chore(deps): bump the npm-minor-patch group across 1 directory with 3 updates

[dependabot]

Bumps the npm-minor-patch group with 3 updates in the /app directory: @falkordb/canvas, @vitejs/plugin-react-swc and postcss.

Updates @falkordb/canvas from 0.0.45 to 0.0.50

Release notes

Sourced from @​falkordb/canvas's releases.

v0.0.50

What's Changed

• ci: move publish workflow to Node 24 by @​shahar-biron in FalkorDB/falkordb-canvas#117
• chore(deps): combine all dependabot dependency updates by @​barakb in FalkorDB/falkordb-canvas#123
• feat: viewport culling and low-zoom draw skipping for large-graph scalability by @​Copilot in FalkorDB/falkordb-canvas#89
• chore(deps-dev): bump jsdom from 29.1.0 to 29.1.1 in the npm-minor-patch group by @​dependabot[bot] in FalkorDB/falkordb-canvas#124
• chore(deps-dev): bump eslint from 10.2.1 to 10.3.0 by @​dependabot[bot] in FalkorDB/falkordb-canvas#125
• chore(deps-dev): bump the npm-minor-patch group with 2 updates by @​dependabot[bot] in FalkorDB/falkordb-canvas#126
• chore(deps): bump react from 19.2.5 to 19.2.6 in the npm-minor-patch group by @​dependabot[bot] in FalkorDB/falkordb-canvas#127
• refactor: streamline setGraphData logic and improve simulation handling by @​Anchel123 in FalkorDB/falkordb-canvas#128

Full Changelog: FalkorDB/falkordb-canvas@0.0.48...v0.0.50

v0.0.49

Release v0.0.49

v0.0.48

What's Changed

• Update promise-retry dependency to use caret versioning in package.js… by @​Anchel123 in FalkorDB/falkordb-canvas#115

Full Changelog: FalkorDB/falkordb-canvas@v0.0.47...v0.0.48

v0.0.47

What's Changed

• Add non-force layout expand/collapse animation handling by @​shahar-biron in FalkorDB/falkordb-canvas#110
• fix: add promise-retry dependency to improve retry logic by @​Anchel123 in FalkorDB/falkordb-canvas#114
• Add analysis-focused graph layout modes by @​shahar-biron in FalkorDB/falkordb-canvas#100

Full Changelog: FalkorDB/falkordb-canvas@v0.0.46...v0.0.47

v0.0.46

What's Changed

• Add layout modes and example selector UI by @​shahar-biron in FalkorDB/falkordb-canvas#94
• ci(workflows): pin GitHub Actions dependencies to commit SHAs by @​gkorland in FalkorDB/falkordb-canvas#98
• chore(deps): combine dependabot dependency updates by @​barakb in FalkorDB/falkordb-canvas#104
• chore(deps): combine dependabot dependency updates by @​barakb in FalkorDB/falkordb-canvas#112
• fix: update node size handling and improve text measurement logic by @​Anchel123 in FalkorDB/falkordb-canvas#113

New Contributors

• @​shahar-biron made their first contribution in FalkorDB/falkordb-canvas#94
• @​barakb made their first contribution in FalkorDB/falkordb-canvas#104

Full Changelog: FalkorDB/falkordb-canvas@v0.0.45...v0.0.46

Commits

• 1dd6df2 Merge pull request #128 from FalkorDB/fix-canvas
• 5e81887 fix: reset cooldownTicks and streamline loading state handling in setGraphData
• 0d16976 refactor: streamline setGraphData logic and improve simulation handling
• b87a1e3 Revert "refactor: simplify setGraphData logic and remove unnecessary animations"
• 3a0fb11 refactor: simplify setGraphData logic and remove unnecessary animations
• 57086da Merge pull request #127 from FalkorDB/dependabot/npm_and_yarn/npm-minor-patch...
• ff2d3ef chore(deps): bump react in the npm-minor-patch group
• 3555ddd Merge pull request #126 from FalkorDB/dependabot/npm_and_yarn/npm-minor-patch...
• c9830b3 chore(deps-dev): bump the npm-minor-patch group with 2 updates
• 1b39082 Merge pull request #125 from FalkorDB/dependabot/npm_and_yarn/eslint-10.3.0
• Additional commits viewable in compare view

Updates @vitejs/plugin-react-swc from 4.3.0 to 4.3.1

Release notes

Sourced from @​vitejs/plugin-react-swc's releases.

plugin-react-swc@4.3.1

Avoid esbuild warnings with Vite 8 #1195

Fixes #1187.

Changelog

Sourced from @​vitejs/plugin-react-swc's changelog.

4.3.1 (2026-05-14)

Avoid esbuild warnings with Vite 8 #1195

Fixes #1187.

Commits

• See full diff in compare view

Updates postcss from 8.5.14 to 8.5.15

Release notes

Sourced from postcss's releases.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

Changelog

Sourced from postcss's changelog.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

Commits

• eae46db Release 8.5.15 version
• 79508ff Update CI actions
• b128e21 Speed up declaration parsing by avoiding creating new array on each token
• 9825dca Fix code format
• 55789c8 Update dependencies
• 84fbbe9 Install older pnpm action for old Node.js
• 9f860bd Revert pnpm action for old Node.js
• 0877198 Update CI actions
• b2d1a33 Fix linter warnings
• 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[overcut-ai]

Completed Working on "Code Review"

✅ Code review complete. No issues found - all changes look good! ✅

✅ Workflow completed successfully.

---

👉 View complete log

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@falkordb/canvas	0.0.50	Unknown	Unknown
npm/@rolldown/pluginutils	1.0.1	Unknown	Unknown
npm/@vitejs/plugin-react-swc	4.3.1	🟢 7.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 3 Found 8/22 approved changesets -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 7 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
npm/nanoid	3.3.12	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 1 Found 4/29 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6
npm/postcss	8.5.15	🟢 5.5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 0 Found 2/27 approved changesets -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• app/package-lock.json