build(deps): bump the npm-all group across 1 directory with 15 updates

[dependabot]

Bumps the npm-all group with 15 updates in the /services/core/packages/webclient directory:

Package	From	To
dompurify	3.3.3	3.4.5
markdown-it	14.1.1	14.2.0
vue	3.5.32	3.5.34
vue-router	5.0.4	5.0.7
vuetify	3.12.5	4.0.7
@types/node	25.5.2	25.9.1
@vitejs/plugin-vue	6.0.5	6.0.7
eslint	10.2.0	10.4.0
eslint-config-vuetify	4.5.0	4.6.2
npm-run-all2	8.0.4	9.0.1
sass-embedded	1.99.0	1.100.0
typescript	6.0.2	6.0.3
unplugin-vue-components	32.0.0	32.1.0
vite	8.0.5	8.0.14
vue-tsc	3.2.6	3.3.2

Updates dompurify from 3.3.3 to 3.4.5

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.5

• Fixed a bypass caused by the new HTML element selectedcontent added in 3.4.4, thanks @​KabirAcharya

Note that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.

DOMPurify 3.4.4

• Added the selectedcontent element to default allow-list, thanks @​lukewarlow
• Added the command and commandfor attributes to default allowed-list, thanks @​lukewarlow
• Added better template scrubbing for IN_PLACE operations, thanks @​DEMON1A
• Added stronger checks for cross-realm windows, thanks @​DEMON1A & @​fg0x0
• Updated demo website and made sure it uses the latest from main
• Updated existing workflows, fuzzer, dependabot, etc., added more tests
• Bumped several dependencies where possible

🚨 This release had been flagged as deprecated, please use DOMPurify 3.4.5 instead 🚨

DOMPurify 3.4.3

• Fixed an issue with handling of nested Shadow DOM trees, thanks @​fishjojo1
• Fixed the template regexes to be more robust against ReDoS attacks, thanks @​aleung27
• Updated the node iteration code to catch more Shadow DOM related issues
• Updated Playwright and added Node 26 to test matrix
• Updated existing workflows, fuzzer, release signing, etc., added more tests
• Bumped several dependencies where possible

DOMPurify 3.4.2

• Fixed an issue with URI validation on attributes allowed via ADD_ATTR callback, thanks @​nelstrom
• Fixed an issue with source maps referring to non-existing files, thanks @​cmdcolin
• Updated existing workflows, fuzzer, release signing, etc., added more tests
• Bumped several dependencies where possible

DOMPurify 3.4.1

• Fixed an issue with on-handler stripping for HTML-spec-reserved custom element names (font-face, color-profile, missing-glyph, font-face-src, font-face-uri, font-face-format, font-face-name) under permissive CUSTOM_ELEMENT_HANDLING
• Fixed a case-sensitivity gap in the annotation-xml check that allowed mixed-case variants to bypass the basic-custom-element exclusion in XHTML mode
• Fixed SANITIZE_NAMED_PROPS repeatedly prefixing already-prefixed id and name values on subsequent sanitization
• Fixed the IN_PLACE root-node check to explicitly guard against non-string nodeName (DOM-clobbering robustness)
• Removed a duplicate slot entry from the default HTML attribute allow-list
• Strengthened the fast-check fuzz harness with explicit XSS invariants, an expanded seed-payload corpus, an additional idempotence property for SANITIZE_NAMED_PROPS, and a negative-control assertion ensuring the invariants actually fire
• Added regression and pinning tests covering the above fixes and two accepted-behavior contracts (SAFE_FOR_TEMPLATES greedy scrub, hook-added attribute handling)
• Extended CodeQL analysis to run on 3.x and 2.x maintenance branches

DOMPurify 3.4.0

Most relevant changes:

