build(deps): bump the minor-patch group across 1 directory with 7 updates

[dependabot]

Bumps the minor-patch group with 7 updates in the /frontend directory:

Package	From	To
@sentry/react	10.43.0	10.45.0
@tailwindcss/vite	4.2.1	4.2.2
caniuse-lite	1.0.30001779	1.0.30001781
firebase	12.10.0	12.11.0
motion	12.36.0	12.38.0
tailwindcss	4.2.1	4.2.2
typescript-eslint	8.57.0	8.57.2

Updates @sentry/react from 10.43.0 to 10.45.0

Release notes

Sourced from @​sentry/react's releases.

10.45.0

Important Changes

• feat(remix): Server Timing Headers Trace Propagation (#18653)

  The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

• fix(cloudflare): Use correct env types for withSentry (#19836)
• fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
• fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
• fix(nextjs): Skip tracing for tunnel requests (#19861)
• fix(node-core): Recycle propagationContext for each request (#19835)
• ref(core): Simplify core utility functions for smaller bundle (#19854)

• chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
• ci(release): Switch from action-prepare-release to Craft (#18763)
• fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
• fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
• fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
• fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
• fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
• fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
• fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
• fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
• test(nextjs): Skip broken ISR tests (#19871)
• test(react): Add gql tests for react router (#19844)

Bundle size 📦

Path	Size
@​sentry/browser	24.93 KB
@​sentry/browser - with treeshaking flags	23.47 KB
@​sentry/browser (incl. Tracing)	41.51 KB
@​sentry/browser (incl. Tracing, Profiling)	46.07 KB
@​sentry/browser (incl. Tracing, Replay)	79.41 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	69.22 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	84 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	95.97 KB
@​sentry/browser (incl. Feedback)	41.35 KB
@​sentry/browser (incl. sendFeedback)	29.49 KB

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.45.0

Important Changes

• feat(remix): Server Timing Headers Trace Propagation (#18653)

  The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

• fix(cloudflare): Use correct env types for withSentry (#19836)
• fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
• fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
• fix(nextjs): Skip tracing for tunnel requests (#19861)
• fix(node-core): Recycle propagationContext for each request (#19835)
• ref(core): Simplify core utility functions for smaller bundle (#19854)

• chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
• ci(release): Switch from action-prepare-release to Craft (#18763)
• fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
• fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
• fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
• fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
• fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
• fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
• fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
• fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
• test(nextjs): Skip broken ISR tests (#19871)
• test(react): Add gql tests for react router (#19844)

10.44.0

Important Changes

• feat(effect): Add @sentry/effect SDK (Alpha) (#19644)

  This release introduces @sentry/effect, a new SDK for Effect.ts applications. The SDK provides Sentry integration via composable Effect layers for both Node.js and browser environments.

  Compose the effectLayer with optional tracing, logging, and metrics layers to instrument your Effect application:

  import * as Sentry from '@sentry/effect';
  import * as Layer from 'effect/Layer';

... (truncated)

Commits

• ef79d28 release: 10.45.0
• 28208bc Merge pull request #19877 from getsentry/prepare-release/10.45.0
• 2e2fd35 meta(changelog): Update changelog for 10.45.0
• 79241b0 fix(nextjs): Skip tracing for tunnel requests (#19861)
• 938ab2d ref(core): Simplify core utility functions for smaller bundle (#19854)
• 3bb4325 fix(core): Align error span status message with core SpanStatusType for lan...
• 3e5499a fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 an...
• 6f17b8a fix(cloudflare): Use correct env types for withSentry (#19836)
• b4b9e71 test(nextjs): Skip broken ISR tests (#19871)
• ae7206f feat(remix): Server Timing Headers Trace Propagation (#18653)
• Additional commits viewable in compare view

Updates @tailwindcss/vite from 4.2.1 to 4.2.2

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

Commits

• d596b0c 4.2.2 (#19821)
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• 59b0329 Add support for Vite 8 in @tailwindcss/vite (#19790)
• bf441a7 fix(vite): skip full reload for server only modules scanned by client css (#1...
• See full diff in compare view

Updates caniuse-lite from 1.0.30001779 to 1.0.30001781

Commits

• 311d8db Update caniuse-db 1.0.30001781
• da39da8 Update caniuse-db 1.0.30001780
• See full diff in compare view

Updates firebase from 12.10.0 to 12.11.0

Release notes

Sourced from firebase's releases.

firebase@12.11.0

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/ai@​2.10.0

Minor Changes

• 843a8d7 #9693 (fixes #9625) - Added responseJsonSchema to GenerationConfig.

Patch Changes

• Updated dependencies [2f7f426]:
  • @​firebase/util@​1.15.0
  • @​firebase/component@​0.7.2

@​firebase/data-connect@​0.5.0

Minor Changes

• 9d33dd6 #9614 - Add validateArgsWithOptions() to Data Connect (internal change, no need to add to public release notes).

Patch Changes

• 2f7f426 #9608 - Remove updateEmulatorBanner(). (No release note needed.)

