core-web/pnpm-workspace.yaml at main · db-ux-design-system/core-web · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
packages:
  - "packages/*"
  - "output/*"
  - "showcases/*"
  - "storybooks/*"
  - "docs"
  - "scripts"
  - "figma-code-connect/*"

allowBuilds:
  "@compodoc/compodoc": false
  "@db-ux/db-theme": true
  "@db-ux/db-theme-fonts": true
  "@db-ux/db-theme-icons": true
  "@db-ux/db-theme-illustrative-icons": true
  "@parcel/watcher": false
  accessibility-checker: false
  chromedriver: false
  core-js: false
  esbuild: true
  ffmpeg-static: false
  lmdb: false
  msgpackr-extract: false
  puppeteer: true
  rs-module-lexer: false
  sharp: false
  svelte-preprocess: false
  ttf2woff2: false
  unrs-resolver: false

auditConfig:
  ignoreGhsas:
    # @angular/compiler: patched version >=18.2.15 does not exist (latest v18-lts is 18.2.14).
    # Vulnerability is in @builder.io/mitosis transitive dep, not exploitable in our build context.
    - GHSA-jrmj-c5cx-3cw6
    - GHSA-v4hv-rgfq-gp49
    # esbuild: patched version >=0.24.3 does not exist on npm.
    # Vulnerability only affects esbuild dev server (not used in production builds).
    - GHSA-67mh-4wv8-2f99
    # html-minifier: patched version >=4.0.1 does not exist (project abandoned).
    # Transitive dep of sassdoc-theme-default, dev-only, no user input processed.
    - GHSA-pfq8-rq6v-vf5m
    # sassdoc-extras: patched version >=3.0.1 does not exist.
    # Transitive dep of sassdoc-theme-default, dev-only.
    - GHSA-3mpm-jx38-9m8w

engineStrict: true

minimumReleaseAgeExclude:
  - uuid@11.1.1
  - qs@6.15.2
  - hono@4.12.21
  - brace-expansion@5.0.6
  - got@11.8.5
  - marked@4.0.10
  - semver-regex@3.1.3
  - semver-regex@3.1.4
  - svelte@4.2.19
  - svelte@5.51.5
  - ajv@8.18.0
  - file-type@21.3.1
  - svelte@5.53.5
  - picomatch@4.0.4
  - postcss@8.5.10
  - ip-address@10.1.1
  - webpack-dev-server@5.2.4
  - svelte@5.55.7

overrides:
  ajv@>=7.0.0-alpha.0 <8.18.0: ^8.18.0
  brace-expansion@>=5.0.0 <5.0.6: ^5.0.6
  file-type@>=13.0.0 <21.3.1: ^21.3.1
  got@<11.8.5: ^11.8.5
  hono@<4.12.21: ^4.12.21
  ip-address@<=10.1.0: ^10.1.1
  marked@<4.0.10: ^4.0.10
  picomatch@>=4.0.0 <4.0.4: ^4.0.4
  postcss@<8.5.10: ^8.5.10
  qs@>=6.11.1 <=6.15.1: ^6.15.2
  semver-regex@<3.1.3: ^3.1.3
  semver-regex@<3.1.4: ^3.1.4
  svelte@<4.2.19: ^4.2.19
  svelte@<=5.51.4: ^5.51.5
  svelte@<=5.53.4: ^5.53.5
  svelte@<=5.55.6: ^5.55.7
  uuid@<11.1.1: ^11.1.1
  webpack-dev-server@<=5.2.3: ^5.2.4

saveExact: true