• Fixed a problem with FORBID_TAGS not winning over ADD_TAGS, thanks @​kodareef5
• Fixed several minor problems and typos regarding MathML attributes, thanks @​DavidOliver
• Fixed ADD_ATTR/ADD_TAGS function leaking into subsequent array-based calls, thanks @​1Jesper1
• Fixed a missing SAFE_FOR_TEMPLATES scrub in RETURN_DOM path, thanks @​bencalif
• Fixed a prototype pollution via CUSTOM_ELEMENT_HANDLING, thanks @​trace37labs
• Fixed an issue with ADD_TAGS function form bypassing FORBID_TAGS, thanks @​eddieran
• Fixed an issue with ADD_ATTR predicates skipping URI validation, thanks @​christos-eth

... (truncated)

Commits

• 011b0c7 release: 3.4.5 (#1382)
• 5817ad9 release: 3.4.4 (#1374)
• 520edb0 release: 3.4.3 (#1352)
• 6f67fd3 Sync/3.4.2 (#1322)
• 5b0cdbb chore: merge main into 3.x for 3.4.1 release (#1301)
• 09f5911 test: added three more browsers to test setup (OSX, mobile)
• 5b16e0b Getting 3.x branch ready for 3.4.0 release (#1250)
• See full diff in compare view

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates markdown-it from 14.1.1 to 14.2.0

Changelog

Sourced from markdown-it's changelog.

[14.2.0] - 2026-05-24

Added

• isPunctCharCode to utilities.

Fixed

• Don't end HTML comment blocks on a blank line, #1155.
• Properly recognize astral chars (surrogates) in delimiter scans for emphasis-like markers, #1072. Big thanks to @​tats-u for his global efforts with improving CJK support.
• Preserve unicode whitespaces when trimm headings/paragraphs, #1074.
• More strict entities decode to avoid false positives ;, #1096.
• Restore block parser state on fail in lheading rule, #1131.

Security

• Fixed poor smartquotes perfomance on > 70k quotes in single block
• Bumped linkify-it to 5.0.1 with fixed potential perfomance issues.

Commits

• 829797a 14.2.0 released
• 9ce2087 Fix smartquotes perfomance
• 02e73b8 linkify-it bump
• 68cfb8c fix: don't end HTML comment blocks on a blank line (#1155)
• 1083137 Readme cleanup
• 97c7ca2 Update funding info
• c471b55 Changelog update
• 7769621 isPunctChar => isPunctCharCode
• aa2aa70 fix: always reset parentType in lheading rule (#1131)
• 59955f2 Polish PRs #1072, #1074
• Additional commits viewable in compare view

Updates vue from 3.5.32 to 3.5.34

Release notes

Sourced from vue's releases.

v3.5.34

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.33

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.34 (2026-05-06)

Bug Fixes

• compiler-sfc: infer Vue ref wrapper types when source is unresolvable (#14758) (7f46fd4), closes #14729
• compiler-sfc: preserve hash hrefs on <image> elements (#14756) (090b2e3)
• compiler-sfc: resolve type re-exports inside declare global (#14766) (acfffe3)
• reactivity: prevent orphan effect when created in a stopped scope (#14778) (c8e2d4a), closes #14777
• runtime-core: avoid symbol coercion during props validation (#8539) (23d4fb5), closes #8487
• suspense: avoid DOM leak with out-in transition in v-if fragment (#14762) (9667e0d), closes #14761

3.5.33 (2026-04-22)

Bug Fixes

• compiler-sfc: handle nested :deep in selector pseudos (#14725) (bb9d265), closes #14724
• reactivity: unlink effect scopes on out-of-order off (#14734) (e7659be), closes #14733
• runtime-dom: preserve textarea resize dimensions (#14747) (11fb2fd), closes #14741
• teleport: don't move teleport children if not mounted (#14702) (6a61f44), closes #14701
• transition: preserve placeholder for conditional explicit default slots (#14748) (45990ce), closes #14727