• Updated dependencies [2f7f426]:

  • @​firebase/util@​1.15.0
  • @​firebase/component@​0.7.2

firebase@12.11.0

Minor Changes

• 9d33dd6 #9614 - Add validateArgsWithOptions() to Data Connect (internal change, no need to add to public release notes).

• 843a8d7 #9693 (fixes #9625) - Added responseJsonSchema to GenerationConfig.

• 78384d3 #9492 - Add support for array expressions arrayFirst, arrayFirstN,arrayLast,arrayLastN,arrayMinimum,arrayMinimumN,arrayMaximum,arrayMaximumN,arrayIndexOf, arrayLastIndexOf and arrayIndexOfAll

Patch Changes

• Updated dependencies [54ff05e, 9d33dd6, 843a8d7, a383770, 78384d3, 2f7f426]:
  • @​firebase/app@​0.14.10
  • @​firebase/firestore@​4.13.0
  • @​firebase/data-connect@​0.5.0
  • @​firebase/ai@​2.10.0
  • @​firebase/functions@​0.13.3
  • @​firebase/database@​1.1.2

... (truncated)

Commits

• 852957b Version Packages (#9727)
• ae8cf28 Merge main into release
• 843a8d7 feat(ai): Add responseJsonSchema (#9693)
• 9d33dd6 feat(data-connect): Add validateArgsWithOptions() (#9614)
• 891a0c9 update CODEOWNERs (#9724)
• 54ff05e fix(firestore): read and write user data on pipeline execute (#9715)
• c44bb9a test(firestore): add vscode debug config for enterprise lite (#9621)
• d7b1826 Fix syntax in Pipeline examples in TSDoc (#9712)
• a383770 fix: Workaround rollup terser-plugin's inconsistent property naming when usin...
• f44d826 firestore: improve documentation about CRUD promises and when they resolve (#...
• Additional commits viewable in compare view

Updates motion from 12.36.0 to 12.38.0

Changelog

Sourced from motion's changelog.

[12.38.0] 2026-03-16

Added

• Added layoutAnchor prop to configure custom anchor point for resolving relative projection boxes.

Fixed

• Reorder: Fix axis switching after window resize.
• Reorder: Fix with virtualised lists.
• AnimatePresence: Ensure children are removed when exit animation matches current values.

[12.37.0] 2026-03-16

Added

• Support for hardware accelerating "start" and "end" offsets in scroll and useScroll.
• Support for oklch, oklab, lab, lch, color, color-mix, light-dark color types.

Fixed

• Fix whileInView with client-side navigation.
• Fix draggable elements when layout updates due to surrounding element re-renders.
• Improved memory pressure of layout animations.
• Ensure motion value returned from useSpring reports correct isAnimating().

Commits

• 0bfc9fe v12.38.0
• 343cb0c Updating layoutAnchor
• ee99ad2 Updating changelog
• 062660b Updating changgelog
• 303da7d Updating readme
• b075adc Merge pull request #3647 from motiondivision/feat/layout-anchor
• f0991d6 Add missing layoutAnchor !== false guard in attemptToResolveRelativeTarget
• b5798e9 Merge pull request #3642 from motiondivision/worktree-fix-issue-3078
• 7686c19 Merge pull request #3636 from motiondivision/worktree-fix-issue-3061
• a95c487 Fix auto-scroll in reorder-virtualized test page
• Additional commits viewable in compare view

Updates tailwindcss from 4.2.1 to 4.2.2

Release notes

Sourced from tailwindcss's releases.

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

Changelog

Sourced from tailwindcss's changelog.

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

Commits

• d596b0c 4.2.2 (#19821)
• 2228a57 Bump Lightning CSS (#19771)
• f302fce Fix canonicalization resulting in empty list (#19812)
• bb2f170 Improve canonicalization for bare values exceeding default spacing scale sugg...
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• d5717f2 run prettier
• 51aa9d7 fix(canonicalize): handle utilities with empty property maps in collapse (#19...
• c586bd6 Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• 9ded4a2 Guard object lookups against inherited prototype properties (#19725)
• See full diff in compare view

Updates typescript-eslint from 8.57.0 to 8.57.2

Release notes

Sourced from typescript-eslint's releases.

v8.57.2

8.57.2 (2026-03-23)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127)
• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954)
• typescript-estree: skip createIsolatedProgram fallback for projectService (#12066, #12065)

❤️ Thank You

• Claude Opus 4.6
• Kirk Waiblinger @​kirkwaiblinger
• Konv Suu
• mdm317
• Newton Yuan @​NewtonYuan
• RyoheiYamamoto
• SungHyun627 @​SungHyun627
• Tamashoo @​Tamashoo

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.57.1

8.57.1 (2026-03-16)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] no report for property on intersection type (#12126)

❤️ Thank You

• Newton Yuan @​NewtonYuan

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.57.2 (2026-03-23)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.1 (2026-03-16)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• be4d54d chore(release): publish 8.57.2
• c7c38aa chore(release): publish 8.57.1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions