skip devalue vulnerability

Author: mydea

.github/dependency-review-config.yml

@@ -9,3 +9,5 @@ allow-ghsas:
   - GHSA-v784-fjjh-f8r4
   # Next.js Cache poisoning - We require a vulnerable version for E2E testing
   - GHSA-gp8f-8m3g-qvj9
+  # devalue vulnerability - this is just used by nuxt & astro as transitive dependency
+  - GHSA-vj54-72f3-p5jv