fix(security): resolve invalid pointer alerts and update dependencies

- SECURITY: Fix 'Access of invalid pointer' alerts in glib-0.18.5 patches.
  - src/subclass/boxed.rs: Use *const T cast in boxed_copy.
  - src/subclass/object.rs: Use *const T::Instance cast in callbacks.
  - src/collections/ptr_slice.rs: Use *const T in iterators/slices.
  - Verified with 'cargo check'.

- DEPS: Update lucide-react-native in client/react-native/ui.
  - Resolves unmet peer dependency warning for react-native-svg ^15.0.0.

- DEPS: Proactive security updates (node-tar, eslint).
  - Updated dependencies in extensions/node/figma.
  - Updated dependencies in extensions/python/signalr_bridge/src/node.
  - Updated dependencies in client/react/desktop/tauri-app.
  - Updated pnpm-lock.yaml workspace-wide.

- CHORE: Update figma cask to 126.0.4.

Author: quantDIY

client/react-native/ui/package.json

@@ -28,7 +28,7 @@
         "@rn-primitives/tooltip": "^1.2.0",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
-        "lucide-react-native": "^0.314.0",
+        "lucide-react-native": "^0.563.0",
         "nativewind": "^4.2.1",
         "react-native-reanimated": "~3.16.7",
         "react-native-screens": "^3.37.0",
@@ -40,7 +40,7 @@
         "@types/react-native": "^0.73.0",
         "@typescript-eslint/eslint-plugin": "^7.18.0",
         "@typescript-eslint/parser": "^7.18.0",
-        "eslint": "^8.57.1",
+        "eslint": "^9.39.2",
         "eslint-plugin-react": "^7.37.5",
         "eslint-plugin-react-hooks": "^4.6.2",
         "typescript": "^5.9.3"

client/react/desktop/tauri-app/src-tauri/patches/glib-0.18.5/src/collections/ptr_slice.rs

@@ -240,7 +240,7 @@ impl<T: TransparentPtrType> IntoIter<T> {
             if self.len == 0 {
                 &[]
             } else {
-                std::slice::from_raw_parts(self.idx.as_ptr() as *mut T, self.len)
+                std::slice::from_raw_parts(self.idx.as_ptr() as *const T, self.len)
             }
         }
     }
@@ -289,7 +289,7 @@ impl<T: TransparentPtrType> Iterator for IntoIter<T> {
             let p = self.idx.as_ptr();
             self.len -= 1;
             self.idx = ptr::NonNull::new_unchecked(p.add(1));
-            Some(ptr::read(p as *mut T))
+            Some(ptr::read(p as *const T))
         }
     }
 
@@ -309,7 +309,7 @@ impl<T: TransparentPtrType> Iterator for IntoIter<T> {
             None
         } else {
             self.len -= 1;
-            Some(unsafe { ptr::read(self.idx.as_ptr().add(self.len) as *mut T) })
+            Some(unsafe { ptr::read(self.idx.as_ptr().add(self.len) as *const T) })
         }
     }
 }
@@ -321,7 +321,7 @@ impl<T: TransparentPtrType> DoubleEndedIterator for IntoIter<T> {
             None
         } else {
             self.len -= 1;
-            Some(unsafe { ptr::read(self.idx.as_ptr().add(self.len) as *mut T) })
+            Some(unsafe { ptr::read(self.idx.as_ptr().add(self.len) as *const T) })
         }
     }
 }

client/react/desktop/tauri-app/src-tauri/patches/glib-0.18.5/src/subclass/boxed.rs

@@ -36,7 +36,7 @@ pub fn register_boxed_type<T: BoxedType>() -> crate::Type {
         if v.is_null() {
             return v;
         }
-        let v = &*(v as *mut T);
+        let v = &*(v as *const T);
         let copy = Box::new(v.clone());
 
         Box::into_raw(copy) as ffi::gpointer

client/react/desktop/tauri-app/src-tauri/patches/glib-0.18.5/src/subclass/object.rs

@@ -88,7 +88,7 @@ unsafe extern "C" fn property<T: ObjectImpl>(
     value: *mut gobject_ffi::GValue,
     pspec: *mut gobject_ffi::GParamSpec,
 ) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
 
     let v = imp.property(id as usize, &from_glib_borrow(pspec));
@@ -112,7 +112,7 @@ unsafe extern "C" fn set_property<T: ObjectImpl>(
     value: *mut gobject_ffi::GValue,
     pspec: *mut gobject_ffi::GParamSpec,
 ) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
     imp.set_property(
         id as usize,
@@ -122,7 +122,7 @@ unsafe extern "C" fn set_property<T: ObjectImpl>(
 }
 
 unsafe extern "C" fn constructed<T: ObjectImpl>(obj: *mut gobject_ffi::GObject) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
 
     imp.constructed();
@@ -132,7 +132,7 @@ unsafe extern "C" fn notify<T: ObjectImpl>(
     obj: *mut gobject_ffi::GObject,
     pspec: *mut gobject_ffi::GParamSpec,
 ) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
     imp.notify(&from_glib_borrow(pspec));
 }
@@ -142,13 +142,13 @@ unsafe extern "C" fn dispatch_properties_changed<T: ObjectImpl>(
     n_pspecs: u32,
     pspecs: *mut *mut gobject_ffi::GParamSpec,
 ) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
     imp.dispatch_properties_changed(Slice::from_glib_borrow_num(pspecs, n_pspecs as _));
 }
 
 unsafe extern "C" fn dispose<T: ObjectImpl>(obj: *mut gobject_ffi::GObject) {
-    let instance = &*(obj as *mut T::Instance);
+    let instance = &*(obj as *const T::Instance);
     let imp = instance.imp();
 
     imp.dispose();