chore(deps): upgrade all packages to latest

[zrosenbauer]

Summary

• Upgrade outdated dependencies: @typescript/native-preview, @zpress/kit, oxfmt, oxlint, turbo, dotenv, @types/node, @vitest/coverage-v8, tsdown, vitest
• Move yaml to pnpm catalog (used in root, packages/core, packages/cli)

Test plan

• pnpm check passes (typecheck + lint + format)
• pnpm test passes
• CI green

[changeset-bot]

🦋 Changeset detected

Latest commit: f638409

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 0 packages

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
oss-kidd	Ignored	Preview	Apr 14, 2026 10:37pm

[codspeed-hq]

Merging this PR will not alter performance

✅ 2 untouched benchmarks
⏩ 2 skipped benchmarks¹

---

_{Comparing chore/upgrade-deps-latest-2 (f638409) with main (c2c3b7f)}

Footnotes

1. 2 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: a3ed23e4-6131-4deb-be30-598aba61a49a

📥 Commits

Reviewing files that changed from the base of the PR and between 7e4fe62 and f638409.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml, !pnpm-lock.yaml

📒 Files selected for processing (1)

• packages/bundler/tsconfig.json

---

📝 Walkthrough

Walkthrough

The PR updates development and workspace dependencies across the monorepo. Root package.json dev dependencies are bumped (@typescript/native-preview, @zpress/kit, oxfmt, oxlint, turbo). The yaml package is migrated from direct version pins to pnpm workspace catalog resolution in root, cli, and core packages. The pnpm-workspace.yaml catalog is updated with bumped versions for @types/node, @vitest/coverage-v8, tsdown, and vitest, plus a new yaml entry. Additionally, packages/bundler/tsconfig.json removes bun from compiler types.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• chore(deps): update all dependencies to latest versions #61: Coordinates dependency bumps across package manifests with same dependency fields (@typescript/native-preview, yaml catalog).
• chore(deps): update all dependencies to latest versions #59: Overlaps on dev-dependency version updates (@typescript/native-preview, oxfmt, oxlint, turbo) across the monorepo.
• chore(deps): upgrade all dependencies #53: Performs coordinated dependency and version catalog updates across root, packages/cli, and packages/core manifests.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: upgrading dependencies across multiple packages.
Description check	✅ Passed	The description clearly outlines the upgrade objectives and test plan, directly related to the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/upgrade-deps-latest-2

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/core/package.json`:
- Around line 85-91: The two changeset files (.changeset/fix-lint-warnings.md
and .changeset/upgrade-deps-latest.md) only contain YAML frontmatter and must
declare the affected packages and change types; update each changeset to include
entries for the modified packages (core, cli, config, utils, bundler) with
appropriate change types (e.g., `@kidd-cli/core`: patch, `@kidd-cli/cli`: patch,
`@kidd-cli/config`: patch, `@kidd-cli/utils`: patch, `@kidd-cli/bundler`: patch) so
the changesets are valid and will trigger package releases.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: e8db3ff3-3410-4bc8-932f-b17948b6c97b

📥 Commits

Reviewing files that changed from the base of the PR and between c2c3b7f and 070532e.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml, !pnpm-lock.yaml

📒 Files selected for processing (5)

• package.json
• packages/bundler/package.json
• packages/cli/package.json
• packages/core/package.json
• pnpm-workspace.yaml

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/bundler/package.json`:
- Line 51: Remove the unnecessary TypeScript type package from devDependencies:
delete the "@types/bun" entry from the bundler package.json devDependencies
section since the code only invokes bun as a CLI subprocess and does not import
or use Bun runtime APIs; update package.json accordingly and run npm/yarn
install to refresh lockfile if needed.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: b70a9b84-a251-488a-b055-6d4615bb4568

📥 Commits

Reviewing files that changed from the base of the PR and between 070532e and 7e4fe62.

⛔ Files ignored due to path filters (1)

• .changeset/fifty-poems-shake.md is excluded by !.changeset/**

📒 Files selected for processing (2)

• packages/bundler/package.json
• packages/cli/package.json