Update overall dependencies

[juliolmuller]

Summary by CodeRabbit

• Chores
  • Updated all development dependencies and build tooling packages to their latest compatible patch and minor versions throughout the monorepo, including Babel presets, Rollup plugins, TypeScript tooling, Node type definitions, and ESLint configuration
  • Configured changeset-based version management tracking for upcoming patch version releases across multiple packages
  • Refreshed and updated test coverage measurement data across test suites

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[changeset-bot]

🦋 Changeset detected

Latest commit: ddd33b9

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 9 packages

Name	Type
cnpj-utils	Patch
cpf-utils	Patch
br-utils	Patch
@lacussoft/cnpj-fmt	Patch
@lacussoft/cnpj-gen	Patch
@lacussoft/cnpj-val	Patch
@lacussoft/cpf-fmt	Patch
@lacussoft/cpf-gen	Patch
@lacussoft/cpf-val	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
cpf-utils	Ready	Preview	Comment	Dec 8, 2025 7:45pm

[coderabbitai]

Walkthrough

This PR updates development dependencies across the project to newer versions, affecting the root and multiple package-specific package.json files. A new changeset file marks several packages for patch version releases. Coverage metrics in lcov.info files are also updated.

Changes

Cohort / File(s)	Summary
Changeset file .changeset/fine-carrots-open.md	New file documenting patch version increments for eight packages (cnpj-utils, cpf-utils, br-utils, and lacussoft packages); marks changes as "Update overall dependencies."
Root dependencies package.json	Dev dependencies updated: @changesets/cli, @commitlint/cli, @commitlint/config-conventional, eslint, eslint-config-any, lint-staged, prettier, typescript to newer minor/patch versions.
Build tooling across packages packages/{cnpj-fmt,cnpj-gen,cnpj-utils,cnpj-val,cpf-fmt,cpf-gen,cpf-utils,cpf-val,br-utils}/package.json	Consistent dev dependency version bumps across all packages: Babel preset-env, Rollup plugins (babel, commonjs, node-resolve, typescript), Rollup core, rollup-plugin-dts, @types/node, typescript. Some packages also updated dependency num-only.
Coverage reports packages/{cnpj-fmt,cnpj-gen,cnpj-val,cpf-fmt,cpf-gen,cpf-val}/tests/__coverage__/lcov.info	Line coverage (LF) metrics decreased across multiple coverage records; all other coverage fields unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

• Verify dependency version increments are intentional and compatible across packages
• Confirm coverage metric reductions are expected outcomes from code changes (not regressions)
• Check that all package.json updates follow a consistent versioning strategy across the monorepo

Poem

🐰 Hop along with newer tools, the dev-dependencies dance,
Rollup, Babel, TypeScript—all get their second chance,
Coverage numbers shift like carrots in the ground,
With patch-sized bumps and changes, springtime's come around! 🥕

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Update overall dependencies' accurately summarizes the main change across the entire changeset, which consists entirely of dependency version updates across multiple package.json files and related configuration updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/update-deps

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

package.json (1)

82-84: Dev‑tool bumps look reasonable; double‑check commitlint v20 compatibility

The updated devDependencies are all tooling‑related and in‑scope for this PR. The only potentially breaking changes are the major upgrades to @commitlint/cli and @commitlint/config-conventional (19→20); please ensure:

• your Node/CI versions satisfy their new engine requirements, and
• existing commitlint config still passes under v20.

Everything else (eslint, prettier, lint‑staged, typescript, etc.) are patch/minor bumps and should be low‑risk.

Also applies to: 87-88, 90-92

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 499e7e7 and ddd33b9.

⛔ Files ignored due to path filters (1)

• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (17)

• .changeset/fine-carrots-open.md (1 hunks)
• package.json (1 hunks)
• packages/br-utils/package.json (1 hunks)
• packages/cnpj-fmt/package.json (1 hunks)
• packages/cnpj-fmt/tests/__coverage__/lcov.info (1 hunks)
• packages/cnpj-gen/package.json (1 hunks)
• packages/cnpj-gen/tests/__coverage__/lcov.info (2 hunks)
• packages/cnpj-utils/package.json (1 hunks)
• packages/cnpj-val/package.json (1 hunks)
• packages/cnpj-val/tests/__coverage__/lcov.info (3 hunks)
• packages/cpf-fmt/package.json (1 hunks)
• packages/cpf-fmt/tests/__coverage__/lcov.info (1 hunks)
• packages/cpf-gen/package.json (1 hunks)
• packages/cpf-gen/tests/__coverage__/lcov.info (2 hunks)
• packages/cpf-utils/package.json (1 hunks)
• packages/cpf-val/package.json (1 hunks)
• packages/cpf-val/tests/__coverage__/lcov.info (3 hunks)

🔇 Additional comments (9)

packages/cpf-fmt/tests/__coverage__/lcov.info (1)

67-67: LCOV artifact change looks consistent

LF:62 matches LH:62; this looks like a regenerated coverage artifact from the updated toolchain, nothing concerning here.

packages/cpf-gen/tests/__coverage__/lcov.info (1)

67-67: Updated LF counts are internally consistent

Both updated LF values (62 and 37) remain ≥ their respective LH values (44 and 37), so the regenerated coverage data is structurally valid.

Also applies to: 111-111

packages/cnpj-val/tests/__coverage__/lcov.info (1)

67-67: Coverage LF reductions align with LH values

All three updated LF values (62, 42, 12) are compatible with their LH values (20, 37, 12). This looks like expected output from a newer coverage/tooling version.

