build(deps): bump the security group across 1 directory with 10 updates

[dependabot]

Bumps the security group with 9 updates in the /web directory:

Package	From	To
@tailwindcss/postcss	4.1.13	4.1.14
@netlify/functions	4.2.6	4.2.7
@netlify/vite-plugin	2.6.0	2.6.1
@tailwindcss/vite	4.1.13	4.1.14
@vitejs/plugin-react	5.0.3	5.0.4
eslint-plugin-react-refresh	0.4.22	0.4.23
typescript	5.9.2	5.9.3
vite	7.1.7	7.1.9
vite-plugin-static-copy	3.1.2	3.1.3

Updates @tailwindcss/postcss from 4.1.13 to 4.1.14

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Commits

• b67cbcf Prepare v4.1.14 release (#19037)
• b497e1e Add Upgrading from Tailwind CSS v… when running upgrade tool (#19026)
• 210575a Update dedent 1.6.0 → 1.7.0 (minor) (#19010)
• d0f7f82 Add plugin option documentation to the postcss plugin readme (#18940)
• 5b8136e Re-throw errors from PostCSS nodes (#18373)
• See full diff in compare view

Updates @netlify/functions from 4.2.6 to 4.2.7

Release notes

Sourced from @​netlify/functions's releases.

functions: v4.2.7

4.2.7 (2025-10-01)

Bug Fixes

• add extra types for ratelimiting (#464) (6d9fe05)

Commits

• 413ef5d chore: release main (#465)
• 6d9fe05 fix: add extra types for ratelimiting (#464)
• 3005530 chore: release main (#463)
• c6774c7 fix: set proper peer dependencies (#458)
• 146946c chore: release main (#461)
• 039f955 feat!: add spanProcessors property (#460)
• See full diff in compare view

Updates @netlify/vite-plugin from 2.6.0 to 2.6.1

Release notes

Sourced from @​netlify/vite-plugin's releases.

vite-plugin: v2.6.1

2.6.1 (2025-10-01)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.5.11 to 4.5.12

Commits

• 413ef5d chore: release main (#465)
• 6d9fe05 fix: add extra types for ratelimiting (#464)
• 3005530 chore: release main (#463)
• c6774c7 fix: set proper peer dependencies (#458)
• 146946c chore: release main (#461)
• 039f955 feat!: add spanProcessors property (#460)
• See full diff in compare view

Updates @tailwindcss/vite from 4.1.13 to 4.1.14

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Commits

• b67cbcf Prepare v4.1.14 release (#19037)
• 5a94f81 Use default export condition for @tailwindcss/vite (#18948)
• See full diff in compare view

Updates @vitejs/plugin-react from 5.0.3 to 5.0.4

Release notes

Sourced from @​vitejs/plugin-react's releases.

[email protected]

Perf: use native refresh wrapper plugin in rolldown-vite (#881)

Changelog

Sourced from @​vitejs/plugin-react's changelog.

5.0.4 (2025-09-27)

Perf: use native refresh wrapper plugin in rolldown-vite (#881)

Commits

• 450d7df release: [email protected]
• 8638845 feat(react): full bundle mode compat (#882)
• bd1487d perf(react): use native refresh wrapper plugin in rolldown-vite (#881)
• 80df894 docs: remove disableOxcRecommendation from plugin-react readme (#880)
• 608f266 chore(deps): update all non-major dependencies (#879)
• 3c2ebf8 fix(deps): update all non-major dependencies (#851)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitejs/plugin-react since your current version.

Updates eslint-plugin-react-refresh from 0.4.22 to 0.4.23

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.4.23

• Add "metadata", "generateMetadata" & "generateViewport" to allowExportNames in Next config

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.4.23

• Add "metadata", "generateMetadata" & "generateViewport" to allowExportNames in Next config

Commits

• 1d436ff More allowExportNames in Next config (fixes #90) [publish]
• See full diff in compare view

Updates tailwindcss from 4.1.13 to 4.1.14

Release notes

Sourced from tailwindcss's releases.

