chore: Update all dependencies to latest versions

Backend updates:
- zod: 3.24.1 → 4.3.6 (major)
- bcryptjs: 2.4.3 → 3.0.3 (major)
- jsonwebtoken: 9.0.2 → 9.0.3 (patch)
- @types/bcryptjs: 2.4.6 → 3.0.0 (major)

Frontend updates:
- next-auth: 5.0.0-beta.25 → 5.0.0-beta.30 (latest v5 beta)
- react: 19.1.0 → 19.2.4 (patch)
- react-dom: 19.1.0 → 19.2.4 (patch)
- recharts: 2.15.4 → 3.7.0 (major)
- tailwind-merge: 2.6.1 → 3.5.0 (major)
- @types/node: 22.12.0 → 25.3.0 (major)
- tailwindcss: 3.4.19 → 4.2.0 (major)

Notes:
- All dependencies updated to absolute latest stable versions
- next-auth kept on v5 beta (upgraded to latest beta.30)
- See DEPENDENCY_UPDATES.md for full details and testing checklist
- Potential breaking changes in zod v4, bcryptjs v3, recharts v3, and tailwindcss v4
- Configuration files may need updates for tailwindcss v4 compatibility

DEPENDENCY_UPDATES.md

@@ -0,0 +1,127 @@
+# Dependency Updates Summary
+Generated: 2026-02-19
+
+## Backend Dependencies Updates
+
+### MAJOR VERSION UPDATES:
+
+1. **zod**: 3.24.1 → 4.3.6
+   - Major version bump
+   - Potential breaking changes in validation API
+
+2. **bcryptjs**: 2.4.3 → 3.0.3
+   - Major version bump
+   - Potential breaking changes in hashing API
+
+3. **@types/bcryptjs**: 2.4.6 → 3.0.0
+   - TypeScript types update to match bcryptjs v3
+
+### MINOR/PATCH UPDATES:
+
+4. **jsonwebtoken**: 9.0.2 → 9.0.3
+   - Patch update, should be compatible
+
+### ALREADY UP-TO-DATE:
+- @elysiajs/cors: 1.4.1 ✓
+- @elysiajs/swagger: 1.3.1 ✓
+- elysia: 1.4.25 ✓
+- pg: 8.18.0 ✓
+- postgres: 3.4.8 ✓
+- dotenv: 17.3.1 ✓
+- @types/pg: 8.16.0 ✓
+- @types/jsonwebtoken: 9.0.10 ✓
+
+---
+
+## Frontend Dependencies Updates
+
+### MAJOR VERSION UPDATES:
+
+1. **next-auth**: 5.0.0-beta.25 → 5.0.0-beta.30
+   - Updated to latest v5 beta (not downgraded to v4)
+   - Maintains feature set, gets bug fixes
+   - Decision: Keep on v5 beta as it's the future version
+
+2. **recharts**: 2.15.4 → 3.7.0
+   - Major version bump
+   - Potential breaking changes in chart components
+
+3. **tailwind-merge**: 2.6.1 → 3.5.0
+   - Major version bump
+   - Potential breaking changes in class merging logic
+
+4. **@types/node**: 22.12.0 → 25.3.0
+   - Major version bump
+   - Updated TypeScript definitions for Node.js
+
+5. **tailwindcss**: 3.4.19 → 4.2.0
+   - Major version bump
+   - Tailwind CSS v4 has significant changes to configuration and API
+   - May require updating tailwind.config.js configuration
+
+### MINOR/PATCH UPDATES:
+
+6. **react**: 19.1.0 → 19.2.4
+   - Patch update, should be compatible
+
+7. **react-dom**: 19.1.0 → 19.2.4
+   - Patch update, should be compatible
+
+### ALREADY UP-TO-DATE:
+- next: 16.1.6 ✓
+- lucide-react: 0.574.0 ✓
+- date-fns: 4.1.0 ✓
+- @radix-ui/react-dialog: 1.1.15 ✓
+- @radix-ui/react-dropdown-menu: 2.1.16 ✓
+- @radix-ui/react-slot: 1.2.4 ✓
+- @radix-ui/react-tabs: 1.1.13 ✓
+- @radix-ui/react-toast: 1.2.15 ✓
+- class-variance-authority: 0.7.1 ✓
+- clsx: 2.1.1 ✓
+- typescript: 5.9.3 ✓
+- postcss: 8.5.6 ✓
+- autoprefixer: 10.4.24 ✓
+- @types/react: 19.2.14 ✓
+- @types/react-dom: 19.2.3 ✓
+
+---
+
+## Known Compatibility Issues & Recommendations
+
+### High Priority:
+1. **tailwindcss v4**: This is a major update with significant changes. The project's configuration files (tailwind.config.js, postcss.config.js) may need updates. Note: Tailwind v4 is designed to be backward compatible with v3 configs in most cases.
+
+### Medium Priority:
+2. **zod v4**: Check if validation schemas need updates.
+3. **bcryptjs v3**: Check if password hashing/verification code needs updates.
+4. **recharts v3**: Chart components may need updates to match new API.
+
+### Low Priority:
+5. **@types/node v25**: Usually compatible, but check for any Node.js API changes.
+
+---
+
+## Testing Checklist
+
+After updating dependencies:
+- [ ] Run `npm install` in both backend and frontend
+- [ ] Run `npm run build` in frontend
+- [ ] Test authentication flow (next-auth)
+- [ ] Test API endpoints
+- [ ] Test database connections
+- [ ] Test all UI components and charts
+- [ ] Run any existing tests
+- [ ] Check console for deprecation warnings
+- [ ] Test Docker build (`docker-compose build`)
+
+---
+
+## Rollback Plan
+
+If issues arise after updates:
+1. Revert package.json changes
+2. Run `npm install` to restore previous versions
+3. Commit and push revert
+
+To revert: `git checkout HEAD~1` (if committed)
+Or restore from backup: `cp package.json.backup package.json`

