chore(deps-dev): bump web-vitals from 5.1.0 to 5.3.0

[dependabot]

Bumps web-vitals from 5.1.0 to 5.3.0.

Changelog

Sourced from web-vitals's changelog.

v5.3.0 (2026-05-28)

• Remove getFirstHiddenTimePolyfill (#729)
• Fixed issue where the same configuration object to multiple metric functions can result in errors (#731)
• Add more robust interactionTarget setting for INP (#744)

v5.2.0 (2026-03-25)

• Replace filter()[0] with find() for better performance (#658)
• Use queueMicrotask for microtask scheduling (#660)
• Simplify the event and LoAF entry clean up logic (#662)
• Remove obsolete FID polyfill types (#675)
• Use LargestContentfulPaint.id as fallback when element is removed from DOM (#676)
• Fix bug for onLCP when attached late (#697)
• FHandle initially hidden pages and onLCP registered on visibility change (#698)
• Ensure we clear idle callbacks in whenIdleOrHidden (#707)
• Limit pending events to conserve memory (#710)
• Add includeProcessedEventEntries option (#714)
• Reduce bundle size by refactoring (#713)

Commits

• a6a5846 Release v5.3.0
• fe42cba Prep changelog for v.5.3.0 (#745)
• c8a1419 Add better target selector attempts for INP (#744)
• 91ae2cb Bump fast-xml-parser from 5.5.7 to 5.7.1 (#730)
• 8e35542 fix: key initUnique instanceMap by class to prevent cross-class instance coll...
• 5595f31 Remove getFirstHiddenTimePolyfill (#729)
• 331486c Bump lodash from 4.17.23 to 4.18.1 (#723)
• 7917d30 Bump basic-ftp from 5.2.0 to 5.2.2 (#727)
• 7b7c84c Fix flakey test (#721)
• a86518a Bump picomatch from 2.3.1 to 2.3.2 (#720)
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Bump web-vitals to 5.3.0 to pick up INP target improvements, bug fixes, and minor performance tweaks. Keeps our performance metrics tooling current.

• Dependencies
  • Update web-vitals from 5.1.0 to 5.3.0 in apps/codex-claw (dev dependency).
  • Upstream highlights: better INP interactionTarget, fix for reused config objects, microtask scheduling and cleanup tweaks.
  • Note: package now runs a modified prepare script during install.

^{Written for commit 7ae54d9. Summary will update on new commits.}

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.