Fix React Native postcss audit

[ChiragAgg5k]

Summary

• add a React Native postcss override to resolve GHSA-qx2v-qp2m-jg93
• regenerate the React Native package lock template with the patched postcss resolution

Testing

• docker run --rm -v $(pwd):/app -w /app php:8.3-cli php example.php react-native client
• composer lint-twig
• npm ci (in examples/react-native)
• npm audit (in examples/react-native)
• npm run build (in examples/react-native)

[greptile-apps]

Greptile Summary

This PR adds a postcss: ^8.5.12 entry to the npm overrides in package.json.twig to force resolution of GHSA-qx2v-qp2m-jg93 (a ReDoS in nanoid reachable via postcss 8.4.x's nanoid ^3.3.7 pin), and regenerates the lock file template accordingly. The lock file also picks up patch-level bumps to baseline-browser-mapping, caniuse-lite, plist, and terser.

Confidence Score: 5/5

Safe to merge — targeted security fix with no functional changes.

The change is a minimal, well-scoped security patch: one override line added to package.json.twig and the corresponding lock file regeneration. All version bumps in the lock file are patch-level and consistent with the override. No logic changes are introduced.

No files require special attention.

Important Files Changed

Filename	Overview
templates/react-native/package.json.twig	Adds postcss: ^8.5.12 to the npm overrides section to force a patched version and resolve GHSA-qx2v-qp2m-jg93 (nanoid ReDoS via transitive postcss dependency).
templates/react-native/package-lock.json.twig	Lock file regenerated to reflect postcss 8.5.12 (was 8.4.49) and its updated nanoid ^3.3.11 pin; also bumps baseline-browser-mapping, caniuse-lite, plist, and terser to latest patch releases.

_{Reviews (1): Last reviewed commit: "Fix React Native postcss audit" | Re-trigger Greptile}