deps: update eslint-plugin-react to 7.37.5

.npmrc

@@ -0,0 +1,25 @@
+# Package Manager Configuration
+# Force pnpm usage - breaks npm/yarn intentionally
+node-linker=pnpm
+
+# Security: Disable all lifecycle scripts
+ignore-scripts=true
+enable-pre-post-scripts=false
+
+# Security: Require packages to be 10+ days old before installation
+minimum-release-age=14400
+
+# Security: Verify package integrity hashes
+verify-store-integrity=true
+
+# Security: Enforce strict trust policies
+trust-policy=strict
+
+# Security: Strict peer dependency resolution
+strict-peer-dependencies=true
+
+# Performance: Use symlinks for node_modules
+symlink=true
+
+# Lockfile: Ensure lockfile is not modified during install
+frozen-lockfile=false

package.json

@@ -42,7 +42,7 @@
     "eslint-plugin-import": "2.31.0",
     "eslint-plugin-jsdoc": "50.6.1",
     "eslint-plugin-playwright": "2.1.0",
-    "eslint-plugin-react": "7.37.3",
+    "eslint-plugin-react": "7.37.5",
     "eslint-plugin-sort-keys-fix": "1.1.2",
     "eslint-plugin-unicorn": "56.0.1",
     "globals": "15.14.0"

pnpm-workspace.yaml

@@ -1,21 +0,0 @@
-# Security
-
-# Do not execute any scripts of installed packages (project scripts still run)
-ignoreDepScripts: true
-# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
-enablePrePostScripts: false
-# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
-minimumReleaseAge: 14400
-# Fail if a package's trust level has decreased compared to previous releases
-trustPolicy: no-downgrade
-# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
-trustPolicyIgnoreAfter: 525960
-# Fail if there are missing or invalid peer dependencies
-strictPeerDependencies: true
-# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
-blockExoticSubdeps: true
-
-# Lockfile
-
-# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
-preferFrozenLockfile: false