Commits

• 57545e9 release: v3.5.34
• a3b2617 chore(deps): update dependency jsdom to ^29.1.1 (#14775)
• 23d4fb5 fix(runtime-core): avoid symbol coercion during props validation (#8539)
• 090b2e3 fix(compiler-sfc): preserve hash hrefs on \<image> elements (#14756)
• 9667e0d fix(suspense): avoid DOM leak with out-in transition in v-if fragment (#14762)
• c8e2d4a fix(reactivity): prevent orphan effect when created in a stopped scope (#14778)
• 7f46fd4 fix(compiler-sfc): infer Vue ref wrapper types when source is unresolvable (#...
• acfffe3 fix(compiler-sfc): resolve type re-exports inside declare global (#14766)
• a037385 chore(deps): update build (#14759)
• 0bc56ff chore(deps): update pnpm to v10.33.3 (#14760)
• Additional commits viewable in compare view

Updates vue-router from 5.0.4 to 5.0.7

Release notes

Sourced from vue-router's releases.

v5.0.7

   🚀 Features

• Upgrade to babel 8  -  by @​posva (8d3e6)
• Make defineParamParser() more intuitive  -  by @​posva (8715b)
• Upgrade @vue/devtools-api  -  by @​posva (87c3a)
• matcher: Hint at params: {} workaround in discarded params warning  -  by @​posva and shanliuling in vuejs/router#2689 (c2b13)
• param-parsers: Add include/exclude options  -  by @​posva (91cde)

   🐞 Bug Fixes

• matcher:
  • Finalize param token before processing escaped colon  -  by @​babu-ch and @​posva in vuejs/router#2654 (20521)
• query:
  • Use Object.create(null) to prevent prototype pollution  -  by @​wdskuki, wdsmini and @​posva in vuejs/router#2661 (be88c)
• resolve:
  • Omit empty optional params from resolved params  -  by @​babu-ch and @​posva in vuejs/router#2434 (1ef09)
• types:
  • Wire RouteNamedMap via generated routes.d.ts  -  by @​posva in vuejs/router#2700 (aef99)
• unplugin:
  • Avoid generating empty routes  -  by @​FrontEndDog and @​posva in vuejs/router#2642 (10a8b)
  • Apply definePage path-param parser overrides  -  by @​posva in vuejs/router#2699 (c8074)
• volar:
  • Drop runtime @vue/language-core import  -  by @​danielroe in vuejs/router#2710 (8af50)

    View changes on GitHub

v5.0.6

   🐞 Bug Fixes

• Missing closing quote in generated import  -  by @​zjy040525 and @​posva in vuejs/router#2688 (32f78)

    View changes on GitHub

v5.0.5

   🚀 Features

• Enable standard schema param parsers  -  by @​posva (ea8e3)
• Normalize param parsers once  -  by @​posva (48087)

   🐞 Bug Fixes

• Track definePage imports per-file to fix named view race condition  -  by @​posva (11191)
• Avoid double decoding hash on string location  -  by @​posva (1578c)

    View changes on GitHub

Commits

• ddd20c3 release: vue-router@5.0.7
• 91cdec3 feat(param-parsers): add include/exclude options
• 8af50c9 fix(volar): drop runtime @vue/language-core import (#2710)
• b840cd6 chore(ci): set least-privilege workflow token permissions (#2708)
• 51c1672 chore(release): use @​clack/prompts
• af77a7c chore: playground param type
• 641200a refactor(param-parsers): simplify defineParamParser
• 9b9896e chore: comments
• d41897b refactor: wip of defineParamParser
• 17d51fb chore: logs
• Additional commits viewable in compare view

Updates vuetify from 3.12.5 to 4.0.7

Release notes

Sourced from vuetify's releases.

