chore(deps): bump node from a2dc166 to 725aeba in /frontend

[dependabot]

Bumps node from a2dc166 to 725aeba.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[claude]

Dependabot assessment — PR #861

Change: Docker base image digest bump for node:26-alpine in /frontend — same major version (Node 26), same Alpine tag, new underlying digest (a2dc166 → 725aeba). This is a routine OS/security patch update within the same version, not a version bump.

Risk: Very low. No Node.js version change, no API changes, no breaking changes possible from a digest-only update. Frontend build tooling continues on Node 26 Alpine.

CI status: Several checks still in progress (Pre-commit, Test, WASM Build, Security Audit, build/build). Will not merge until all required checks pass.

Decision: Will auto-merge once CI passes — this is a safe patch-level digest update with no breaking changes.