Also applies to: 116-116, 135-135

packages/cnpj-fmt/tests/__coverage__/lcov.info (1)

69-69: LCOV summary remains coherent after LF update

LF:64 now matches LH:64, so the updated summary still reflects 100% line coverage for this file under the new tooling.

packages/cnpj-gen/tests/__coverage__/lcov.info (1)

69-69: Regenerated coverage data appears valid

The new LF counts (64 and 43) are still ≥ their LH counterparts (46 and 42), so these LCOV updates look like normal fallout from dependency/tooling upgrades.

Also applies to: 119-119

packages/cpf-val/tests/__coverage__/lcov.info (1)

67-67: Consistent LF adjustments across cpf‑val coverage records

All three updated LF values (62, 37, 13) correctly bound their corresponding LH values (21, 33, 13); looks like expected regenerated coverage with the updated toolchain.

Also applies to: 111-111, 131-131

.changeset/fine-carrots-open.md (1)

1-13: Changeset scope matches dependency‑only updates

Tagging all affected packages with a patch bump for “Update overall dependencies” aligns with the dev‑tooling/coverage‑only nature of this PR.

packages/cnpj-gen/package.json (2)

54-74: Verify build pipeline compatibility after dependency updates.

While dependency version bumps are routine maintenance, these toolchain and build tool updates (particularly the major version jump in @rollup/plugin-commonjs and minor updates to multiple Rollup plugins) should be validated to ensure the build pipeline continues to function correctly and produces valid CommonJS and ESM outputs.

Please confirm that:

1. The build completes successfully with all updated dependencies
2. Generated artifacts (.cjs, .mjs, .d.ts) are valid and correctly formatted
3. No new peer dependency conflicts are introduced
4. Test coverage remains intact post-update

---

57-57: @rollup/plugin-commonjs v29.0.0 upgrade is safe with default configuration.

The major version bump to @rollup/plugin-commonjs 29.0.0 introduces a breaking change related to the requireNodeBuiltins option, which controls how Node built-ins from wrapped CommonJS modules are handled. However, since the rollup configuration does not explicitly set this option, the default value (requireNodeBuiltins: false) is used, maintaining backward compatibility and hoisting Node built-ins as ESM imports as before. The upgrade should not require any code changes.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

Rollup 4.53.3 @rollup/plugin-babel 6.1.0 @rollup/plugin-commonjs 29.0.0 @rollup/plugin-node-resolve 16.0.3 @rollup/plugin-typescript 12.3.0 compatibility

💡 Result:

Short answer: Yes — Rollup 4.53.3 is compatible with those plugin versions, but check Node and peer-deps and a couple of usage details.

Key points

• Rollup 4.53.3 (released Nov 19, 2025) — update to Rollup 4 requires Node 18+ and “update all your Rollup plugins to their latest versions.” Test your config after upgrading. [1][2]
• @rollup/plugin-babel 6.1.0 — current plugin release; works with Rollup 4 (ensure babelHelpers config and place commonjs before babel if using both). [3]
• @rollup/plugin-commonjs 29.0.0 — current release; compatible with Rollup 4. Put commonjs before babel in plugins array when needed. [4]
• @rollup/plugin-node-resolve 16.0.3 — current release; compatible with Rollup 4. [5]
• @rollup/plugin-typescript 12.3.0 — current release; compatible with Rollup 4 but requires installing TypeScript and tslib as peer deps (and node LTS). Test TypeScript-specific config after upgrade. [6]

Recommendations

• Use Node 18+ (Rollup 4 requirement). [2]
• Install plugin peer deps (typescript, tslib, @babel/core, etc.) and run your full build/test suite after upgrading. [3][6]
• If you hit type errors from plugin typing changes, update TypeScript and plugin types and check the Rollup migration guide for breaking changes. [2]

Sources
[1] Rollup release v4.53.3 (GitHub).
[2] Rollup migration / Rollup 4 prerequisites (rollupjs.org).
[3] @rollup/plugin-babel (jsdocs / npm).
[4] @rollup/plugin-commonjs (jsdocs).
[5] @rollup/plugin-node-resolve (jsdocs).
[6] @rollup/plugin-typescript (npm / Snyk).

---

Verify Node version requirement and plugin peer dependencies after Rollup ecosystem upgrade.

The devDependency updates are compatible: Rollup 4.53.3 works with @rollup/plugin-babel 6.1.0, @rollup/plugin-commonjs 29.0.0, @rollup/plugin-node-resolve 16.0.3, and @rollup/plugin-typescript 12.3.0. However, Rollup 4 requires Node 18+, and the plugins require peer dependencies (typescript, tslib, @babel/core) to be installed. Additionally, ensure @rollup/plugin-commonjs is placed before @rollup/plugin-babel in the plugins array if both are used. Run the full build and test suite after upgrading to verify the configuration works.

🤖 Prompt for AI Agents

In packages/br-utils/package.json around lines 68 to 79, after upgrading Rollup
and its plugins ensure the package declares the Node engine requirement (set
engines.node >=18) and that required peer dependencies are present in
devDependencies (install/types as needed: typescript is present but add/verify
tslib and @babel/core), update package.json devDependencies accordingly, adjust
your rollup config to place @rollup/plugin-commonjs before @rollup/plugin-babel
in the plugins array, and then run the full build and test suite to confirm the
configuration works.