refactor: reduced overrides

[mfranzke]

Description

reduce configured pnpm overrides

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Performance improvement
• Code refactoring

Testing

• Tests pass locally
• Added tests for new functionality
• Updated existing tests
• Manual testing completed

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

Browser Testing

If applicable, please test in the following browsers:

• Chrome
• Firefox
• Safari
• Edge

Performance Impact

If this change affects performance:

• I have run performance benchmarks
• Performance impact is documented
• Performance regression is acceptable for the added functionality

Breaking Changes

If this introduces breaking changes, please describe:

Additional Notes

Any additional information that reviewers should know.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 5cdd7e3

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

🚀 Performance Benchmark Results

Metric	Value	Status
Initialization Time	0.30ms	✅
Avg Processing Time	0.2756ms	✅
Total Processing Time (1000x)	275.60ms	ℹ️

✅ All benchmarks passed!

[Copilot]

Pull request overview

This PR refactors the project's dependency management by removing most pnpm overrides from package.json, keeping only the critical @eslint/plugin-kit@<0.3.4 override. The refactoring aims to simplify dependency management and allow pnpm to resolve dependencies more naturally, but results in several transitive dependency version changes.

• Removes 6 out of 7 pnpm override rules for dependencies like tmp, vite, js-yaml, and glob
• Retains only the essential @eslint/plugin-kit security override
• Results in lockfile changes including some dependency downgrades

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments.

File	Description
package.json	Removed 6 out of 7 pnpm override rules, keeping only the @eslint/plugin-kit@<0.3.4 override
pnpm-lock.yaml	Reflects dependency resolution changes from removed overrides, including downgrades of js-yaml (4.1.1 → 3.14.2) and @eslint/plugin-kit (0.5.0 → 0.4.1), plus removal of unused packages and peer dependency adjustments

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

[Copilot]

Removing the js-yaml overrides has caused a transitive dependency (read-yaml-file@1.1.0) to downgrade from js-yaml@4.1.1 to js-yaml@3.14.2. While 3.14.2 is the minimum safe version that addresses CVE-2021-21434, version 4.1.1 is newer and has additional security improvements and bug fixes. Consider keeping the js-yaml@>=4.0.0 <4.1.1: '>=4.1.1' override to ensure dependencies use the latest secure version when on the 4.x line.

[Copilot]

Removing the overrides has caused eslint-plugin-unicorn to downgrade from using @eslint/plugin-kit@0.5.0 to @eslint/plugin-kit@0.4.1. While 0.4.1 still meets the minimum override requirement of >=0.3.4, you should verify that this downgrade doesn't introduce compatibility issues or missing features that eslint-plugin-unicorn may need.