feat!: update workbox to 7.3.0

[userquin]

Description

This PR also includes:

• fix Rollup build XSS vulnerability (CVE-2024-43788): removed rollup from dev dependencies adding it to "pnpm.overrides"
• use node:module to fix Dynamic require of "workbox-build" error

With this PR the plugin can still be used with Vite 3.

supersedes #759

Linked Issues

resolves #667 resolves #758

Additional Context

---

[!TIP] The author of this PR can publish a preview release by commenting /publish below.

[netlify[bot]]

✅ Deploy Preview for vite-plugin-pwa-legacy ready!

Name	Link
🔨 Latest commit	5feb7a1f3ceff1fe74352b4c677c20bf0233bd62
🔍 Latest deploy log	https://app.netlify.com/sites/vite-plugin-pwa-legacy/deploys/67332e362f55ba0008723e5e
😎 Deploy Preview	https://deploy-preview-781--vite-plugin-pwa-legacy.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[userquin]

/publish

[pkg-pr-new[bot]]

pnpm add https://pkg.pr.new/vite-plugin-pwa@781

commit: 5feb7a1

[jochen-lise]

Hello, the release of this PR (0.21.0) is marked with a breaking change. What exactly is breaking? So I can check if i have to adjust something in my project. I am not into workbox etc so i dont see it from just the dependency update.

edit: ah i think i found it over in workbox as you jump from 6.5 to 7.3:

Workbox v7.0.0 ⚠️ Breaking changes

Minimum required version Node 16

[userquin]

rollup version updated to fix XSS vulnerability

[jochen-lise]

Sorry if I'm making an extra effort, but I don't understand. Can you explain to me what the breaking change is and whether I have to pay attention to anything as a user of the plugin?

[userquin]

Rollup removed in this PR and workbox changed the rollup version to fix the vulnerability (also Vite), if you're not using rollup in your app directly you can just update dependencies, it should work