v4.0.7

🔧 Bug Fixes

• VAlert: border opacity should win over theme variables (#22832) (d355443)
• VBtnToggle: correct background when active (79a3a8c), closes #22004
• VField: correct baseline alignment (#22812) (14fd872), closes #22648
• VList: invisibly focus first element after open (d153a6e), closes #22783
• VProgressLinear: correct calculation for filled chunks (642a27b), closes #22818
• VSelects: merge menuProps.contentClass (6749424), closes #22822
• VTreeview,VList: wire value-comparator into selection logic (#22841) (d5b4670), closes #22013

v4.0.6

🔧 Bug Fixes

• VBadge: do not accept clicks within disabled elements (996cd6e), closes #22172
• VField: pass color to icon-color if glow prop is true (#21547) (10125b7), closes #21388
• VOtpInput: remove semicolon from sass file (bf53f9e), closes #22798
• VSelectionControl: readonly should not suppress focus-visible (#22527) (ce234a8), closes #22513

🧪 Labs

• VVideo: avoid tooltip obstructing volume slider (add2a7e)
• VVideo: support VVideoControls as standalone component (aaf9cf5), closes #22529
• VVideo: show progress bar by default (1be0091)

v4.0.5

🔧 Bug Fixes

• SSR: avoid errors when rendering with latest Vue (#22764) (ecbe030), closes #22762
• types: support noUncheckedSideEffectImports (2098fb1), closes #22766
• useActivator: avoid closing hovered menu when tooltip hides (131e659), closes #22759
• VSnackbar: avoid blocking navigation (143ceaa), closes #18283

🧪 Labs

• VPie: shrink back hovered slices on mouseleave (1893748)

v4.0.4

🔧 Bug Fixes

• VCol: correct types for offset-* props (1cdd9c4), closes #22740
• VField: label transition on page with zoom (1fcad6b), closes #22747
• VSelect: prevent brief error state when clicking a menu item (7fec2d4), closes #22742

... (truncated)

Commits

• 5015ab8 chore(release): publish v4.0.7
• d5b4670 fix(VTreeview,VList): wire value-comparator into selection logic (#22841)
• d355443 fix(VAlert): border opacity should win over theme variables (#22832)
• d153a6e fix(VList): invisibly focus first element after open
• 6749424 fix(VSelects): merge menuProps.contentClass
• 14fd872 fix(VField): correct baseline alignment (#22812)
• e3b66d8 test: use vi.useFakeTimers in throttle tests (#22819)
• 642a27b fix(VProgressLinear): correct calculation for filled chunks
• 79a3a8c fix(VBtnToggle): correct background when active
• a87e731 chore(release): publish v4.0.6
• Additional commits viewable in compare view

Updates @types/node from 25.5.2 to 25.9.1

Commits

• See full diff in compare view

Updates @vitejs/plugin-vue from 6.0.5 to 6.0.7

Release notes

Sourced from @​vitejs/plugin-vue's releases.

plugin-vue@6.0.7

Please refer to CHANGELOG.md for details.

plugin-vue@6.0.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from @​vitejs/plugin-vue's changelog.

6.0.7 (2026-05-15)

Features

• use carets for @rolldown/pluginutils version (#776) (941b651)

Bug Fixes

• deps: update all non-major dependencies (#762) (9e825b8)
• deps: update all non-major dependencies (#774) (77dc8bc)

6.0.6 (2026-04-13)

Features

• plugin-vue: propagate multiRoot for template-only vapor components (#745) (9e07ae9)

Bug Fixes

• deps: update all non-major dependencies (#738) (050c996)

Miscellaneous Chores

• deps: update dependency rollup to ^4.59.0 (#749) (a0e1ef8)
• remove unused deps (#760) (6d834d8)

Commits

• f93aceb release: plugin-vue@6.0.7
• 941b651 feat: use carets for @rolldown/pluginutils version (#776)
• 77dc8bc fix(deps): update all non-major dependencies (#774)
• 9e825b8 fix(deps): update all non-major dependencies (#762)
• 51dbf4b release: plugin-vue@6.0.6
• 9e07ae9 feat(plugin-vue): propagate multiRoot for template-only vapor components (#745)
• 050c996 fix(deps): update all non-major dependencies (#738)
• 6d834d8 chore: remove unused deps (#760)
• a0e1ef8 chore(deps): update dependency rollup to ^4.59.0 (#749)
• See full diff in compare view

