From 49fe21dc3ba8b3c0f8b6ea342c02dd7e8de34752 Mon Sep 17 00:00:00 2001
From: Kipruto <43873157+kelvinkipruto@users.noreply.github.com>
Date: Tue, 7 Apr 2026 10:13:15 +0300
Subject: [PATCH 1/3] build(deps): harden pnpm supply-chain install settings

---
 package.json | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index fa2fb05b..f627ff1e 100644
--- a/package.json
+++ b/package.json
@@ -105,12 +105,15 @@
     "pnpm": "^9 || ^10"
   },
   "pnpm": {
+    "blockExoticSubdeps": true,
+    "minimumReleaseAge": 1440,
     "onlyBuiltDependencies": [
       "@sentry/cli",
       "esbuild",
       "sharp",
       "unrs-resolver"
-    ]
+    ],
+    "trustPolicy": "no-downgrade"
   },
   "packageManager": "pnpm@10.16.1"
 }

From 6d54e36389de832a3148145b31b73d87014299c9 Mon Sep 17 00:00:00 2001
From: kelvin <43873157+kelvinkipruto@users.noreply.github.com>
Date: Tue, 7 Apr 2026 10:59:06 +0300
Subject: [PATCH 2/3] chore: update pnpm from 10.16.1 to 10.33.0

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f627ff1e..5a00a696 100644
--- a/package.json
+++ b/package.json
@@ -115,5 +115,5 @@
     ],
     "trustPolicy": "no-downgrade"
   },
-  "packageManager": "pnpm@10.16.1"
+  "packageManager": "pnpm@10.33.0"
 }

From 244d745219f3ee0035f6860cf5f261e87dfcf711 Mon Sep 17 00:00:00 2001
From: kelvin <43873157+kelvinkipruto@users.noreply.github.com>
Date: Tue, 7 Apr 2026 11:09:40 +0300
Subject: [PATCH 3/3] chore: move pnpm config from package.json to .npmrc

This centralizes all pnpm configuration in the .npmrc file for consistency and better tooling support. The settings (block-exotic-subdeps, minimum-release-age, trust-policy) remain unchanged.
---
 .npmrc       | 5 ++++-
 package.json | 5 +----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.npmrc b/.npmrc
index e9ee3cb4..ef858a3a 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,4 @@
-legacy-peer-deps=true
\ No newline at end of file
+legacy-peer-deps=true
+block-exotic-subdeps=true
+minimum-release-age=1440
+trust-policy=no-downgrade
diff --git a/package.json b/package.json
index 5a00a696..54d84893 100644
--- a/package.json
+++ b/package.json
@@ -105,15 +105,12 @@
     "pnpm": "^9 || ^10"
   },
   "pnpm": {
-    "blockExoticSubdeps": true,
-    "minimumReleaseAge": 1440,
     "onlyBuiltDependencies": [
       "@sentry/cli",
       "esbuild",
       "sharp",
       "unrs-resolver"
-    ],
-    "trustPolicy": "no-downgrade"
+    ]
   },
   "packageManager": "pnpm@10.33.0"
 }