PR for v0.1.1

[ThomasJejkal]

Summary by CodeRabbit

• Chores
  • Upgraded Node.js runtime to version 24
  • Updated Storybook to v10 with latest web component tooling
  • Bumped Vite, Lerna, and Workbox dependencies to latest stable versions
  • Updated GitHub Actions workflow runners for improved CI/CD stability
  • Modified TypeScript module resolution for enhanced bundler compatibility

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Warning

Rate limit exceeded

@ThomasJejkal has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 8 minutes and 42 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 1a8a063 and 1adbd27.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (7)

• .github/workflows/npm-ci.yml
• package.json
• packages/stencil-library/.storybook/main.js
• packages/stencil-library/.storybook/preview.js
• packages/stencil-library/eslint.config.mjs
• packages/stencil-library/package.json
• packages/stencil-library/src/stories/data-card.stories.ts

📝 Walkthrough

Walkthrough

Bumped CI action versions and Node runtime (20→24) in workflows, updated root and package-specific dependencies (lerna, workbox-build, vite, Storybook packages), and changed TypeScript module resolution to "bundler" in the stencil-library tsconfig. No API or exported signatures changed.

Changes

Cohort / File(s)	Summary
GitHub Actions workflows .github/workflows/deploy-storybook.yml, .github/workflows/npm-ci.yml, .github/workflows/real-npm-publish.yml	Upgraded action versions (checkout v4→v6, setup-node v4→v6, upload-pages-artifact v3→v4, upload-artifact v4→v6, download-artifact v4→v7) and bumped Node.js runner from 20→24.
Root package dependencies package.json	Updated dev/dependencies: lerna ^8.2.3→^9.0.0, workbox-build ^4.3.1→^7.0.0, vite 7.1.11→7.3.1.
Stencil library Storybook deps packages/stencil-library/package.json	Upgraded Storybook packages from ^9.0.4→^10.0.0 (@storybook/addon-docs, @storybook/addon-links, @storybook/web-components, @storybook/web-components-vite, storybook).
Stencil library TypeScript config packages/stencil-library/tsconfig.json	Changed moduleResolution from "node" to "bundler".

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• PR for v0.0.22 #52 — Similar updates to GitHub Actions workflows and dependency version bumps affecting CI and storybook deployment.
• PR for v0.0.24 #187 — Overlaps in CI/workflow edits and Storybook dependency upgrades in package manifests.
• PR for v0.1.0 #258 — Related workflow changes; also updates deploy/storybook/job definitions and action versions.

"I hopped through code with nimble cheer,
Bumped node and actions, new versions near,
Storybook dressed in brand-new hue,
Tsconfig tidy, dependencies too,
A rabbit's wink—builds run clear!" 🐇✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'PR for v0.1.1' is vague and generic; it does not meaningfully describe what changes the PR actually contains.	Replace the generic title with a specific summary of the main changes, such as 'Update GitHub Actions, dependencies, and TypeScript configuration' or 'Upgrade GitHub Actions versions, Storybook, and Node.js'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @package.json:
- Around line 8-16: CI is testing Node 18 but package.json upgrades (lerna v9
and vite 7.3.1) require Node ≥20.19 / ≥22.12 / ≥24, so update your workflow to
remove Node 18 from the test matrix (or pin to a supported Node version),
regenerate the lockfile by running npm install, and run npx lerna repair to
update lerna.json for v9 compatibility; also confirm workbox-build upgrade needs
no config changes.

🧹 Nitpick comments (2)

.github/workflows/npm-ci.yml (1)

20-23: Add npm caching to speed up matrix builds in monorepo.

With the root package-lock.json, add cache: 'npm' to the setup-node step to cache dependencies across matrix jobs:

Recommended npm caching

       - uses: actions/setup-node@v6
         with:
           node-version: ${{ matrix.node }}
+          cache: 'npm'

This will improve CI performance by avoiding repeated npm ci downloads across the four Node versions (18, 20, 22, 24). The actions/setup-node@v6 automatically detects the root package-lock.json and manages the cache accordingly in your monorepo setup with lerna.

.github/workflows/deploy-storybook.yml (1)

15-18: Pin GitHub Actions by SHA for supply-chain hardening; major version breaking changes confirmed.

actions/checkout@v6 changed persist-credentials behavior (now uses separate credential file instead of .git/config), actions/setup-node@v6 removed the always-auth input, and actions/upload-pages-artifact@v4 excludes dotfiles by default—though none of these likely affect this workflow. The suggested cache: 'npm' parameter is valid and will enable npm caching in setup-node@v6 (it auto-caches npm by default but can be made explicit). Consider switching from tag pinning (v6, v4) to commit SHA pinning for better supply-chain hardening across all three actions.

Proposed hardening + caching

-      - uses: actions/checkout@v6
-      - uses: actions/setup-node@v6
+      - uses: actions/checkout@v6
+      - uses: actions/setup-node@v6
         with:
           node-version: 24
+          cache: 'npm'

Consider pinning actions to commit SHAs instead of mutable tags (e.g., actions/checkout@{SHA}) for enhanced supply-chain security.

Also applies to: 28-30 (actions/upload-pages-artifact@v4)

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b2ba4bd and 0bde6d3.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (4)

• .github/workflows/deploy-storybook.yml
• .github/workflows/npm-ci.yml
• .github/workflows/real-npm-publish.yml
• package.json

🔇 Additional comments (2)

package.json (1)

4-4: Confirm root version at line 4 matches the intended release version.

The root package.json shows "version": "0.1.0" but the PR appears to target v0.1.1. If this repo uses fixed-versioning with Lerna (rather than independent mode), the root version must be updated to 0.1.1. Additionally, the major dependency bumps (lerna ^9.0.0, workbox-build ^7.0.0) should be verified for compatibility, and confirm that package-lock.json or equivalent lockfile has been updated accordingly.

.github/workflows/real-npm-publish.yml (1)

21-25: Actions version upgrades are backwards compatible with existing workflow.

Verified that upload-artifact@v6 and download-artifact@v7 preserve name and path semantics, and checkout@v6 / setup-node@v6 do not break lerna publish. The workflow does not use the removed always-auth input.

Minor note: If using self-hosted runners, ensure runner version ≥ v2.327.1 for Node 24 support; GitHub-hosted runners are already current.

Regarding SHA pinning: this is an optional supply-chain hardening best practice but not required for these upgrades to function safely.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @packages/stencil-library/package.json:
- Around line 61-64: This upgrade to Storybook 10 in package.json requires
migrating to ESM config and ensuring Node compatibility: run npx
storybook@latest upgrade to apply automigrations, convert all .storybook/*.js|ts
config files to ESM syntax (use export default and import rather than
require/module.exports), verify you are running Node >=20.19 (or 22.12+) and add
an "engines": {"node": ">=20.19.0"} entry in package.json to enforce it, and
confirm the Storybook packages listed ("@storybook/addon-docs",
"@storybook/addon-links", "@storybook/web-components",
"@storybook/web-components-vite") are used with ESM-compatible imports and build
tooling.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0bde6d3 and 1a8a063.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• packages/stencil-library/package.json
• packages/stencil-library/tsconfig.json

🔇 Additional comments (1)

packages/stencil-library/tsconfig.json (1)

13-13: The moduleResolution change to "bundler" is compatible and recommended.

TypeScript 5.8.3+ and Stencil 4.41.0 both support this configuration. Bundler mode is the recommended approach for modern Stencil projects using TypeScript 5+. No further verification needed—this change aligns with current best practices.