deps(npm): bump vue-router from 4.6.3 to 5.0.4 in /frontend/taskdeck-web

[dependabot]

Bumps vue-router from 4.6.3 to 5.0.4.

Release notes

Sourced from vue-router's releases.

v5.0.4

   🐞 Bug Fixes

• Avoid iterator helpers for Node 20 compat  -  by @​cwandev in vuejs/router#2635 (47130)
• Escape backslahes in string literals  -  by @​posva (71fdb)
• Avoid false duplicate route warning for named views  -  by @​posva (72012)
• Allow pushing to auto routes  -  by @​posva (47f03)
• loaders: Restore context in sequential awaits  -  by @​posva (fce5d)

    View changes on GitHub

v5.0.3

   🚨 Breaking Changes

• experimental:
  • Make miss() throw internally and return never  -  by @​posva (077e1)
  • Add reroute() and deprecate NavigationResult  -  by @​posva (308db)
  • Remove selectNavigationResult  -  by @​posva (9e88a)

   🚀 Features

• Support _parent in nested folders  -  by @​posva (0a37f)
• Warn on _parent conflict  -  by @​posva (182fe)
• Set _parent as non matchable by default  -  by @​posva (8f91c)
• Warn on conflicting components for routes  -  by @​posva (34ace)
• Use type module  -  by @​posva (dc9ff)
• Add deprecation warning for next() callback in navigation guards  -  by @​posva (797f5)
• Extract alias from definePage  -  by @​posva (835df)
• Display aliases in logs  -  by @​posva (7aa60)
• Deprecate new NavigationResult(to) in favor of reroute(to)  -  by @​posva (382e3)
• experimental:
  • Handle aliasOf in resolvers  -  by @​posva (8fe45)
  • Generate aliases from override in resolver  -  by @​posva (a00ac)
  • Warn against non absolute aliases  -  by @​posva (476c6)

   🐞 Bug Fixes

• Avoid non matchable routes in auto-routes  -  by @​posva (48649)
• Handle quotes in d.ts  -  by @​posva (d7764)
• Avoid route entry in map for _parent  -  by @​posva (1dfcc)
• Handle nested groups  -  by @​posva (4a4be)
• Stable route ordering for group folders with same path  -  by @​posva (1db94)
• Correct route ordering for group nodes with inflated scores  -  by @​posva (515f4)
• Cleanup old route overrides  -  by @​posva (b28a7)
• Remove name from _parent.vue files  -  by @​posva (6e8f1)
• ci:
  • Format sponsor files before change detection  -  by @​posva (f68d6)
  • Use manual git commit in update-sponsors  -  by @​posva (8ee99)
• experimental:
  • Resolve TS errors in resolver/router type hierarchy  -  by @​posva (a86f1)

... (truncated)

Commits

• 7f32e99 release: vue-router@5.0.4
• 9036228 docs: typos (#2651)
• 47f0334 fix: allow pushing to auto routes
• ad6ba73 docs: no auto import section
• f6923a5 build: include link and view in size computation
• fce5d1e fix(loaders): restore context in sequential awaits
• 9ab4cbf refactor: rename var
• d030f2a chore: playground
• 7b3dc27 docs(zh): add file-based routing related configuration documentation (#2643)
• 0a01948 chore: hide route details in playground
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vue-router since your current version.

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[Chris0Jeky]

Closing: vue-router@5.0.4 introduces a transitive dependency on picomatch@4.0.3 which has a high-severity ReDoS vulnerability (flagged by Dependency Review CI). Will revisit once picomatch publishes a patched release.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.