fix(deps): upgrade react-router-dom to 7.13.2 and add pnpm overrides for security vulnerabilities

- Upgrade react-router-dom ^7.1.1 -> ^7.13.2 - Add pnpm.overrides to force safe versions of: tar, minimatch, rollup, immutable, lodash, ajv, brace-expansion, picomatch
2026-03-28 07:25:53 +00:00 · 2026-03-27 21:04:44 +08:00
parent 71e3540f18
commit a7001eb6da
1 changed files with 13 additions and 1 deletions
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
    "react": "^19.2.3",
    "react-dom": "^19.2.3",
    "react-markdown": "^10.1.0",
-    "react-router-dom": "^7.1.1",
+    "react-router-dom": "^7.13.2",
    "react-virtuoso": "^4.18.1",
    "remark-gfm": "^4.0.1",
    "sherpa-onnx-node": "^1.10.38",
@@ -61,6 +61,18 @@
    "vite-plugin-electron": "^0.28.8",
    "vite-plugin-electron-renderer": "^0.14.6"
  },
+  "pnpm": {
+    "overrides": {
+      "tar": ">=6.2.1",
+      "minimatch": ">=3.1.2",
+      "rollup": ">=4.0.0",
+      "immutable": ">=4.0.0",
+      "lodash": ">=4.17.21",
+      "ajv": ">=6.12.3",
+      "brace-expansion": ">=1.1.11",
+      "picomatch": ">=2.3.1"
+    }
+  },
  "build": {
    "appId": "com.WeFlow.app",
    "publish": {