Главная Обзор Помощь
Вход
wiki
/
weseek__growi
зеркало из https://github.com/weseek/growi
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 6a3cb9ee28
Ветки Метки
weseek__growi
/
pnpm-workspace.yaml

pnpm-workspace.yaml 2.0 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. packages:
    2. 

  2.   - 'apps/*'
    3. 

  3.   - 'packages/*'
    4. 

  4. 

  5. overrides:
    6. 

  6.   # flat v6 is provided only by ESM, but @lykmapipo/common requires CommonJS version
    7. 

  7.   '@lykmapipo/common>flat': 5.0.2
    8. 

  8.   # mime v4 is provided only by ESM, but @lykmapipo/common requires CommonJS version
    9. 

  9.   '@lykmapipo/common>mime': 3.0.0
    10. 

  10.   # parse-json v6 is provided only by ESM, but @lykmapipo/common requires CommonJS version
    11. 

  11.   '@lykmapipo/common>parse-json': 5.2.0
    12. 

  12.   # CVE-2025-XXXXX: CRLF Injection + Prototype Pollution combo leads to HTTP Request Smuggling (CVSS 10.0).
    13. 

  13.   # All versions < 1.15.0 are vulnerable.
    14. 

  14.   axios: ^1.15.0
    15. 

  15. 

  16. packageExtensions:
    17. 

  17.   # @orval/core bundles @stoplight/json-ref-resolver which requires lodash/get at runtime,
    18. 

  18.   # but @orval/core does not declare lodash as a dependency.
    19. 

  19.   '@orval/core':
    20. 

  20.     dependencies:
    21. 

  21.       lodash: '*'
    22. 

  22. 

  23. patchedDependencies:
    24. 

  24.   # The patch excludes mathjax-full from the dependency graph of Marp Core.
    25. 

  25.   '@marp-team/marp-core': packages/presentation/patches/@marp-team__marp-core.patch
    26. 

  26. 

  27. # pnpm v11+ unified allowlist: true=run install scripts, false=skip them.
    28. 

  28. # Migrated from onlyBuiltDependencies (true) and ignoredBuiltDependencies (false).
    29. 

  29. allowBuilds:
    30. 

  30.   lefthook: true
    31. 

  31.   '@swc/core': false
    32. 

  32.   core-js: false
    33. 

  33.   esbuild: false
    34. 

  34.   leveldown: false
    35. 

  35.   protobufjs: false
    36. 

  36.   puppeteer: false
    37. 

  37.   ttf2woff2: false
    38. 

  38.   # Prisma: apps/app's `postinstall: prisma generate` covers the work that these
    39. 

  39.   # packages' install scripts would do. In particular, `prisma generate` itself
    40. 

  40.   # downloads the engine binary on demand (verified by removing
    41. 

  41.   # libquery_engine-*.so.node and re-running `prisma generate` — the binary is
    42. 

  42.   # restored byte-for-byte), so `@prisma/engines`' postinstall is redundant here.
    43. 

  43.   '@prisma/client': false
    44. 

  44.   '@prisma/engines': false
    45. 

  45.   prisma: false
    46. 

  46.   # sharp ships platform-specific prebuilt binaries via optional dependencies
    47. 

  47.   # (e.g. @img/sharp-linux-x64, @img/sharp-libvips-linux-x64), so its install
    48. 

  48.   # script (which would build libvips from source as a fallback) is not needed.
    49. 

  49.   sharp: false
    50.