chore(deps): bump the npm-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the npm-dependencies group with 10 updates in the /frontend directory:

Package	From	To
@carbon/icons-react	11.70.0	11.73.0
@tanstack/react-query	5.90.11	5.90.20
autoprefixer	10.4.22	10.4.23
axios	1.13.2	1.13.3
dompurify	3.3.0	3.3.1
react-hook-form	7.66.1	7.71.1
react-pdf	10.2.0	10.3.0
react-router-dom	7.9.6	7.13.0
@playwright/test	1.57.0	1.58.0
sass	1.94.2	1.97.3

Updates @carbon/icons-react from 11.70.0 to 11.73.0

Release notes

Sourced from @​carbon/icons-react's releases.

v11.73.0

v11.73.0 (2025-1-2)

@carbon/elements@11.58.0

Housekeeping 🏠

• chore(release): v11.73.0 (#18288) (97fc2e65d)
• chore(release): v11.73.0-rc.0 (#18285) (7b6d92158)

@carbon/grid@11.30.0

Bug fixes 🐛

• fix(subgrid): narrow mode margin (#18255) (d56c8856d)

Housekeeping 🏠

• chore(release): v11.73.0 (#18288) (97fc2e65d)
• chore(release): v11.73.0-rc.0 (#18285) (7b6d92158)
• chore(deps): bump nanoid in /packages/grid/examples/css-grid (#18232) (e34d80ae7)

@carbon/icons-vue@10.102.0

Housekeeping 🏠

• chore(deps): bump elliptic in /packages/icons-vue/examples/storybook (#18189) (6a97a2d78)

@carbon/pictograms@12.44.0

New features 🚀

• feat(Pictograms): new productive master v24 (#18132) (af555e067)

Housekeeping 🏠

• chore(release): v11.73.0 (#18288) (97fc2e65d)
• chore(release): v11.73.0-rc.0 (#18285) (7b6d92158)

@carbon/pictograms-react@11.70.0

Housekeeping 🏠

• chore(release): v11.73.0 (#18288) (97fc2e65d)
• chore(release): v11.73.0-rc.0 (#18285) (7b6d92158)
• chore(deps): bump elliptic (#18205) (d37708c64)

@carbon/react@1.73.0

Bug fixes 🐛

• fix(code-connect): datepicker and header fix and update to latest (#18254) (8bdb48b5c)
• fix(subgrid): narrow mode margin (#18255) (d56c8856d)
• fix: arrow breaking in AILabel popover (#17982) (1cf72009b)
• fix: changed from lodash to es-toolkit (#18162) (4cf18d372)
• fix(Stack): spread inline styles (#18067) (fc76fa7c1)
• fix(17525): fixes a11y violation in toggle (#18216) (e6ee8dd55)
• fix: fixes a11y violation in ExpandedSearch (#18203) (9241275e4)

... (truncated)

Commits

• ab3eba8 chore(release): v11.71.0 (#18133)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​carbon/icons-react since your current version.

Updates @tanstack/react-query from 5.90.11 to 5.90.20

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-persist-client@​5.90.20

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.17
  • @​tanstack/react-query@​5.90.18

@​tanstack/react-query@​5.90.20

Patch Changes

• Updated dependencies [e7258c5]:
  • @​tanstack/query-core@​5.90.20

@​tanstack/react-query-persist-client@​5.90.19

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.16
  • @​tanstack/react-query@​5.90.17

@​tanstack/react-query@​5.90.19

Patch Changes

• Updated dependencies [53fc74e]:
  • @​tanstack/query-core@​5.90.19

@​tanstack/react-query-persist-client@​5.90.18

Patch Changes

• Updated dependencies [4be3ad7]:
  • @​tanstack/react-query@​5.90.16
  • @​tanstack/query-persist-client-core@​5.91.15

@​tanstack/react-query@​5.90.18

Patch Changes

• Updated dependencies [dea1614]:
  • @​tanstack/query-core@​5.90.18

@​tanstack/react-query-persist-client@​5.90.17

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.14
  • @​tanstack/react-query@​5.90.15

@​tanstack/react-query@​5.90.17

Patch Changes

• Updated dependencies [269351b]:

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.90.20

Patch Changes

• Updated dependencies [e7258c5]:
  • @​tanstack/query-core@​5.90.20

5.90.19

Patch Changes

• Updated dependencies [53fc74e]:
  • @​tanstack/query-core@​5.90.19

5.90.18

Patch Changes

• Updated dependencies [dea1614]:
  • @​tanstack/query-core@​5.90.18

5.90.17

Patch Changes

• Updated dependencies [269351b]:
  • @​tanstack/query-core@​5.90.17

5.90.16

Patch Changes

• fix(react-query): allow retryOnMount when throwOnError is function (#9338)

• Updated dependencies [7f47906]:

  • @​tanstack/query-core@​5.90.16

5.90.15

Patch Changes

• Updated dependencies [fccef79]:
  • @​tanstack/query-core@​5.90.15

5.90.14

Patch Changes

• Updated dependencies [d576092]:
  • @​tanstack/query-core@​5.90.14

... (truncated)

Commits

• 7ac4e20 ci: Version Packages (#10067)
• 9ff3de7 Upgrade to Vitest v4 (#9862)
• 0525ad1 ci: Version Packages (#10047)
• 53fc74e fix(query-core): fix combine not updating when queries change with stable ref...
• 64d5d62 ci: Version Packages (#10045)
• dea1614 fix(query-core): avoid throwing promise errors when data exists (#10025)
• bf7f47e ci: Version Packages (#10033)
• 44c3cb9 test(react-query/ssr): add 'useQueries' test for SSR (#9996)
• 167db32 ci: Version Packages (#10005)
• 4be3ad7 fix(react-query): allow retryOnMount when throwOnError is function (#9336) (#...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​tanstack/react-query since your current version.

Updates autoprefixer from 10.4.22 to 10.4.23

Release notes

Sourced from autoprefixer's releases.

10.4.23

• Reduced dependencies (by @​hyperz111).

Changelog

Sourced from autoprefixer's changelog.

10.4.23

• Reduced dependencies (by @​hyperz111).

Commits

• 212ba3c Release 10.4.23 version
• 7f62fb6 Update dependencies
• c455bb1 chore: inline and simplify normalize-range (#1539)
• See full diff in compare view

Updates axios from 1.13.2 to 1.13.3

Release notes

Sourced from axios's releases.

Release v1.13.3

Release notes:

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
• turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#6053) (65a7584)
• add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#6265) (860e033)
• enhance pipeFileToResponse with error handling (#7169) (88d7884)
• types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma
• Turadg Aleahmad

... (truncated)

Changelog

Sourced from axios's changelog.

1.13.3 (2026-01-20)

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
• turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#6053) (65a7584)
• add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#6265) (860e033)
• enhance pipeFileToResponse with error handling (#7169) (88d7884)
• types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma

... (truncated)

Commits

• ab06109 chore(release): v1.13.3 (#7335)
• 2d6ad5e revert(deps): bump peter-evans/create-pull-request from 7 to 8 in the github-...
• cb49a6f chore(sponsor): update sponsor block (#7330)
• d8233d9 fix(types): restore AxiosError.cause type from unknown to Error (#7327)
• 5945e40 fix(interceptor): handle the error in the same interceptor (#6269)
• 7373fbf fix: main field in package.json should correspond to cjs artifacts (#5756)
• 8d1271b fix(types): add handlers to AxiosInterceptorManager interface (#5551)
• f869434 docs: refresh CDN URLs and example JSON headers (#7236)
• 46db331 doc: update deprecated var usage in documentation examples (#7246)
• d6bbb3d docs: add async/await timeout handling example (#7250)
• Additional commits viewable in compare view

Updates dompurify from 3.3.0 to 3.3.1

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.1

• Updated ADD_FORBID_CONTENTS setting to extend default list, thanks @​MariusRumpf
• Updated the ESM import syntax to be more correct, thanks @​binhpv

Commits

• 6fc446a Merge pull request #1175 from cure53/main
• 3b3bf91 Merge branch 'main' of github.com:cure53/DOMPurify
• 9863f41 chore: Preparing 3.3.1 release
• b4e0295 chore: Preparing 3.3.0 release
• 077746b build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1170)
• 4de68bb build(deps): bump actions/checkout from 5 to 6 (#1171)
• 4c76b6f Use correct ESM import syntax (#1173)
• 27e8496 Merge pull request #1168 from MariusRumpf/add-forbid-contents
• a920096 Add ADD_FORBID_CONTENTS setting to extend default list
• ac64660 Merge pull request #1163 from cure53/dependabot/github_actions/actions/setup-...
• Additional commits viewable in compare view

Updates react-hook-form from 7.66.1 to 7.71.1

Release notes

Sourced from react-hook-form's releases.

