diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7abe4f3b9e..2071c6ca95 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -5,7 +5,7 @@ settings: excludeLinksFromLockfile: false overrides: - '@vueuse/shared': 13.9.0 + '@vueuse/shared': 14.3.0 isolated-vm: file:./stubs/empty-stub onnxruntime-node: file:./stubs/empty-stub elliptic: ^6.6.1 @@ -5071,8 +5071,8 @@ packages: peerDependencies: vue-router: '>=4.0.0-rc.1' - '@vueuse/shared@13.9.0': - resolution: {integrity: sha512-e89uuTLMh0U5cZ9iDpEI2senqPGfbPRTHM/0AaQkcxnpqjkZqDYP8rpfm7edOz8s+pOCOROEy1PIveSW8+fL5g==} + '@vueuse/shared@14.3.0': + resolution: {integrity: sha512-bZpge9eSXwa4ToSiqJ7j6KRwhAsneMFoSz3LMWKQDkqimm3D/tbFlrklrs/IOqC8tEcYmXQZJ6N0UrjhBirVCg==} peerDependencies: vue: ^3.5.0 @@ -15577,7 +15577,7 @@ snapshots: dependencies: '@types/web-bluetooth': 0.0.20 '@vueuse/metadata': 10.11.1 - '@vueuse/shared': 13.9.0(vue@3.5.39(typescript@6.0.3)) + '@vueuse/shared': 14.3.0(vue@3.5.39(typescript@6.0.3)) vue-demi: 0.14.10(vue@3.5.39(typescript@6.0.3)) transitivePeerDependencies: - '@vue/composition-api' @@ -15587,7 +15587,7 @@ snapshots: dependencies: '@types/web-bluetooth': 0.0.21 '@vueuse/metadata': 14.3.0 - '@vueuse/shared': 13.9.0(vue@3.5.39(typescript@6.0.3)) + '@vueuse/shared': 14.3.0(vue@3.5.39(typescript@6.0.3)) vue: 3.5.39(typescript@6.0.3) '@vueuse/head@1.3.1(vue@3.5.39(typescript@6.0.3))': @@ -15601,7 +15601,7 @@ snapshots: '@vueuse/integrations@14.3.0(async-validator@4.2.5)(axios@1.18.1)(change-case@5.4.4)(fuse.js@7.4.2)(idb-keyval@6.3.0)(jwt-decode@4.0.0)(qrcode@1.5.4)(sortablejs@1.14.0)(vue@3.5.39(typescript@6.0.3))': dependencies: '@vueuse/core': 14.3.0(vue@3.5.39(typescript@6.0.3)) - '@vueuse/shared': 13.9.0(vue@3.5.39(typescript@6.0.3)) + '@vueuse/shared': 14.3.0(vue@3.5.39(typescript@6.0.3)) vue: 3.5.39(typescript@6.0.3) optionalDependencies: async-validator: 4.2.5 @@ -15619,14 +15619,14 @@ snapshots: '@vueuse/router@10.11.1(vue-router@5.1.0(@vue/compiler-sfc@3.5.39)(pinia@3.0.4(typescript@6.0.3)(vue@3.5.39(typescript@6.0.3)))(rolldown@1.1.4)(rollup@4.62.2)(vite@8.1.3(@types/node@24.13.3)(jiti@2.7.0)(less@4.6.7)(terser@5.48.0)(yaml@2.9.0))(vue@3.5.39(typescript@6.0.3))(webpack@5.108.3(postcss@8.5.16)))(vue@3.5.39(typescript@6.0.3))': dependencies: - '@vueuse/shared': 13.9.0(vue@3.5.39(typescript@6.0.3)) + '@vueuse/shared': 14.3.0(vue@3.5.39(typescript@6.0.3)) vue-demi: 0.14.10(vue@3.5.39(typescript@6.0.3)) vue-router: 5.1.0(@vue/compiler-sfc@3.5.39)(pinia@3.0.4(typescript@6.0.3)(vue@3.5.39(typescript@6.0.3)))(rolldown@1.1.4)(rollup@4.62.2)(vite@8.1.3(@types/node@24.13.3)(jiti@2.7.0)(less@4.6.7)(terser@5.48.0)(yaml@2.9.0))(vue@3.5.39(typescript@6.0.3))(webpack@5.108.3(postcss@8.5.16)) transitivePeerDependencies: - '@vue/composition-api' - vue - '@vueuse/shared@13.9.0(vue@3.5.39(typescript@6.0.3))': + '@vueuse/shared@14.3.0(vue@3.5.39(typescript@6.0.3))': dependencies: vue: 3.5.39(typescript@6.0.3) diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index ca12e789e6..f467170899 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -1,12 +1,7 @@ -# The xlsx override below intentionally points the whole graph (including -# wsemi's transitive xlsx) at the SheetJS CDN tarball, because the npm -# registry version is stale (0.18.5) and carries known vulnerabilities. -# pnpm 11 blocks URL tarballs in subdependencies by default and has no -# per-package exception, so this protection must be disabled repo-wide. blockExoticSubdeps: false overrides: - '@vueuse/shared': 13.9.0 + '@vueuse/shared': 14.3.0 # Native-only transitives of webcrack / @huggingface/transformers. # The browser app aliases both to an empty module in vite.config.ts, # so stub them out entirely (saves ~225 MB of node_modules).