build(deps): bump the security group across 1 directory with 8 updates

[dependabot]

Bumps the security group with 7 updates in the /web directory:

Package	From	To
@tailwindcss/postcss	4.1.16	4.1.17
@tanstack/react-query	5.90.5	5.90.7
@eslint/js	9.39.0	9.39.1
@netlify/vite-plugin	2.7.8	2.7.11
@tailwindcss/vite	4.1.16	4.1.17
eslint	9.39.0	9.39.1
typescript-eslint	8.46.2	8.46.3

Updates @tailwindcss/postcss from 4.1.16 to 4.1.17

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Commits

• e9c9c4f Release v4.1.17 (#19272)
• See full diff in compare view

Updates @tanstack/react-query from 5.90.5 to 5.90.7

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-persist-client@​5.90.7

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.4
  • @​tanstack/react-query@​5.90.5

@​tanstack/react-query@​5.90.7

Patch Changes

• Updated dependencies [b4cd121]:
  • @​tanstack/query-core@​5.90.7

@​tanstack/react-query-persist-client@​5.90.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.3
  • @​tanstack/react-query@​5.90.4

@​tanstack/react-query@​5.90.6

Patch Changes

• Updated dependencies [1638c02]:
  • @​tanstack/query-core@​5.90.6

Changelog

Sourced from @​tanstack/react-query's changelog.

5.90.7

Patch Changes

• Updated dependencies [b4cd121]:
  • @​tanstack/query-core@​5.90.7

5.90.6

Patch Changes

• Updated dependencies [1638c02]:
  • @​tanstack/query-core@​5.90.6

Commits

• ea0ab4d ci: Version Packages (#9848)
• c23b4a0 ci: Version Packages (#9834)
• See full diff in compare view

Updates @eslint/js from 9.39.0 to 9.39.1

Release notes

Sourced from @​eslint/js's releases.

v9.39.1

Bug Fixes

• 650753e fix: Only pass node to JS lang visitor methods (#20283) (Nicholas C. Zakas)

Documentation

• 51b51f4 docs: add a section on when to use extends vs cascading (#20268) (Tanuj Kanti)
• b44d426 docs: Update README (GitHub Actions Bot)

Chores

• 92db329 chore: update @eslint/js version to 9.39.1 (#20284) (Francesco Trotta)
• c7ebefc chore: package.json update for @​eslint/js release (Jenkins)
• 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275) (renovate[bot])
• d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266) (唯然)
• 009e507 test: fix version tests for ESLint v10 (#20274) (Milos Djermanovic)

Commits

• c7ebefc chore: package.json update for @​eslint/js release
• See full diff in compare view

Updates @netlify/vite-plugin from 2.7.8 to 2.7.11

Release notes

Sourced from @​netlify/vite-plugin's releases.

vite-plugin: v2.7.11

2.7.11 (2025-11-06)

Bug Fixes

• ignore SPA redirect in dev mode to allow Vite to take over (#514) (510642b)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.7.0 to 4.7.1

vite-plugin: v2.7.10

2.7.10 (2025-11-05)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.6.8 to 4.7.0
    • @​netlify/dev-utils bumped from ^4.3.0 to ^4.3.1

vite-plugin: v2.7.9

2.7.9 (2025-11-04)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.6.7 to 4.6.8

Changelog

Sourced from @​netlify/vite-plugin's changelog.

2.7.11 (2025-11-06)

Bug Fixes

• ignore SPA redirect in dev mode to allow Vite to take over (#514) (510642b)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.7.0 to 4.7.1

2.7.10 (2025-11-05)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.6.8 to 4.7.0
    • @​netlify/dev-utils bumped from ^4.3.0 to ^4.3.1

2.7.9 (2025-11-04)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​netlify/dev bumped from 4.6.7 to 4.6.8

Commits

• e70ad54 chore: release main (#523)
• 510642b fix: ignore SPA redirect in dev mode to allow Vite to take over (#514)
• cff2b66 chore: release main (#518)
• d375d48 chore: release main (#511)
• 70e2741 Refactor: Update package.json repository fields (#509)
• See full diff in compare view

Updates @tailwindcss/vite from 4.1.16 to 4.1.17

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Commits

• e9c9c4f Release v4.1.17 (#19272)
• See full diff in compare view

Updates eslint from 9.39.0 to 9.39.1

Release notes

Sourced from eslint's releases.

v9.39.1

Bug Fixes

• 650753e fix: Only pass node to JS lang visitor methods (#20283) (Nicholas C. Zakas)

Documentation

• 51b51f4 docs: add a section on when to use extends vs cascading (#20268) (Tanuj Kanti)
• b44d426 docs: Update README (GitHub Actions Bot)

Chores

• 92db329 chore: update @eslint/js version to 9.39.1 (#20284) (Francesco Trotta)
• c7ebefc chore: package.json update for @​eslint/js release (Jenkins)
• 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275) (renovate[bot])
• d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266) (唯然)
• 009e507 test: fix version tests for ESLint v10 (#20274) (Milos Djermanovic)

Commits

• e277281 9.39.1
• 4cdf397 Build: changelog update for 9.39.1
• 92db329 chore: update @eslint/js version to 9.39.1 (#20284)
• c7ebefc chore: package.json update for @​eslint/js release
• 650753e fix: Only pass node to JS lang visitor methods (#20283)
• 51b51f4 docs: add a section on when to use extends vs cascading (#20268)
• 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275)
• d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266)
• 009e507 test: fix version tests for ESLint v10 (#20274)
• b44d426 docs: Update README
• See full diff in compare view

Updates tailwindcss from 4.1.16 to 4.1.17

Release notes

Sourced from tailwindcss's releases.

v4.1.17

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Changelog

Sourced from tailwindcss's changelog.

[4.1.17] - 2025-11-06

Fixed

• Substitute @variant inside legacy JS APIs (#19263)
• Prevent occasional crash on Windows when loaded into a worker thread (#19242)

Commits

• e9c9c4f Release v4.1.17 (#19272)
• dc6a3ce Substitute @variant inside utilities (#19263)
• e71e70e Update magic-string 0.30.19 → 0.30.21 (minor) (#19238)
• See full diff in compare view

Updates typescript-eslint from 8.46.2 to 8.46.3

Release notes

Sourced from typescript-eslint's releases.

v8.46.3

8.46.3 (2025-11-03)

🩹 Fixes

• eslint-plugin: [no-misused-promises] expand union type to retrieve target property (#11706)
• eslint-plugin: [no-duplicate-enum-values] support signed numbers (#11722, #11723)

❤️ Thank You

• Evgeny Stepanovych @​undsoft
• tao

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.46.3 (2025-11-03)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• d9f3497 chore(release): publish 8.46.3
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cursor]

Bug: Tailwind Version Mismatch: Inconsistent Installations

Version mismatch between tailwindcss in devDependencies (^4.1.13) and the updated Tailwind packages. The lock file installs tailwindcss 4.1.17 to satisfy dependencies from @tailwindcss/postcss (4.1.17), @tailwindcss/vite (4.1.17), and @tailwindcss/node (4.1.17), but package.json still specifies ^4.1.13. This mismatch can cause inconsistent installations across environments and unexpected behavior when the lock file is regenerated.

 

[replicated-ci]

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action