Version v7.71.1

🐞 fix #13250 issue with booleans_as_integers (#13252)

Version 7.71.0

⚡ perf: memoize FormProvider context value to prevent unnecessary rerenders (#13235) 🚄 perf: separate control context to prevent unnecessary rerenders (#13234) 🐞 fix: update isValid when field disabled state changes (#13231) 👌 chore: optimize bundle size via safe terser options (#13243) (#13244)

thanks to @​kamja44, @​a28689604 & @​newsiberian

Version 7.70.0

✅ watch type improvement (#13228) 🐞 fix: prevent field array ghost elements with keepDirtyValues (#13188) 🐞 fix: improve invalid date handling in deepEqual and validation (#13230) 🐞 fix(types): handle branded types correctly in DeepPartial (#13222) 🐞 fix native validation focus issue (#13220) 🐞 change spread operator to set name with depricated names prop, then override with new name prop is supplied (#13214) 🐞 fix: prevent duplicate subscription trigger in setValue (#13206) (#13209) 👌 chore: fix lib type check include tests (#13229)

thanks to @​EdwardEB, @​constantly-dev & @​a28689604

🎄 Version 7.69.0

📏 feat: align API with useWatch (#13192) 🤦🏻‍♂️ chore: update @​deprecated names prop on (#13198) 🏥 chore: safely call function methods on elements (#13190) 🪖 chore: cve-2025-67779 (#13196) 🪖 chore: cve-2025-55184 & cve-2025-55183 (#13194) 🪖 chore: CVE-2025-55182 Critical RCE vulnerabilty (#13175) 🔬 test: add regression tests for #12837 and #13136 (#13187) 🐞 fix(reset): preserve isValid state when keepIsValid option is used (#13173) 🐞 fix: ensure each createFormControl.subscribe subscription listens only to the changes it subscribes to (#12968) 🐞 fix(validation): batch isValidating state updates with validation result (#13181) 🐞 fix(createFormControl): resolve race condition between setError and setFocus (#13138) (#13169) 🧿 fix control prop type (#13189) 🔔 chore: clean cloneObject logic (#13179)

thanks to @​PierreCrb, @​a28689604, @​AnuragM7666, @​ap0nia, @​dusan233 & @​hlongc

Version 7.68.0

🎧 feat: <FormStateSubscribe /> component (#13142)

import { useForm, FormStateSubscribe } from 'react-hook-form';
const App = () => {
const { register, control } = useForm();
return (
</tr></table>

... (truncated)

Commits

• 51589c5 7.71.1
• fc57a62 🐞 fix #13250 issue with booleans_as_integers (#13252)
• 195139d 7.71.0
• e26f886 👌 chore: optimize bundle size via safe terser options (#13243) (#13244)
• 17c85ed 🚄 perf: separate control context to prevent unnecessary rerenders (#13234)
• a084dcb ⚡ perf: memoize FormProvider context value to prevent unnecessary rerenders (...
• 65c78bc 🐞 fix: update isValid when field disabled state changes (#13231)
• d810ff5 7.70.0
• c54ebf9 🐞 fix: prevent field array ghost elements with keepDirtyValues (#13188)
• 3966596 ✅ watch type improvement (#13228)
• Additional commits viewable in compare view

Updates react-pdf from 10.2.0 to 10.3.0

Release notes

Sourced from react-pdf's releases.

v10.3.0

What's new?

• Added support for filterAnnotations prop in Page component (#1991).
• Made the code more resilient to promise cancellations (#974).

What's changed?

• Tests are no longer shipped to npm. This helped reducing publish size from 416 kB to 303 kB.
• Updated Next.js samples.

Bug fixes

• Fixed incorrectly calculated dimensions of rotated pages in Page onLoadSuccess handler (#2027). Thanks, @​wkirby!

Commits

• dcc9091 v10.3.0
• 486cc2e Remove unnecessary null check
• 1402f43 Make the code more resilient to promise cancellations
• b55b5e6 Update version in README (#2046)
• e225811 Use full glob patterns in files, exclude unit tests from published tarball
• 2ff0c3f Migrate from RTL to vitest-browser-react
• 1ac739b Downgrade biome from 2.2.4 to 2.2.2
• ce8655d Add support for filterAnnotations prop
• ce2fda9 Minor formatting
• 384e2ab Update Vitest to 4.0.0
• Additional commits viewable in compare view

Updates react-router-dom from 7.9.6 to 7.13.0

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

• Updated dependencies
  • react-router@6.4.0-pre.15
  • react-router-dom@6.4.0-pre.15

Changelog

Sourced from react-router-dom's changelog.

