fix(deps): consolidate Dependabot updates and resolve 5 security alerts

[NeuroKoder3]

Summary

• Consolidates all 7 open Dependabot PRs (deps: Bump electron-updater from 6.8.3 to 6.8.9 #152-deps: Bump esbuild, @vitejs/plugin-react and vite #158) into one tested changeset
• Resolves 5 open Dependabot security alerts: nodemailer (2), vite (2), esbuild (1)
• Upgrades root vite to 8.0.16 with @vitejs/plugin-react 6.0.2
• Bumps server nodemailer to ^8.0.9 and pins vite 8.0.16
• Adds js-yaml and esbuild overrides to pass npm audit
• Fixes vite.config.js manualChunks for Vite 8 (function API)

Supersedes

• deps: Bump electron-updater from 6.8.3 to 6.8.9 #152 electron-updater
• deps: Bump @radix-ui/react-progress from 1.1.8 to 1.1.9 #153 @radix-ui/react-progress
• deps: Bump eslint-plugin-react-refresh from 0.5.2 to 0.5.3 #154 eslint-plugin-react-refresh
• deps: Bump @radix-ui/react-slot from 1.2.4 to 1.2.5 #155 @radix-ui/react-slot
• deps: Bump @radix-ui/react-tooltip from 1.2.8 to 1.2.9 #156 @radix-ui/react-tooltip
• chore(deps-dev): Bump vite from 8.0.10 to 8.0.16 in /server #157 server vite
• deps: Bump esbuild, @vitejs/plugin-react and vite #158 esbuild/vite/plugin-react

Test plan

• npm audit --omit=dev --audit-level=moderate (root)
• npm audit --audit-level=moderate (server)
• npm run build
• npm run lint
• server npm test (76 tests)

Made with Cursor