Bump transitive deps postcss, fast-xml-parser, uuid to patched versions (#752)

Addresses Dependabot alerts:

- #68 fast-xml-parser < 5.7.0 (XML Comment/CDATA injection) -> 5.7.1

- #71 uuid < 14.0.0 (missing buffer bounds check) -> 14.0.0

- #72 postcss < 8.5.10 (XSS via unescaped </style>) -> 8.5.10

Updated pnpm overrides in src/frontend/package.json to force patched

versions of these transitive dependencies and regenerated pnpm-lock.yaml.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: IEvangelist

src/frontend/package.json

@@ -112,16 +112,18 @@
       "ajv@>=7.0.0-alpha.0 <8.18.0": "8.18.0",
       "devalue@<5.6.4": ">=5.6.4",
       "dompurify@<3.4.0": ">=3.4.0",
-      "fast-xml-parser@<5.5.7": ">=5.5.7",
+      "fast-xml-parser@<5.7.0": ">=5.7.0",
       "flatted@<3.4.2": ">=3.4.2",
       "h3@<1.15.9": ">=1.15.9",
       "lodash@>=4.0.0 <=4.17.22": ">=4.17.23",
       "seroval": ">=1.4.1",
       "lodash-es@>=4.0.0 <=4.17.22": ">=4.17.23",
       "minimatch@<10.2.3": ">=10.2.3",
+      "postcss@<8.5.10": ">=8.5.10",
       "rollup@>=4.0.0 <4.59.0": ">=4.59.0",
       "simple-git@<3.32.3": ">=3.32.3",
-      "svgo@=4.0.0": ">=4.0.1"
+      "svgo@=4.0.0": ">=4.0.1",
+      "uuid@<14.0.0": ">=14.0.0"
     }
   }
 }