7.13.0

Patch Changes

• Updated dependencies:
  • react-router@7.13.0

7.12.0

Patch Changes

• Updated dependencies:
  • react-router@7.12.0

7.11.0

Patch Changes

• Updated dependencies:
  • react-router@7.11.0

7.10.1

Patch Changes

• Updated dependencies:
  • react-router@7.10.1

7.10.0

Patch Changes

• Updated dependencies:
  • react-router@7.10.0

Commits

• 5557ba3 chore: Update version for release (#14749)
• 62c6e0e chore: Update version for release (pre) (#14738)
• 26653a6 chore: Update version for release (#14712)
• 7ac2346 chore: Update version for release (pre) (#14709)
• b34a9cd chore: Update version for release (#14668)
• 48b1be4 chore: Update version for release (pre) (#14662)
• ff50507 Update monorepo internal React deps (#14639)
• c257ee1 feat(rsc): add support for custom entry files in RSC Framework Mode (#14643)
• 8f6bfa0 Setup pnpm catalog for shared workspace deps (#14642)
• 77d22fa chore: Update version for release (#14634)
• Additional commits viewable in compare view

Updates @playwright/test from 1.57.0 to 1.58.0

Release notes

Sourced from @​playwright/test's releases.

v1.58.0

Timeline

If you're using merged reports, the HTML report Speedboard tab now shows the Timeline:

UI Mode and Trace Viewer Improvements

• New 'system' theme option follows your OS dark/light mode preference
• Search functionality (Cmd/Ctrl+F) is now available in code editors
• Network details panel has been reorganized for better usability
• JSON responses are now automatically formatted for readability

Thanks to @​cpAdm for contributing these improvements!

Miscellaneous

browserType.connectOverCDP() now accepts an isLocal option. When set to true, it tells Playwright that it runs on the same host as the CDP server, enabling file system optimizations.

Breaking Changes ⚠️

• Removed _react and _vue selectors. See locators guide for alternatives.
• Removed :light selector engine suffix. Use standard CSS selectors instead.
• Option devtools from browserType.launch() has been removed. Use args: ['--auto-open-devtools-for-tabs'] instead.
• Removed macOS 13 support for WebKit. We recommend to upgrade your macOS version, or keep using an older Playwright version.

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 144
• Microsoft Edge 144

Commits

• 961381e chore: mark 1.58.0 (#38921)
• 0c1b64c chore: hide stuff (#38882)
• b1fd5d0 test: unflake some ui-mode tests (#38907)
• faf317c chore: tune press/type via cli (#38898)
• ba4b983 docs: add v1.58 release notes (#38879)
• 00fb7a9 chore: implement shard weights feedback (#38902)
• 42d4f18 test: unflake/skip/fix some tests (#38905)
• 42b9784 feat(dot): onTestPause + make --pause private (#38904)
• 428b557 fix(html): truncate step titles (#38884)
• 5959834 chore(list): onTestPaused (#38777)
• Additional commits viewable in compare view

Updates sass from 1.94.2 to 1.97.3

Release notes

Sourced from sass's releases.

Dart Sass 1.97.3

To install Sass 1.97.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug where nesting an at-rule within multiple style rules in plain CSS could cause outer style rules to be omitted.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.2

To install Sass 1.97.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Additional fixes for implicit configuration when nested imports are involved.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.1

To install Sass 1.97.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

See t...

Description has been truncated

[github-actions]

🚀 Development Environment Options

This repository supports Dev Containers for a consistent development environment.

Option 1: GitHub Codespaces (Recommended)

Create a cloud-based development environment:

1. Click the green Code button above
2. Select the Codespaces tab
3. Click Create codespace on dependabot/npm_and_yarn/frontend/npm-dependencies-b8eaeb1cbf
4. Wait 2-3 minutes for environment setup
5. Start coding with all tools pre-configured!

Option 2: VS Code Dev Containers (Local)

Use Dev Containers on your local machine:

1. Install Docker Desktop
2. Install VS Code
3. Install the Dev Containers extension
4. Clone this PR branch locally
5. Open in VS Code and click "Reopen in Container" when prompted

Option 3: Traditional Local Setup

Set up the development environment manually:

# Clone the repository
git clone https://github.com/manavgup/rag_modulo.git
cd rag_modulo
git checkout dependabot/npm_and_yarn/frontend/npm-dependencies-b8eaeb1cbf

# Initialize development environment
make dev-init
make dev-build
make dev-up
make dev-validate

Available Commands

Once in your development environment:

make help           # Show all available commands
make dev-validate   # Validate environment setup
make test-atomic    # Run atomic tests
make test-unit      # Run unit tests
make lint          # Run linting

Services Available

When running make dev-up:

• Backend API: http://localhost:8000
• Frontend: http://localhost:3000
• MLflow: http://localhost:5001

---

This automated message helps reviewers quickly set up the development environment.