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Changelog

Sourced from tailwindcss's changelog.

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Commits

• b67cbcf Prepare v4.1.14 release (#19037)
• cc8fefc Update magic-string to version 0.30.19
• 210575a Update dedent 1.6.0 → 1.7.0 (minor) (#19010)
• c6e0a55 Ensure files with only @theme produce no output when built (#18979)
• 9a5bae2 Revert "Update all pnpm dependencies (2025-09-20) (#18971)"
• 42eadfd Update all pnpm dependencies (2025-09-20) (#18971)
• c2aab49 Bump Prettier (#18960)
• d1fd645 Proposal: Allow overwriting static utilities that have a namespace (#18056)
• 340b59d Do not generate grid-column when configuring grid-column-start or `grid-c...
• b7c7e48 Add @container-size utility (#18901)
• Additional commits viewable in compare view

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)
• fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

• npm

Commits

• c63de15 Bump version to 5.9.3 and LKG
• 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
• a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
• 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
• bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
• 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
• 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
• See full diff in compare view

Updates vite from 7.1.7 to 7.1.9

Release notes

Sourced from vite's releases.

v7.1.9

Please refer to CHANGELOG.md for details.

v7.1.8

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.1.9 (2025-10-03)

Reverts

• server: drain stdin when not interactive (#20885) (12d72b0)

7.1.8 (2025-10-02)

Bug Fixes

• css: improve url escape characters handling (#20847) (24a61a3)
• deps: update all non-major dependencies (#20855) (788a183)
• deps: update artichokie to 0.4.2 (#20864) (e670799)
• dev: skip JS responses for document requests (#20866) (6bc6c4d)
• glob: fix HMR for array patterns with exclusions (#20872) (63e040f)
• keep ids for virtual modules as-is (#20808) (d4eca98)
• server: drain stdin when not interactive (#20837) (bb950e9)
• server: improve malformed URL handling in middlewares (#20830) (d65a983)

Documentation

• create-vite: provide deno example (#20747) (fdb758a)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#20810) (ea68a88)
• deps: update rolldown-related dependencies (#20854) (4dd06fd)
• update url of create-react-app license (#20865) (166a178)

Commits

• 17e2517 release: v7.1.9
• 12d72b0 revert(server): drain stdin when not interactive (#20885)
• 8d12c8b release: v7.1.8
• 63e040f fix(glob): fix HMR for array patterns with exclusions (#20872)
• 24a61a3 fix(css): improve url escape characters handling (#20847)
• 6bc6c4d fix(dev): skip JS responses for document requests (#20866)
• 166a178 chore: update url of create-react-app license (#20865)
• d4eca98 fix: keep ids for virtual modules as-is (#20808)
• e670799 fix(deps): update artichokie to 0.4.2 (#20864)
• bb950e9 fix(server): drain stdin when not interactive (#20837)
• Additional commits viewable in compare view

Updates vite-plugin-static-copy from 3.1.2 to 3.1.3

Release notes

Sourced from vite-plugin-static-copy's releases.

[email protected]

Patch Changes

• #202 9388186 Thanks @​sapphi-red! - Switched to use trusted publisher to publish the package.

Changelog

Sourced from vite-plugin-static-copy's changelog.

3.1.3

Patch Changes

• #202 9388186 Thanks @​sapphi-red! - Switched to use trusted publisher to publish the package.

Commits

• f4da2cf chore: update versions (#203)
• 9388186 ci: use trusted publisher (#202)
• f5bc0f6 fix(deps): update all non-major dependencies (#200)
• ffc8441 chore(deps): update actions/setup-node action to v5 (#201)
• efbc0a1 chore(deps): update actions/checkout action to v5 (#198)
• c5581b5 chore(deps): update actions/download-artifact action to v5 (#199)
• 4548f79 ci: run tests against v* branches
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite-plugin-static-copy since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[replicated-ci]

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action