chore: update dependencies

[gameroman]

Summary by CodeRabbit

• Chores
  • Updated multiple project dependencies to newer versions
  • Updated build/configuration schema to the latest release
• Bug Fixes
  • Fixed an authentication redirect edge case to improve reliability
• Style
  • Cleaned up configuration file formatting for consistency

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated project configuration and dependencies: Biome schema bumped to 2.4.9, a Biome formatter override for wrangler.jsonc was removed, several npm package versions were updated, minor JSONC trailing comma fixes were applied, and a TypeScript suppression was added in an auth route.

Changes

Cohort / File(s)	Summary
Biome & Wrangler config biome.jsonc, wrangler.jsonc	Bumped Biome $schema to 2.4.9; removed the overrides block that targeted wrangler.jsonc formatting; removed trailing commas in three wrangler.jsonc fields for valid JSONC punctuation.
Dependencies package.json	Updated multiple dependency and devDependency versions (e.g., @astrojs/cloudflare, astro, solid-js, @biomejs/biome, wrangler, etc.); removed the rolldown override while keeping existing unstorage and esbuild overrides.
Auth route (TS change) src/pages/api/auth/login.ts	Replaced a non-null assertion on installations[0] with a // @ts-expect-error`` before accessing .id.toString(); control flow and redirect logic unchanged. Review TypeScript suppression for safety.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I nibble lines of JSON fine,

Schema hops from eight to nine.
Commas cleared, packages refreshed,
One little TS comment — softly meshed.
🥕✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title 'chore: update dependencies' is partially related to the changeset but does not capture the main changes comprehensively.	Consider using a more specific title that highlights the significant changes, such as 'chore: update dependencies and fix TypeScript errors in login handler' to better reflect the full scope including the wrangler.jsonc changes and the @ts-expect-error directive addition.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependencies

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	websim-github-integration	e2e2a5e	Commit Preview URL Branch Preview URL	Mar 30 2026, 09:00 PM

[coderabbitai]

🧹 Nitpick comments (1)

package.json (1)

31-33: Pin unstorage to exact pre-release version 2.0.0-alpha.7.

Line 33 uses floating dist-tag "alpha", which can point to different versions over time and reduce reproducibility. Replace with the currently resolved version:

Proposed change

-    "unstorage": "alpha"
+    "unstorage": "2.0.0-alpha.7"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` around lines 31 - 33, Replace the floating dist-tag override
for unstorage in the package.json overrides block: change the "unstorage":
"alpha" entry to pin the exact pre-release version "2.0.0-alpha.7" so the
dependency resolution is reproducible; update the overrides object accordingly
where "unstorage" is declared.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@package.json`:
- Around line 31-33: Replace the floating dist-tag override for unstorage in the
package.json overrides block: change the "unstorage": "alpha" entry to pin the
exact pre-release version "2.0.0-alpha.7" so the dependency resolution is
reproducible; update the overrides object accordingly where "unstorage" is
declared.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d394e6e0-45b1-4e78-a60e-cdf35305e6cb

📥 Commits

Reviewing files that changed from the base of the PR and between 0f910a0 and f62b7e4.

⛔ Files ignored due to path filters (1)

• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• biome.jsonc
• package.json
• wrangler.jsonc

[coderabbitai]

🧹 Nitpick comments (1)

src/pages/api/auth/login.ts (1)

74-75: Avoid @ts-expect-error in this auth redirect path.

Line 74 suppresses type checking for line 75. With noUncheckedIndexedAccess enabled in tsconfig, the length check on line 70 does not narrow the indexed access type—the suppression masks a real constraint. Replace it with explicit destructuring and narrowing instead.

Proposed fix

     if (installations.length === 1) {
+      const [installation] = installations;
+      if (!installation) {
+        throw new Error("Expected one installation");
+      }
       const authUrl = new URL(redirectUri);
       authUrl.searchParams.set(
         "installation_id",
-        // `@ts-expect-error`
-        installations[0].id.toString(),
+        String(installation.id),
       );
       authUrl.searchParams.set("state", state);
       return redirect(authUrl.toString(), 302);
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/pages/api/auth/login.ts` around lines 74 - 75, Remove the
`@ts-expect-error` and avoid indexing into installations directly; instead
destructure and narrow the first element before using its id. For example,
extract const firstInstallation = installations[0] (or const [firstInstallation]
= installations), guard with if (!firstInstallation) return or throw, then call
firstInstallation.id.toString(); update the usage that currently reads
installations[0].id.toString() to reference firstInstallation after the runtime
null/undefined check so TypeScript no longer needs suppression.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@src/pages/api/auth/login.ts`:
- Around line 74-75: Remove the `@ts-expect-error` and avoid indexing into
installations directly; instead destructure and narrow the first element before
using its id. For example, extract const firstInstallation = installations[0]
(or const [firstInstallation] = installations), guard with if
(!firstInstallation) return or throw, then call firstInstallation.id.toString();
update the usage that currently reads installations[0].id.toString() to
reference firstInstallation after the runtime null/undefined check so TypeScript
no longer needs suppression.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 21b5e228-c9e4-48c3-88ea-4de87d943ffb

📥 Commits

Reviewing files that changed from the base of the PR and between f62b7e4 and e2e2a5e.

📒 Files selected for processing (1)

• src/pages/api/auth/login.ts