chore: lib updates

[hmbanan666]

Summary by CodeRabbit

• Chores
  • Updated package manager and development dependencies to latest versions.
  • Removed unused build tooling.
  • Updated build configuration and scripts.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​node@​24.6.0 ⏵ 24.8.1	+1		+1
	bumpp@​10.2.3 ⏵ 10.3.1			+1	+5
	@​antfu/​eslint-config@​5.4.1 ⏵ 6.0.0	+1			-2
	eslint@​9.37.0 ⏵ 9.38.0	+1			+2
	lint-staged@​16.2.3 ⏵ 16.2.4				+2
	playwright@​1.55.1 ⏵ 1.56.1

View full report

[coderabbitai]

Walkthrough

Dependency versions updated across the workspace with removal of specific build tools (tsx, vite, vue-tsc, vitest-browser-vue). Build configuration adjusted to use native TypeScript compiler. Export map simplified in the queue package and utility scripts added. Workspace configuration updated with modified hoisting and build dependency patterns.

Changes

Cohort / File(s)	Summary
Root Package Manager & Build Tools package.json	pnpm version bumped to 10.18.3; build:types now uses tsc --emitDeclarationOnly instead of vue-tsc; removed dev dependencies for tsx, vite, vitest-browser-vue, vue-tsc
Queue Package Configuration packages/queue/package.json	Exports map simplified to only include import mapping; added clean and clean:modules scripts
Workspace Dependencies pnpm-workspace.yaml	Updated versions: @antfu/eslint-config (^6.0.0), bumpp (^10.3.1), eslint (^9.38.0), lint-staged (^16.2.4), playwright (^1.56.1), @types/node (^24.8.1); removed tsx, vite, vue-tsc, vitest-browser-vue; added esbuild to ignoredBuiltDependencies; removed vitest-browser-vue from publicHoistPattern

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Most changes are routine dependency version updates and straightforward configuration adjustments with clear, repetitive patterns. The export simplification and script additions are minor structural changes requiring minimal scrutiny.

Poem

🐰 We hopped through the deps with a broom and a sigh,
Swept out the old tools that no longer comply,
tsc now builds without vue-tsc's dance,
pnpm's fresh version gets its advance,
Cleaner configs, tidier space—our workspace takes flight! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title Check	❓ Inconclusive	The pull request title "chore: lib updates" is vague and generic, failing to provide specific information about what was changed. While the title is loosely related to the changeset since the PR does involve library and dependency updates, it uses non-descriptive language similar to terms like "misc updates" that don't convey meaningful information about the scope or purpose of the changes. A reader scanning the commit history would not clearly understand what specific libraries were updated or what the primary objectives of this change were.	Consider revising the title to be more specific and descriptive of the changes. For example, "chore: update dev dependencies and remove unused tooling" would better communicate the actual work done (updating dependencies, removing tsx/vite/vue-tsc, and simplifying exports) without being overly vague.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch update

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 23e66b6 and e4b4a2b.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (3)

• package.json (2 hunks)
• packages/queue/package.json (2 hunks)
• pnpm-workspace.yaml (1 hunks)

🔇 Additional comments (7)

packages/queue/package.json (2)

20-27: ⚠️ Breaking change: Exports map now ESM-only

The removal of the "require" field from the exports map makes @nextorders/queue an ESM-only package. This is a breaking change for any CommonJS consumers. Since the package is marked "type": "module", this aligns with that declaration, but it should be:

• Documented in the CHANGELOG
• Reflected in a major version bump (currently 0.3.0)
• Communicated to users who rely on CommonJS imports

Verify this is intentional and expected.

---

36-37: ✓ Good: Clean scripts align with monorepo pattern

The addition of clean and clean:modules scripts follows the established pattern in the root package.json and provides explicit cleanup targets.

pnpm-workspace.yaml (3)

32-34: ✓ Good: publicHoistPattern updated consistently

Removal of vitest-browser-vue from publicHoistPattern aligns with its removal from the development dependencies.

---

24-26: ****

The original concern mischaracterizes what ignoredBuiltDependencies does—it suppresses warnings about packages not being built and skips their build scripts, but the packages are still installed. Since unbuild explicitly depends on esbuild (version ^0.25.8), adding esbuild to ignoredBuiltDependencies will not break builds. The package will remain available; only its native module compilation will be skipped, which is acceptable for this use case.

Likely an incorrect or invalid review comment.

---

7-7: Configuration is technically compatible with @antfu/eslint-config v6.0.0

The codebase already uses the flat-config model (eslint.config.mjs) required by v6, and ESLint ^9.38.0 satisfies the v9.5.0+ peer dependency. The configuration syntax is correct for v6.

However, manual verification is still needed: v6 may introduce stricter rules that cause new linting errors. Please run npm run lint (or pnpm lint) after upgrading to confirm no new violations are introduced.

package.json (2)

17-17: No issues found — build tool migration is safe

Verification confirms the repository contains no .vue files and vue-tsc has been cleanly removed from devDependencies. The change from vue-tsc to tsc is appropriate for this TypeScript-only project and poses no risk to type generation. The single Vue reference in package.json is only in the lint-staged file pattern and does not indicate Vue dependency.

---

31-43: Original review comment is incorrect and should be disregarded.

The claimed removed tools (tsx, vite, vitest-browser-vue, vue-tsc) are not present in the current package.json devDependencies and do not appear to be removed by this PR. Evidence:

• No npm scripts invoke these tools directly: All test scripts use only vitest (lines 25-28), which is retained in devDependencies.
• No CI/CD files exist that reference these tools.
• vitest-browser-vue does not exist anywhere in the repository.
• The .tsx reference on line 46 is merely a glob pattern in lint-staged configuration for matching file extensions, not a tool invocation.

All test dependencies are correctly maintained and functional.

Likely an incorrect or invalid review comment.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}