fix: update vulnerable dependencies

[AhmadFaour9]

Summary

Updates vulnerable dependencies reported in the existing security issue while keeping the change focused and low-risk.

Updated dependencies

• crypto-js: 4.1.1 -> 4.2.0
• dompurify: 3.0.6 -> 3.4.0
• vue-i18n: 9.9.1 -> 9.14.5
• @intlify/core-base/message-compiler/shared: 9.9.1 -> 9.14.5
• yaml: 2.2.1 -> 2.8.3

Validation

• pnpm install
• pnpm audit
• pnpm lint
• pnpm test
• pnpm build

Notes

This PR intentionally focuses only on dependency updates to make review easier and reduce regression risk.

pnpm audit still reports vulnerabilities outside the dependency scope of this PR. The targeted packages updated here are no longer reported by audit.

[AhmadFaour9]

The main CI passed successfully.

The required E2E jobs are failing before tests start, during:

pnpm exec playwright install --with-deps

The error seems related to Ubuntu 24.04 package availability on the GitHub runner:

• libasound2 has no installation candidate
• libffi7 cannot be located
• libx264-163 cannot be located

Since this PR only updates pnpm-lock.yaml, I believe this is unrelated to the dependency updates here. Could you please rerun the required E2E checks, or let me know if you prefer a separate workflow compatibility fix?

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[AhmadFaour9]

I pinned the E2E workflow runner to ubuntu-22.04 because the current Playwright version fails during playwright install --with-deps on Ubuntu 24.04 due to unavailable packages (libasound2, libffi7, libx264-163).

No application code or tests were changed.