Add overrides to pnpm workspace for compat installs to address CVEs

[alexvy86]

Description

Adds a few overrides to the pnpm workspace for compat installs. We got an alert for axios 0.28.1, so that was the main thing to fix, but applied a few others that we also have in other places.

Reviewer Guidance

The review process is outlined on this wiki page.

[github-actions]

Hi! Thank you for opening this PR. Want me to review it?

Based on the diff (339 lines, 3 files), I've queued these reviewers:

• Correctness — logic errors, race conditions, lifecycle issues
• Security — vulnerabilities, secret exposure, injection
• API Compatibility — breaking changes, release tags, type design
• Performance — algorithmic regressions, memory leaks
• Testing — coverage gaps, hollow tests

How this works

• Adjust the reviewer set by ticking/unticking boxes above. Reviewer toggles alone don't trigger anything.

• Tick Start review below to dispatch the review fleet.

• After review finishes, tick Start review again to request another run — it auto-resets after each dispatch.

• This comment updates as new commits land; your reviewer selections are preserved.

• Start review

[Copilot]

Pull request overview

This PR adds pnpm workspace-level overrides in the test-version-utils compat workspace to force patched dependency versions (primarily addressing an axios 0.28.1 security alert), and regenerates the committed lockfile to reflect the new resolution.

Changes:

• Add pnpm overrides in compat-workspaces/full/pnpm-workspace.yaml to pin safer versions of axios, jsrsasign, serialize-javascript, and uuid.
• Regenerate compat-workspaces/full/pnpm-lock.yaml so the resolved versions (and the overrides block) match the new configuration.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

File	Description
packages/test/test-version-utils/compat-workspaces/full/pnpm-workspace.yaml	Adds override rules to force patched dependency versions during compat workspace installs.
packages/test/test-version-utils/compat-workspaces/full/pnpm-lock.yaml	Updates the lockfile to reflect the new overrides and resulting resolved versions.

Files not reviewed (1)

• packages/test/test-version-utils/compat-workspaces/full/pnpm-lock.yaml: Language not supported

[alexvy86]

FYI @ChumpChief @jason-ha . Where possible we've been starting to use pnpm-workspace.yaml for overrides so we can comment them better. We couldn't do it in the client release group because syncpack didn't quite support catalogs and/or the pnpm-workspace.yaml file. Syncpack 15 seems to have added the necessary support so maybe we can do it now :).

[alexvy86]

FYI @ChumpChief @jason-ha . Where possible we've been starting to use pnpm-workspace.yaml for overrides so we can comment them better. We couldn't do it in the client release group because syncpack didn't quite support catalogs and/or the pnpm-workspace.yaml file. Syncpack 15 seems to have added the necessary support so maybe we can do it now :).

#27320