chore(FR-1733): apply OWASP dependency-check security fixes and configure pnpm minimumReleaseAge (#4719)

Resolves #4718 ([FR-1733](https://lablup.atlassian.net/browse/FR-1733))

## Summary

This PR addresses security vulnerabilities identified by OWASP dependency-check scanning and improves dependency management practices.

## Changes

**Security Updates:**

- Upgrade `@babel/core` from `^7.25.2` to `^7.28.5`
- Add security patch for `ansi_up@6.0.6`
- Update pnpm overrides to fix `tar-fs` and `node-forge` vulnerabilities
- Remove obsolete dependency overrides (`eslint`, `zod`, `cross-spawn`)

**Configuration:**

- Set `minimumReleaseAge: 10080` (7 days) in pnpm-workspace.yaml to prevent automatic adoption of newly published packages with potential zero-day vulnerabilities

## Impact

- Resolves security vulnerabilities identified in OWASP dependency-check
- Reduces exposure to zero-day vulnerabilities from hastily-released packages
- Improves dependency configuration maintainability

**Checklist:**

- [x] Security vulnerabilities addressed
- [x] Dependency configuration cleaned up
- [ ] Build verification required
- [ ] No runtime behavior changes expected

[FR-1733]: https://lablup.atlassian.net/browse/FR-1733?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

Author: yomybaby

.claude/commands/create-jira-issue.md

@@ -25,7 +25,16 @@ Based on the argument provided:
 - **commit**: Use `git diff HEAD~1..HEAD` to get latest commit changes
 
 ### Jira Issue Creation
-- You do **not** have to include a summary of changed files or key modifications in the issue description. Instead, focus on describing the background or purpose for which a PR is needed.
+- **IMPORTANT**: The issue description should explain **WHY** this work is needed (background, purpose, motivation), **NOT HOW** to do it (implementation details, step-by-step instructions).
+- Focus on:
+  - The problem or need that triggered this work
+  - Business or technical justification
+  - Context and background information
+  - Expected outcomes or goals
+- Do **NOT** include:
+  - Implementation steps or "how to do it" instructions
+  - Detailed lists of file changes or code modifications
+  - Technical execution details (these belong in the PR description)
 - Whenever possible, follow the recommended Jira title and description format for Story, Task, or Bug issues.
 - Please determine the appropriate Jira issue type (Story, Task, or Bug) based on the content.
 - **Before creating the Jira issue, display the issue content (title, description, type) in a readable format on screen for user review**

.claude/commands/create-pr-stack-for-stage.md

@@ -80,10 +80,6 @@ git diff --cached
 
 # Create new branch for staged changes
 gt create feat/FR-1234-implement-feature  -m "feat(FR-1234): implement new feature functionality"
-
-# IMPORTANT: Ask user for confirmation before submitting
-# Review changes and commit message with user first
-# Then submit stack for review
 gt stack submit
 ```
 

package.json

@@ -106,7 +106,7 @@
     "winston": "^3.14.0"
   },
   "devDependencies": {
-    "@babel/core": "^7.25.2",
+    "@babel/core": "^7.28.5",
     "@babel/parser": "^7.25.3",
     "@babel/plugin-proposal-class-properties": "^7.18.6",
     "@babel/plugin-proposal-decorators": "^7.24.7",
@@ -178,13 +178,10 @@
     "workbox-sw": "^7.1.0",
     "ws": "^8.18.0"
   },
-  "overrides": {
-    "eslint": "^8.57.1"
-  },
   "pnpm": {
     "overrides": {
-      "zod": "^4.0.0",
-      "cross-spawn": "^7.0.6"
+      "tar-fs@2": "2.1.4",
+      "node-forge": ">=1.3.2"
     }
   },
   "vaadin": {

pnpm-lock.yaml

@@ -19,5 +19,7 @@ patchedDependencies:
   "@cloudscape-design/board-components@3.0.60": react/patches/@cloudscape-design__board-components@3.0.60.patch
   rc-field-form@2.7.1: react/patches/rc-field-form.patch
   react-scripts@5.0.1: react/patches/react-scripts@5.0.1.patch
+  ansi_up@6.0.6: react/patches/ansi_up@6.0.6.patch
+
+minimumReleaseAge: 10080
 
-minimumReleaseAge: 4320

pnpm-workspace.yaml

@@ -3,8 +3,8 @@
   "version": "25.18.0-alpha.0",
   "private": true,
   "dependencies": {
-    "@ai-sdk/openai": "^2.0.72",
-    "@ai-sdk/react": "^2.0.101",
+    "@ai-sdk/openai": "^2.0.69",
+    "@ai-sdk/react": "^2.0.97",
     "@ant-design/charts": "^2.6.6",
     "@ant-design/colors": "^7.2.1",
     "@ant-design/cssinjs": "^1.24.0",
@@ -26,7 +26,7 @@
     "@uiw/codemirror-extensions-langs": "^4.25.2",
     "@uiw/react-codemirror": "^4.25.2",
     "ahooks": "^3.9.6",
-    "ai": "^5.0.101",
+    "ai": "^5.0.97",
     "ansi_up": "^6.0.6",
     "antd": "^5.28.0",
     "antd-style": "^3.7.1",
@@ -143,7 +143,7 @@
     ]
   },
   "devDependencies": {
-    "@babel/core": "^7.27.3",
+    "@babel/core": "^7.28.5",
     "@babel/plugin-proposal-private-property-in-object": "^7.21.11",
     "@babel/plugin-syntax-import-attributes": "^7.26.0",
     "@babel/preset-env": "^7.28.0",

react/package.json

@@ -0,0 +1,21 @@
+diff --git a/examples/browser.html b/examples/browser.html
+deleted file mode 100644
+index c59d3941ff490cde0e23490d5d4b79ccb0e577c4..0000000000000000000000000000000000000000
+diff --git a/examples/browser_amd.html b/examples/browser_amd.html
+deleted file mode 100644
+index ddd981d9bb754a1ccc773ac56b06939285af543b..0000000000000000000000000000000000000000
+diff --git a/examples/jquery-1.7.2.min.js b/examples/jquery-1.7.2.min.js
+deleted file mode 100644
+index 16ad06c5acaad09ee4d6e9d7c428506db028aeeb..0000000000000000000000000000000000000000
+diff --git a/examples/main.js b/examples/main.js
+deleted file mode 100644
+index a6a9f2836478e55c2f816bc370ca5269a860034b..0000000000000000000000000000000000000000
+diff --git a/examples/require.js b/examples/require.js
+deleted file mode 100644
+index ba19fefece1584c15d677e6a8962265f82249d27..0000000000000000000000000000000000000000
+diff --git a/examples/theme.css b/examples/theme.css
+deleted file mode 100644
+index 5837e1dc877ddbdf51bc1d93fbcb9cbee3ffdf34..0000000000000000000000000000000000000000
+diff --git a/examples/theme.scss b/examples/theme.scss
+deleted file mode 100644
+index e21a4d8769d58c50594b3772b95500b67dc95f04..0000000000000000000000000000000000000000