Updates eslint from 10.2.0 to 10.4.0

Release notes

Sourced from eslint's releases.

v10.4.0

Features

• 1a45ec5 feat: check sequence expressions in for-direction (#20701) (kuldeep kumar)
• 450040b feat: add includeIgnoreFile() to eslint/config (#20735) (Kirk Waiblinger)

Bug Fixes

• 544c0c3 fix: escape code path DOT labels in debug output (#20866) (Pixel998)
• 6799431 fix: update dependency @​eslint/config-helpers to ^0.6.0 (#20850) (renovate[bot])
• f078fef fix: handle non-array deprecated rule replacements (#20825) (xbinaryx)

Documentation

• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869) (Pavel)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865) (Kirk Waiblinger)
• 9084664 docs: Update README (GitHub Actions Bot)
• 9cc7387 docs: Update README (GitHub Actions Bot)
• 3d7b548 docs: Update README (GitHub Actions Bot)
• 191ec3c docs: Update README (GitHub Actions Bot)

Chores

• 6616856 chore: upgrade knip to v6 (#20875) (Pixel998)
• d13b084 ci: ensure auto-created PRs run CI (#20860) (lumir)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862) (dependabot[bot])
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863) (kuldeep kumar)
• 24db8cb test: add tests for SuppressionsService.save() (#20802) (kuldeep kumar)
• 2ef0549 chore: update ecosystem plugins (#20857) (github-actions[bot])
• a429791 ci: remove eslint-webpack-plugin types integration test (#20668) (Milos Djermanovic)
• 9e37386 chore: replace recast with range approach in code-sample-minimizer (#20682) (Copilot)
• 0dd1f9f test: disable warning for vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER (#20845) (Francesco Trotta)
• 9da3c7b refactor: remove deprecated meta.language and migrate meta.dialects (#20716) (Pixel998)
• 2099ed1 refactor: add meta.defaultOptions to more rules, enable linting (#20800) (xbinaryx)
• f1dfbc9 chore: update ecosystem plugins (#20836) (github-actions[bot])
• c759413 ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (#20843) (dependabot[bot])
• 5b817d6 test: add unit tests for lib/shared/ast-utils (#20838) (kuldeep kumar)
• 1c13ae3 test: add unit tests for lib/shared/severity (#20835) (kuldeep kumar)

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)

... (truncated)

Commits

• 452c401 10.4.0
• b6417e8 Build: changelog update for 10.4.0
• 6616856 chore: upgrade knip to v6 (#20875)
• d13b084 ci: ensure auto-created PRs run CI (#20860)
• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862)
• 544c0c3 fix: escape code path DOT labels in debug output (#20866)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865)
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863)
• 9084664 docs: Update README
• Additional commits viewable in compare view

Updates eslint-config-vuetify from 4.5.0 to 4.6.2

Release notes

Sourced from eslint-config-vuetify's releases.

v4.6.2

No significant changes

    View changes on GitHub

v4.6.1

   🐞 Bug Fixes

• vue: Use :multi-line pseudo-class for padding-line-between-tags  -  by @​johnleider (305e9)

    View changes on GitHub

v4.6.0

   🚀 Features

• vue: Enforce blank lines between multiline sibling tags  -  by @​johnleider (415c1)

    View changes on GitHub

Commits

• a99becf chore: release v4.6.2
• 6b11bdc chore(deps): update dependencies to latest
• 7a06c14 build(deps): bump defu from 6.1.4 to 6.1.7 (#54)
• 5d31605 chore: release v4.6.1
• 305e973 fix(vue): use :multi-line pseudo-class for padding-line-between-tags
• 5d1d1df chore: release v4.6.0
• 415c168 feat(vue): enforce blank lines between multiline sibling tags
• 94c54a1 chore: clean up TypeScript diagnostics
• See full diff in compare view

Updates npm-run-all2 from 8.0.4 to 9.0.1

Release notes

Sourced from npm-run-all2's releases.

v9.0.1

Merged

• fix: update help.js to include --node-run option details [#230](https://github.com/bcomnes/npm-run-all2/issues/230)

v9.0.0

Breaking changes

• ESM only
• engines.node: "^22.22.2 || ^24.15.0 || >=26.0.0",
• Empty glob patters no longer throw an error bcomnes/npm-run-all2#226
• Fully type checked with published types

New features

• node --run mode: bcomnes/npm-run-all2#225
• More colors: bcomnes/npm-run-all2#222

Merged

• Add more colors based on terminal capabilities [#222](https://github.com/bcomnes/npm-run-all2/issues/222)
• Upgrade: Bump releasearoni from 0.1.14 to 0.2.0 [#227](https://github.com/bcomnes/npm-run-all2/issues/227)
• Breaking change: Glob patterns that match no tasks now succeed silently [#226](https://github.com/bcomnes/npm-run-all2/issues/226)
• Add -x / --node-run flag to bypass the package manager [#225](https://github.com/bcomnes/npm-run-all2/issues/225)
• Remove redundant build call from prepublishOnly [#224](https://github.com/bcomnes/npm-run-all2/issues/224)
• Whitelist files to include in npm package [#199](https://github.com/bcomnes/npm-run-all2/issues/199)
• Fix jsdoc types and use tsc for type safety checks [#220](https://github.com/bcomnes/npm-run-all2/issues/220)
• Upgrade: Bump codecov/codecov-action from 5 to 6 [#215](https://github.com/bcomnes/npm-run-all2/issues/215)
• Update SECURITY.md with new reporting process [#201](https://github.com/bcomnes/npm-run-all2/issues/201)
• Upgrade: Bump actions/checkout from 5 to 6 [#200](https://github.com/bcomnes/npm-run-all2/issues/200)
• Upgrade: Bump actions/setup-node from 5 to 6 [#196](https://github.com/bcomnes/npm-run-all2/issues/196)
• Upgrade: Bump github/codeql-action from 3 to 4 [#195](https://github.com/bcomnes/npm-run-all2/issues/195)
• Upgrade: Bump actions/setup-node from 4 to 5 [#192](https://github.com/bcomnes/npm-run-all2/issues/192)
• Upgrade: Bump actions/checkout from 4 to 5 [#191](https://github.com/bcomnes/npm-run-all2/issues/191)
• chore: fix typo in test [#185](https://github.com/bcomnes/npm-run-all2/issues/185)
• refactor: use optional chain for better readability [#184](https://github.com/bcomnes/npm-run-all2/issues/184)

Fixed

• Breaking change: Glob patterns that match no tasks now succeed silently (#226) [#149](https://github.com/bcomnes/npm-run-all2/issues/149)
• Add -x / --node-run flag to use node --run instead of the package manager [#155](https://github.com/bcomnes/npm-run-all2/issues/155)
• docs: clarify glob pattern execution order guarantee [#167](https://github.com/bcomnes/npm-run-all2/issues/167)

Commits

• Add node-run smoke tests f4ac667
• Implement releasaroni for the release process 6a2baff
• Use shared publishing action b6a39a6

... (truncated)

Changelog

Sourced from npm-run-all2's changelog.

v9.0.1

Merged

• fix: update help.js to include --node-run option details [#230](https://github.com/bcomnes/npm-run-all2/issues/230)

v9.0.0 - 2026-05-19

Merged

• Add more colors based on terminal capabilities [#222](https://github.com/bcomnes/npm-run-all2/issues/222)
• Upgrade: Bump releasearoni from 0.1.14 to 0.2.0 [#227](https://github.com/bcomnes/npm-run-all2/issues/227)
• Breaking change: Glob patterns that match no tasks now succeed silently [#226](https://github.com/bcomnes/npm-run-all2/issues/226)
• Add -x / --node-run flag to bypass the package manager [#225](https://github.com/bcomnes/npm-run-all2/issues/225)
• Remove redundant build call from prepublishOnly