backend/package.json

@@ -14,13 +14,13 @@
     "pg": "^8.18.0",
     "postgres": "^3.4.8",
     "dotenv": "^17.3.1",
-    "zod": "^3.24.1",
-    "bcryptjs": "^2.4.3",
-    "jsonwebtoken": "^9.0.2"
+    "zod": "^4.3.6",
+    "bcryptjs": "^3.0.3",
+    "jsonwebtoken": "^9.0.3"
   },
   "devDependencies": {
     "@types/pg": "^8.16.0",
-    "@types/bcryptjs": "^2.4.6",
+    "@types/bcryptjs": "^3.0.0",
     "@types/jsonwebtoken": "^9.0.10",
     "bun-types": "latest"
   }

frontend/package.json

@@ -9,10 +9,10 @@
   },
   "dependencies": {
     "next": "16.1.6",
-    "next-auth": "^5.0.0-beta.25",
-    "react": "^19.1.0",
-    "react-dom": "^19.1.0",
-    "recharts": "^2.15.4",
+    "next-auth": "^5.0.0-beta.30",
+    "react": "^19.2.4",
+    "react-dom": "^19.2.4",
+    "recharts": "^3.7.0",
     "lucide-react": "^0.574.0",
     "date-fns": "^4.1.0",
     "@radix-ui/react-dialog": "^1.1.15",
@@ -22,14 +22,14 @@
     "@radix-ui/react-toast": "^1.2.15",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "tailwind-merge": "^2.6.1"
+    "tailwind-merge": "^3.5.0"
   },
   "devDependencies": {
-    "@types/node": "^22.12.0",
+    "@types/node": "^25.3.0",
     "@types/react": "^19.2.14",
     "@types/react-dom": "^19.2.3",
     "typescript": "^5.9.3",
-    "tailwindcss": "^3.4.19",
+    "tailwindcss": "^4.2.0",
     "postcss": "^8.5.6",
     "autoprefixer": "^10.4.24"
   }