deps: update cspell to 9.6.4

.npmrc

@@ -0,0 +1,25 @@
+# Package Manager Configuration
+# Force pnpm usage - breaks npm/yarn intentionally
+node-linker=pnpm
+
+# Security: Disable all lifecycle scripts
+ignore-scripts=true
+enable-pre-post-scripts=false
+
+# Security: Require packages to be 10+ days old before installation
+minimum-release-age=14400
+
+# Security: Verify package integrity hashes
+verify-store-integrity=true
+
+# Security: Enforce strict trust policies
+trust-policy=strict
+
+# Security: Strict peer dependency resolution
+strict-peer-dependencies=true
+
+# Performance: Use symlinks for node_modules
+symlink=true
+
+# Lockfile: Ensure lockfile is not modified during install
+frozen-lockfile=false

package.json

@@ -17,7 +17,7 @@
   "devDependencies": {
     "@nhcarrigan/eslint-config": "5.2.0",
     "@types/node": "22.14.0",
-    "cspell": "8.18.1",
+    "cspell": "9.6.4",
     "eslint": "9.24.0",
     "tsx": "4.19.3",
     "vitest": "3.1.1",

pnpm-workspace.yaml

@@ -1,21 +0,0 @@
-# Security
-
-# Do not execute any scripts of installed packages (project scripts still run)
-ignoreDepScripts: true
-# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
-enablePrePostScripts: false
-# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
-minimumReleaseAge: 14400
-# Fail if a package's trust level has decreased compared to previous releases
-trustPolicy: no-downgrade
-# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
-trustPolicyIgnoreAfter: 525960
-# Fail if there are missing or invalid peer dependencies
-strictPeerDependencies: true
-# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
-blockExoticSubdeps: true
-
-# Lockfile
-
-# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
-preferFrozenLockfile: false