions about each finding with instant correct/wrong feedback
• Shows the fix command, waits for the user to run it, then rescans the fixed lockfile
• Prints a before/after finding comparison and a success message

Scenarios included

1. Your first direct vulnerability (beginner) - lodash@4.17.20 prototype pollution, direct dep, fix with targeted upgrade
2. Following the dependency chain (beginner) - http-cache-semantics@4.1.0 via got, transitive dep, fix by upgrading parent
3. Prioritizing what to fix first (intermediate) - critical + high findings, severity triage, targeted fix command

Technical details

• No new runtime dependencies (built-ins only: process.stdin raw mode, fetch, fs, os)
• 24h cache at ~/.cache/cve-lite/learn/<id>/ so repeat runs are instant
• Ctrl+C always restores terminal state cleanly
• Full unit test coverage: keypress handler, scenario fetcher, session loop, runner, CLI args