chore(deps): bump nicegui from 3.9.0 to 3.10.0

[dependabot]

Bumps nicegui from 3.9.0 to 3.10.0.

Release notes

Sourced from nicegui's releases.

v3.10.0

Security

• ⚠️ Prevent filename sanitization bypass via ui.upload on Windows (GHSA-w8wv-vfpc-hw2w by @​offset, @​evnchn, @​falkoschindler)

New features and enhancements

• Add nested dictionary binding support for deeply nested data structures (#2978, #5738 by @​Aues6uen11Z, @​evnchn, @​falkoschindler)
• Add ui.status_code() to set HTTP status codes from page builders (#5810 by @​evnchn, @​falkoschindler)
• Add on_resize callback to ui.xterm to communicate terminal size to the PTY (#5847, #5858 by @​jacopofar, @​evnchn, @​falkoschindler)
• Unify awaitable handling across lifecycle hooks and tasks (#5878, #5879 by @​AlePiccin, @​falkoschindler, @​evnchn)
• Upgrade Docker image from Python 3.12 to 3.14 (#5900 by @​falkoschindler, @​evnchn, @​rodja)
• Allow ui.tab to find ui.tabs ancestor through intermediate containers (#5902 by @​falkoschindler, @​evnchn)
• Warn when native mode runs on a browser engine without ES module support (#5907, #5909 by @​drkspace, @​evnchn, @​iwr-redmond, @​falkoschindler)
• Split helpers.py into a package with focused submodules (#5916 by @​falkoschindler, @​evnchn)

Bugfixes

• Fix client.ip always reporting "127.0.0.1" behind reverse proxies and On Air (#4786, #5906, #5920 by @​ffilotto, @​evnchn, @​falkoschindler, @​stephanpalmer)
• Fix ValidationElement.error being ignored when no validation is set (#5895, #5903 by @​atollk, @​falkoschindler, @​evnchn)
• Fix built-in elements breaking when starting with tailwind=False (#5868, #5904 by @​platinops, @​evnchn, @​falkoschindler)
• Fix initialized() adding event listeners on every call (#5898 by @​falkoschindler, @​evnchn)
• Fix sad face visibility on dark mode error pages (#5899 by @​falkoschindler, @​evnchn)
• Fix refreshing sub pages from within nested parent elements (#5912, #5914 by @​ZeroPoint095, @​falkoschindler, @​evnchn)
• Fix Cmd/Ctrl-click on sub-page links not opening new tab (#5928 by @​falkoschindler, @​evnchn)
• Fix ui.timer callback tasks leaking when client disconnects mid-execution (#5930, #5931 by @​NiklasNeugebauer, @​falkoschindler, @​evnchn)

Documentation

• Redesign nicegui.io website (#5910, #5911, #5913, #5923 by @​falkoschindler, @​ma-le-design, @​rodja, @​evnchn)
• Fix truncated multi-line parameter descriptions in reference docs (#5808, #5905 by @​evnchn, @​falkoschindler)
• Add keyboard navigation to website search dialog (#5919 by @​falkoschindler, @​evnchn)
• Add Technological Foundations documentation page (#5835 by @​evnchn, @​falkoschindler)
• Surface documentation index for AI tooling and discoverability (#5834 by @​evnchn, @​falkoschindler, @​rodja, @​iwr-redmond)

Infrastructure

• Update .gitignore for Claude Code and Playwright MCP local files (#5893 by @​rodja, @​evnchn, @​falkoschindler)
• Add PR template instruction to AGENTS.md (#5894 by @​rodja, @​evnchn)
• Improve PR template checklist for clarity (#5896 by @​falkoschindler, @​evnchn)
• Auto-format Markdown files via pre-commit hook (#5897 by @​falkoschindler, @​evnchn)

---

Special thanks to our top sponsors Lechler GmbH and TestMu AI ✨

and all our other sponsors and contributors for supporting this project!

🙏 Want to support this project? Check out our GitHub Sponsors page to help us keep building amazing features!

Commits

• d38a702 Merge commit from fork
• 2580928 add Claude command for creating release notes
• efece4b update sponsors
• 88765c7 Upgrade vite to 7.3.2 to fix security vulnerability
• 5024551 Align AgGrid's is_special_dtype with Table's version
• 84c0bd9 Add missing return type annotations to Header toggle/show/hide
• 6b4afe5 Add autopep8 to pre-commit hooks
• 138fcfb Fix timer callback tasks leaking when client disconnects mid-execution (#5931)
• bc46e0b Add on_resize to xterm and show how to use it in xterm example (#5858)
• 315c1d1 fix Dependabot alerts related to lodash
• Additional commits viewable in compare view

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Dependabot does not support your uv version. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot does not support your uv version. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot does not support your uv version. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot does not support your uv version. Because of this, Dependabot cannot update this pull request.