chore(deps-dev): bump the frontend group across 1 directory with 4 updates

[dependabot]

Bumps the frontend group with 4 updates in the /client directory: @tauri-apps/cli, @vitejs/plugin-react, eslint and vite.

Updates @tauri-apps/cli from 2.11.2 to 2.11.3

Release notes

Sourced from @​tauri-apps/cli's releases.

@​tauri-apps/cli v2.11.3

[2.11.3]

Bug Fixes

• 50b0237ed (#15549 by @​Legend-Master) Escape special characters in productName when generating Android strings.xml

• 728c8d4a5 (#15473 by @​Legend-Master) Skip building bundles when using tauri android run

• be0cb0d43 (#15344 by @​raglady) Fix NDK_HOME environment variable not honored when set

• ed8fd411f (#15552 by @​Legend-Master) Make ureq_proto show trace level logs only on -vvv instead of -vv

• fca4a31f9 (#15454 by @​fallintoplace) Fix tauri migrate generating invalid namespace imports for aliased pluginified imports from @tauri-apps/api.

  Inputs like import { cli as superCli } from "@tauri-apps/api" now migrate to import * as superCli from "@tauri-apps/plugin-cli" instead of producing invalid ESM syntax. The migration tests also reparse migrated JS, Svelte, and Vue output so syntax regressions are caught directly.

Dependencies

• Upgraded to tauri-cli@2.11.3

Commits

• 6f6ab12 apply version updates (#15409)
• 728c8d4 fix(cli): skip building bundles when using tauri android run (#15473)
• e25f45c refactor: remove impl clone on inner menus (#15553)
• fbcf1b0 chore(deps): update dependency eslint-plugin-security to v4.0.1 (#15545)
• 828f710 fix(cli): respect src/bin required-features (fix: #15325) (#15427)
• ed8fd41 chore(cli): lesser verbose ureq_proto log (#15552)
• 50b0237 fix(android): escape special characters in strings.xml (#15549)
• 800223d docs: fix some missing and wrong docs (#15548)
• 5075c81 fix: check is_maximizable in internal_toggle_maximize (#15550)
• 532c22a chore(deps-dev): bump vite from 8.0.5 to 8.0.16 (#15547)
• Additional commits viewable in compare view

Updates @vitejs/plugin-react from 6.0.2 to 6.0.3

Changelog

Sourced from @​vitejs/plugin-react's changelog.

6.0.3 (2026-06-23)

Commits

• 640fd35 release: plugin-react@6.0.3
• 889efb0 fix(deps): update all non-major dependencies (#1249)
• 6c57dd4 fix(plugin-react): use '/' base in bundledDev preamble to fix non-root base p...
• 3cc33a7 fix(deps): update react-related dependencies (#1245)
• c0f7c7f docs: mention the Biome rule in the "Consistent components exports" section (...
• cd80f0f fix(deps): update all non-major dependencies (#1241)
• e38acca fix(deps): update all non-major dependencies (#1227)
• 9a9bb26 perf(react): improve react compiler preset so that slightly more modules are ...
• See full diff in compare view

Updates eslint from 10.5.0 to 10.6.0

Release notes

Sourced from eslint's releases.

v10.6.0

Features

• b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981) (Taejin Kim)
• f291007 feat: add checkRelationalComparisons to no-constant-binary-expression (#20948) (sethamus)

Bug Fixes

• 6b05784 fix: prefer-exponentiation-operator invalid autofix at statement start (#20997) (Milos Djermanovic)
• bb9eb2a fix: account for shadowed Boolean in no-extra-boolean-cast (#21013) (den$)
• 8fd8741 fix: don't report shadowed undefined in radix rule (#21011) (Pixel)
• 5784980 fix: don't report shadowed undefined in no-throw-literal (#21010) (Pixel)
• 9cd1e6d fix: suppress invalid class suggestion in no-promise-executor-return (#21008) (Pixel)
• d4eb2dc fix: don't report shadowed undefined in prefer-promise-reject-errors (#21006) (Pixel)
• 2360464 fix: prefer-promise-reject-errors false positives for shadowed Promise (#21003) (den$)
• 63d52d2 fix: restore max-classes-per-file report range (#21002) (Pixel)
• 7feaff0 fix: callback detection logic for IIFEs in max-nested-callbacks (#20979) (fnx)
• 399a2ec fix: don't report inner non-callbacks in max-nested-callbacks (#20995) (Milos Djermanovic)

Documentation

• a83683d docs: Update README (GitHub Actions Bot)
• f5449f9 docs: document userland patterns for global assertionOptions in RuleT… (#20986) (playgirl)
• bea49f7 docs: Update README (GitHub Actions Bot)
• e5f70f9 docs: update code-path diagrams (#20984) (Tanuj Kanti)
• 8890c2d docs: add TypeScript config guidance for MCP server (#20796) (Pierluigi Lenoci)
• 3eb3d9b docs: Update README (GitHub Actions Bot)
• c5bb59c docs: Update README (GitHub Actions Bot)
• eb3c97c docs: fix grammar in prefer-const rule description (#20983) (lumir)

