From a86e0f1b280562ceef1cf0a9c7c20db04bf21663 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Jan 2026 18:58:13 +0000
Subject: [PATCH] Bump vm2 from 3.9.19 to 3.10.3 in /web/server/vue-cli

Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.19 to 3.10.3.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.19...v3.10.3)

---
updated-dependencies:
- dependency-name: vm2
  dependency-version: 3.10.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 web/server/vue-cli/package-lock.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/web/server/vue-cli/package-lock.json b/web/server/vue-cli/package-lock.json
index 6d7066acfd..3f4e55fa95 100644
--- a/web/server/vue-cli/package-lock.json
+++ b/web/server/vue-cli/package-lock.json
@@ -16314,14 +16314,14 @@
       "dev": true
     },
     "node_modules/vm2": {
-      "version": "3.9.19",
-      "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.9.19.tgz",
-      "integrity": "sha512-J637XF0DHDMV57R6JyVsTak7nIL8gy5KH4r1HiwWLf/4GBbb5MKL5y7LpmF4A8E2nR6XmzpmMFQ7V7ppPTmUQg==",
-      "deprecated": "The library contains critical security issues and should not be used for production! The maintenance of the project has been discontinued. Consider migrating your code to isolated-vm.",
+      "version": "3.10.3",
+      "resolved": "https://registry.npmjs.org/vm2/-/vm2-3.10.3.tgz",
+      "integrity": "sha512-zJyUr2FPAj/jmnaHNPNX494wDvPzl3pnmmvxAqVJESQTd5wAju6n8nXiFVfCZXlCTRamR6N3lCJOdv6dM559mQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
-        "acorn": "^8.7.0",
-        "acorn-walk": "^8.2.0"
+        "acorn": "^8.14.1",
+        "acorn-walk": "^8.3.4"
       },
       "bin": {
         "vm2": "bin/vm2"