build(npm): pins transitive devDependency postcss (that's via vue) to…

… ^8.14.31 because apparently earlier versions have a vulnerability
sverweij · Oct 7, 2023 · c421cd1 · c421cd1
1 parent a1e5610
commit c421cd1
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -215,10 +215,12 @@
     "yarn": "1.22.19"
   },
   "overrides": {
-    "semver": "^7.5.4"
+    "semver": "^7.5.4",
+    "postcss": "^8.4.31"
   },
   "resolutions": {
-    "semver": "^7.5.4"
+    "semver": "^7.5.4",
+    "postcss": "^8.4.31"
   },
   "upem": {
     "policies": [