Update dependencies and resolve alerts

[nicmart-dev]

Upgrade all monorepo dependencies to their latest versions and resolve all Dependabot and CodeQL alerts.

This PR updates the client stack to React 19, React Router 6.30, and axios 1.13, integrating Tailwind 4's new PostCSS plugin to address Dependabot. It also migrates Tailwind usage to the v4 @theme workflow and stabilizes React tests by adopting router v7 future behavior and mocking axios. For CodeQL, the server's user controller was rewritten in ESM style with robust input validation and escaping for all inbound fields.

---

 

---

Note

Upgrades client to React 19 and Tailwind v4, updates server to Express 5, and rewrites usersController with ESM, input validation, and safer Airtable queries.

• Client:
  • Deps: Upgrade React 19, React DOM 19, React Router 6.30, Axios 1.13, Tailwind 4 (+ @tailwindcss/postcss), testing libs, and assorted UI libs; add overrides.
  • Tailwind v4 Migration: Switch PostCSS plugin and regenerate public/tailwind.min.css; adopt @theme and explicit base color vars in src/tailwind.css.
  • Routing: Enable Router v7 future flags in App.jsx.
• Testing:
  • Update test to assert recipe CTA button; add Axios Jest mock in setupTests.js.
• Server:
  • Controller Refactor: Convert usersController to ESM with strict sanitization (email/URL/record ID), safer Airtable filter escaping, and 501 stub for update.
  • Routes: Use named imports from controller.
  • Deps: Bump to Express 5, dotenv 17, dotenv-expand 12, Axios 1.13, @google/generative-ai 0.24, nodemon 3.1.11, and related transitive updates.

^{Written by Cursor Bugbot for commit c5cae8a. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}