Fix 6 high-severity dependency vulnerabilities via pnpm overrides

Task: Fix 6 high-severity dependency vulnerabilities identified in task-5.md.

Approach: Added `pnpm.overrides` to the root `package.json` to force all
transitive dependents to use patched versions of the affected packages.
This is the standard pnpm mechanism for enforcing minimum versions of
indirect dependencies without modifying each workspace package individually.

Vulnerability overrides added:
- picomatch@<2.3.2        → ^2.3.2  (GHSA-c2c7-rcm5-vvqj, ReDoS)
- picomatch@>=4.0.0<4.0.4 → ^4.0.4  (GHSA-c2c7-rcm5-vvqj, ReDoS)
- path-to-regexp@>=8.0.0<8.4.0 → ^8.4.2 (GHSA-j3q9-mxjg-w52f, DoS)
- fast-uri@<3.1.2         → ^3.1.2  (GHSA-q3j6-qgpj-74h6, GHSA-v39h-62p7-jpjc)
- lodash@>=4.0.0<=4.17.23 → ^4.18.1 (GHSA-r5fr-rjxr-66jc, code injection)

Platform-managed overrides also preserved from upstream lockfile:
- esbuild pinned to 0.27.3
- @esbuild-kit/esm-loader aliased to npm:tsx@^4.21.0
- Platform-specific optional binary exclusions for esbuild, lightningcss,
  rollup, @tailwindcss/oxide, and @expo/ngrok-bin (non-Linux variants set to "-")

After `pnpm install`, `pnpm audit` shows 0 high vulnerabilities remaining.
3 moderate vulnerabilities remain (brace-expansion, yaml, postcss) which
were not part of the assigned task scope.

No application code was changed. Only package.json and pnpm-lock.yaml updated.

Replit-Task-Id: b156aee8-5cc8-4289-a948-9e7cfd26ca3f

Author: LCSGreplit

package.json

@@ -12,5 +12,95 @@
   "devDependencies": {
     "typescript": "~5.9.2",
     "prettier": "^3.8.1"
+  },
+  "pnpm": {
+    "overrides": {
+      "esbuild>@esbuild/darwin-arm64": "-",
+      "esbuild>@esbuild/darwin-x64": "-",
+      "esbuild>@esbuild/freebsd-arm64": "-",
+      "esbuild>@esbuild/freebsd-x64": "-",
+      "esbuild>@esbuild/linux-arm": "-",
+      "esbuild>@esbuild/linux-arm64": "-",
+      "esbuild>@esbuild/linux-ia32": "-",
+      "esbuild>@esbuild/linux-loong64": "-",
+      "esbuild>@esbuild/linux-mips64el": "-",
+      "esbuild>@esbuild/linux-ppc64": "-",
+      "esbuild>@esbuild/linux-riscv64": "-",
+      "esbuild>@esbuild/linux-s390x": "-",
+      "esbuild>@esbuild/netbsd-arm64": "-",
+      "esbuild>@esbuild/netbsd-x64": "-",
+      "esbuild>@esbuild/openbsd-arm64": "-",
+      "esbuild>@esbuild/openbsd-x64": "-",
+      "esbuild>@esbuild/sunos-x64": "-",
+      "esbuild>@esbuild/win32-arm64": "-",
+      "esbuild>@esbuild/win32-ia32": "-",
+      "esbuild>@esbuild/win32-x64": "-",
+      "esbuild>@esbuild/aix-ppc64": "-",
+      "esbuild>@esbuild/android-arm": "-",
+      "esbuild>@esbuild/android-arm64": "-",
+      "esbuild>@esbuild/android-x64": "-",
+      "esbuild>@esbuild/openharmony-arm64": "-",
+      "lightningcss>lightningcss-android-arm64": "-",
+      "lightningcss>lightningcss-darwin-arm64": "-",
+      "lightningcss>lightningcss-darwin-x64": "-",
+      "lightningcss>lightningcss-freebsd-x64": "-",
+      "lightningcss>lightningcss-linux-arm-gnueabihf": "-",
+      "lightningcss>lightningcss-linux-arm64-gnu": "-",
+      "lightningcss>lightningcss-linux-arm64-musl": "-",
+      "lightningcss>lightningcss-linux-x64-musl": "-",
+      "lightningcss>lightningcss-win32-arm64-msvc": "-",
+      "lightningcss>lightningcss-win32-x64-msvc": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-android-arm64": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-darwin-arm64": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-darwin-x64": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-freebsd-x64": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-linux-arm-gnueabihf": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-linux-arm64-gnu": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-linux-arm64-musl": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-win32-arm64-msvc": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-win32-x64-msvc": "-",
+      "@tailwindcss/oxide>@tailwindcss/oxide-linux-x64-musl": "-",
+      "rollup>@rollup/rollup-android-arm-eabi": "-",
+      "rollup>@rollup/rollup-android-arm64": "-",
+      "rollup>@rollup/rollup-darwin-arm64": "-",
+      "rollup>@rollup/rollup-darwin-x64": "-",
+      "rollup>@rollup/rollup-freebsd-arm64": "-",
+      "rollup>@rollup/rollup-freebsd-x64": "-",
+      "rollup>@rollup/rollup-linux-arm-gnueabihf": "-",
+      "rollup>@rollup/rollup-linux-arm-musleabihf": "-",
+      "rollup>@rollup/rollup-linux-arm64-gnu": "-",
+      "rollup>@rollup/rollup-linux-arm64-musl": "-",
+      "rollup>@rollup/rollup-linux-loong64-gnu": "-",
+      "rollup>@rollup/rollup-linux-loong64-musl": "-",
+      "rollup>@rollup/rollup-linux-ppc64-gnu": "-",
+      "rollup>@rollup/rollup-linux-ppc64-musl": "-",
+      "rollup>@rollup/rollup-linux-riscv64-gnu": "-",
+      "rollup>@rollup/rollup-linux-riscv64-musl": "-",
+      "rollup>@rollup/rollup-linux-s390x-gnu": "-",
+      "rollup>@rollup/rollup-linux-x64-musl": "-",
+      "rollup>@rollup/rollup-openbsd-x64": "-",
+      "rollup>@rollup/rollup-openharmony-arm64": "-",
+      "rollup>@rollup/rollup-win32-arm64-msvc": "-",
+      "rollup>@rollup/rollup-win32-ia32-msvc": "-",
+      "rollup>@rollup/rollup-win32-x64-gnu": "-",
+      "rollup>@rollup/rollup-win32-x64-msvc": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-darwin-arm64": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-darwin-x64": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-freebsd-ia32": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-freebsd-x64": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-linux-arm64": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-linux-arm": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-linux-ia32": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-sunos-x64": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-win32-ia32": "-",
+      "@expo/ngrok-bin>@expo/ngrok-bin-win32-x64": "-",
+      "@esbuild-kit/esm-loader": "npm:tsx@^4.21.0",
+      "esbuild": "0.27.3",
+      "picomatch@<2.3.2": "^2.3.2",
+      "picomatch@>=4.0.0 <4.0.4": "^4.0.4",
+      "path-to-regexp@>=8.0.0 <8.4.0": "^8.4.2",
+      "fast-uri@<3.1.2": "^3.1.2",
+      "lodash@>=4.0.0 <=4.17.23": "^4.18.1"
+    }
   }
 }