chore: try to avoid supply chain security (#34317)

pnpm-workspace.yaml

@@ -1,3 +1,12 @@
+trustPolicy: no-downgrade
+minimumReleaseAge: 1440
+blockExoticSubdeps: true
+strictDepBuilds: true
+allowBuilds:
+  '@parcel/watcher': false
+  canvas: false
+  esbuild: false
+  sharp: false
 packages:
   - web
   - e2e
@@ -13,6 +22,7 @@ overrides:
   array.prototype.flatmap: npm:@nolyfill/array.prototype.flatmap@^1.0.44
   array.prototype.tosorted: npm:@nolyfill/array.prototype.tosorted@^1.0.44
   assert: npm:@nolyfill/assert@^1.0.26
+  axios: 1.14.0
   brace-expansion@<2.0.2: 2.0.2
   canvas: ^3.2.2
   devalue@<5.3.2: 5.3.2
@@ -59,13 +69,6 @@ overrides:
   which-typed-array: npm:@nolyfill/which-typed-array@^1.0.44
   yaml@>=2.0.0 <2.8.3: 2.8.3
   yauzl@<3.2.1: 3.2.1
-ignoredBuiltDependencies:
-  - canvas
-  - core-js-pure
-onlyBuiltDependencies:
-  - "@parcel/watcher"
-  - esbuild
-  - sharp
 catalog:
   "@amplitude/analytics-browser": 2.38.0
   "@amplitude/plugin-session-replay-browser": 1.27.5
@@ -149,7 +152,7 @@ catalog:
   agentation: 3.0.2
   ahooks: 3.9.7
   autoprefixer: 10.4.27
-  axios: ^1.14.0
+  axios: 1.14.0
   class-variance-authority: 0.7.1
   clsx: 2.1.1
   cmdk: 1.1.1