Update various dependencies with fresh package-lock.json + associated fixes

[MoOx]

There are a bunch of dependabots PR pending. Too many I would say.
This PR aims to reduce this number, even if most of those issues are not really concerning the end user of RSD, it's still bothering us somehow.

Regenerating the lockfile bumped webpack to ≥5.100, whose stricter ProgressPlugin validation is incompatible with webpackbar 6 (pulled in by Docusaurus 3.8.1), breaking npm install on the postinstall build.

So this includes:

• Update Docusaurus 3.8.1 → 3.10.1 (ships webpackbar 7, fixes the install)
• Update lint-staged → ^16.4.0 (fixes micromatch/yaml ReDoS advisories)
• Update eslint-plugin-react-hooks canary → ^7.1.1
• Update next → ^15.5.18 within v15
• Use caret ranges for external deps in non-published workspaces (examples, website, tooling) to ease future lockfile updates

If I interpreted npm audit properly, remaining issues are related to:

• nextjs (postcss <8.5.10)
• docusaurus (serialize-javascript <=7.0.4, uuid <11.1.1)
• expo (uuid <11.1.1)

So those are not an issues for package consumer anyway.

Merging this might close some dependabots PR automatically.

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Updates dependency versions across multiple package.json files, primarily switching from pinned to caret-ranged versions and bumping some dependencies (Docusaurus, eslint-plugin-react-hooks, lint-staged) to newer versions.

Changes:

• Convert exact version pins to caret ranges (^) for several dependencies (yargs, react, react-dom, react-native, next, etc.).
• Bump @docusaurus/* packages from 3.8.1 to ^3.10.1 in the website package.
• Upgrade eslint-plugin-react-hooks from a canary build to ^7.1.1 and lint-staged from ^13.0.3 to ^16.4.0 in the root.

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
package.json	Bumps eslint-plugin-react-hooks, lint-staged, and loosens version pins for prettier-plugin-hermes-parser and yargs.
apps/expo-app/package.json	Loosens react, react-dom, and react-native to caret ranges.
apps/nextjs-app/package.json	Bumps next to ^15.5.18 and loosens react/react-dom/eslint-config-next pins.
apps/platform-tests/package.json	Loosens react, react-dom, and react-native to caret ranges.
packages/benchmarks/package.json	Loosens yargs to caret range.
packages/scripts/package.json	Loosens yargs to caret range.
packages/website/package.json	Bumps Docusaurus packages to ^3.10.1.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

workflow: benchmarks/size

Comparison of minified (terser) and compressed (brotli) size results, measured in bytes. Smaller is better.

Results	Base	Patch	Ratio
react-strict-dom/dist/web/index.js
· compressed	3,251	3,251	1.00
· minified	10,375	10,375	1.00
react-strict-dom/dist/web/runtime.js
· compressed	1,645	1,645	1.00
· minified	4,131	4,131	1.00
react-strict-dom/dist/native/index.js
· compressed	16,618	16,618	1.00
· minified	64,626	64,626	1.00
react-strict-animated/dist/web/index.js
· compressed	6,861	6,861	1.00
· minified	23,486	23,486	1.00
react-strict-animated/dist/native/index.js
· compressed	797	797	1.00
· minified	2,518	2,518	1.00

[github-actions]

workflow: benchmarks/perf (native)

Comparison of performance test results, measured in operations per second. Larger is better.

Results	Base	Patch	Ratio
css.create
· small	1,176,998	1,175,211	1.00	-
· small with units	515,551	514,752	1.00	-
· small with variables	689,812	691,797	1.00	+
· several small	366,371	373,260	1.02	+
· large	216,329	215,590	1.00	-
· large with polyfills	160,569	162,059	1.01	+
· complex	112,540	112,834	1.00	+
· unsupported	221,107	221,622	1.00	+
css.createTheme
· simple theme	233,140	243,098	1.04	+
· polyfill theme	225,774	229,062	1.01	+