Chores

• 6a42034 ci: run ecosystem tests on main branch (#20891) (sethamus)
• 3dbacdb ci: bump actions/checkout from 6 to 7 (#21014) (dependabot[bot])
• c3abfca chore: correct JSDoc param types in html formatter (#21018) (Minseon Kim)
• a832320 ci: split ecosystem tests into separate jobs (#21001) (xbinaryx)
• 27166e7 chore: update ecosystem plugins (#21005) (ESLint Bot)
• 865d76e ci: bump pnpm/action-setup from 6.0.8 to 6.0.9 (#20989) (dependabot[bot])
• 27a88c9 chore: update dependency markdown-it to v14 in root (#20994) (Milos Djermanovic)
• 970cea6 chore: update dependency markdown-it to v14 (#20993) (Milos Djermanovic)
• b482120 chore: update dependency prettier to v3.8.4 (#20990) (renovate[bot])
• 6993fb3 chore: update ecosystem plugins (#20985) (ESLint Bot)

Commits

• 5d12a04 10.6.0
• f7ca54b Build: changelog update for 10.6.0
• 6a42034 ci: run ecosystem tests on main branch (#20891)
• b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981)
• 3dbacdb ci: bump actions/checkout from 6 to 7 (#21014)
• c3abfca chore: correct JSDoc param types in html formatter (#21018)
• a83683d docs: Update README
• a832320 ci: split ecosystem tests into separate jobs (#21001)
• 6b05784 fix: prefer-exponentiation-operator invalid autofix at statement start (#20997)
• bb9eb2a fix: account for shadowed Boolean in no-extra-boolean-cast (#21013)
• Additional commits viewable in compare view

Updates vite from 8.0.16 to 8.1.0

Release notes

Sourced from vite's releases.

create-vite@8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0

Please refer to CHANGELOG.md for details.

v8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0-beta.0

Please refer to CHANGELOG.md for details.

v8.1.0-beta.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.0 (2026-06-23)

Features

• extend server.fs.deny list with common files (#22707) (61ba8fd)
• update rolldown to 1.1.2 (#22695) (4f008a6)
• use ~ for Rolldown (#22693) (9928722)

Bug Fixes

• bundled-dev: errors should be kept when incremental build fails (#22617) (9a0dd48)
• cache falsy values in perEnvironmentState (#22715) (0e91e79)
• glob: respect caseSensitive option in hmr matcher (#22711) (65f525e)
• html: omit nonce on import map when cspNonce is unset (#22713) (8340bb5)
• optimizer: skip null-valued exports in expandGlobIds glob resolution (#22611) (8b9f5cd)
• resolved build options should be kept as a getter (#22691) (3527191)
• server: handle malformed URI in memory files middleware (#22714) (df9e0a5)
• use literal envPrefix queries for Vite Task (#22706) (da72733)
• warn on deprecated envFile (#22555) (ed7b283)

Code Refactoring

• client: inline dev-id value in CSS selector (#22736) (57f59bc)
• remove unused removeRawQuery util (#22724) (403cc60)
• use rolldownOptions property for chunkImportMap (#22692) (8e8816c)

8.1.0-beta.0 (2026-06-15)

Features

• import.meta.glob support caseSensitive option (#21707) (2ad6737)
• add warning to discourage Vite with yarn pnp (#21906) (3fbb55a)
• build: chunk importmap (#21580) (e180312)
• css: support lightningcss plugin dependency (#21748) (0b7aaed)
• deps: bump @​vitejs/devtools peer dependency version (#22542) (d2c2bc0)
• html: add html.additionalAssetSources option (#21412) (a41404b)
• integrate with Vite Task for zero-config build caching (#22453) (f8d75f7)
• rename server.hmr options to server.ws options (#21357) (9ce3036)
• server: support multiple hosts in __VITE_ADDITIONAL_SERVER_ALLOWED_HOSTS (#21501) (735f9a1)
• track dependencies when loading config with native (#22602) (a7e2da8)
• types: add more precise typing for known query types to match known as types (#21863) (cc39e55)
• update rolldown to 1.1.1 (#22593) (8a13d63)
• wasm: direct .wasm imports (WASM ESM Integration) (#21779) (c23d85b)

Bug Fixes

• apply correct fs restrictions for pnpm gvs (#22415) (092320b)
• css: support external CSS with lightningcss (#18389) (d64a1a5)
• deps: update all non-major dependencies (#22637) (44bb9d9)
• deps: update all non-major dependencies (#22681) (f4f0633)
• html: insert import map before modulepreload that is not self-close tag (#21409) (e399c89)
• optimizer: preserve sourcemaps for transformed optimized deps with follow-up transforms (#22428) (1298951)

... (truncated)

Commits

• 5909efd fix: allow multiple bindCLIShortcuts calls with shortcut merging (#21103)
• 39a0a15 chore(deps): update rolldown-related dependencies (#21095)
• 6a34ac3 fix(deps): update all non-major dependencies (#21096)
• 02ceaec chore(deps): update dependency @​rollup/plugin-commonjs to v29 (#21099)
• 572aaca release: v7.2.2
• 728c8ee fix: revert "refactor: use fs.cpSync (#21019)" (#21081)
• a532e68 release: v7.2.1
• 82d2d6c fix(worker): some worker asset was missing (#21074)
• f83264f refactor(build): rename indexOfMatchInSlice to findPreloadMarker (#21054)
• 8293de0 release: v7.2.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[phantomptr]

Folded into #161 (reapplied on current main, lockfiles regenerated, full build/test pass). Shipping in 3.3.24. Thanks dependabot!

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml