fix: 修复 Dependabot 安全告警，升级间接依赖版本

通过 pnpm overrides 强制升级以下间接依赖：
- vite >=7.3.2 (High: 路径遍历、文件读取、fs.deny 绕过)
- dompurify >=3.3.2 (Medium: XSS、URI 验证绕过)
- lodash-es >=4.18.0 (High: 代码注入、原型污染)
- @xmldom/xmldom >=0.9.9 (High: XML 注入)
- picomatch >=4.0.4 (High: ReDoS、方法注入)
- immutable >=5.1.5 (High: 原型污染)
- markdown-it >=14.1.1 (Medium: ReDoS)

Author: Snailclimb

package.json

@@ -7,11 +7,17 @@
   "author": "Guide",
   "pnpm": {
     "overrides": {
-      "vite": ">=7.0.8",
+      "vite": ">=7.3.2",
       "undici": ">=7.24.6",
       "mdast-util-to-hast": ">=13.2.1",
       "markdownlint-cli2>js-yaml": ">=4.1.1",
-      "rollup": ">=4.59.0"
+      "rollup": ">=4.59.0",
+      "dompurify": ">=3.3.2",
+      "lodash-es": ">=4.18.0",
+      "@xmldom/xmldom": ">=0.9.9",
+      "picomatch": ">=4.0.4",
+      "immutable": ">=5.1.5",
+      "markdown-it": ">=14.1.1"
     }
   },
   "scripts": {