chore(deps): update dependencies

[adrianschmidt]

What

Dependency refresh within a moderate-risk scope (safe minor/patch +
low-risk majors; high-risk majors deferred).

Bumped

• @rjsf/*, @stencil/core, @microsoft/api-extractor, all @types/*
• cross-env 7 → 10, diff 8 → 9 (diffLines/diffWords API
  unchanged), eslint 9.34 → 9.39
• dayjs, postal-mime, prettier 3.5 → 3.8, prosemirror-*
  (model deduped to 1.25.7), react/react-dom 19.1 → 19.2,
  sortablejs, style-to-object, tabulator-tables

form.types.ts / vitest-setup-browser.ts changes are prettier 3.8
reformatting only.

Deferred (with reasons)

• @rollup/plugin-node-resolve 13 → 16: v16's module resolution
  breaks Stencil's CommonJS parsing of @rjsf at build time (isolated
  and confirmed). Held at 13.x.
• ESLint 9 → 10: removes core stylistic rules still in use; repo also
  has /* eslint-env */ comments that become errors in v10.
• TypeScript 4 → 6, CodeMirror 5 → 6, material-components-web 13 → 14,
  @commitlint/config-conventional 19 → 20: high-risk / low-value majors
  for a separate effort. (TS 4.9 → 5.x is a good standalone follow-up.)

Note on the fsevents/glob warnings

Those originate from the currently-published kompendium@1.1.1. They
are fixed in jgroth/kompendium#183; once that releases, bumping
kompendium here will clear them.

Verification

npm run build ×2 and npm run lint (0 warnings) green. Full test
suite: 1332 passed, with 19 failures that are pre-existing — a
clean-baseline run (changes stashed, npm ci) reproduces the identical
19 failures (local-env MutationObserver/PDF-fixture issues, unrelated
to these bumps).

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated development tooling and UI-related library versions, and adjusted package installation so some libraries are development-only.
• Tests
  • Improved browser/DOM test setup by simulating PDF asset fetching, adding safer HTMLElement handling, providing an input validity shim, and mocking MutationObserver.
• Documentation
  • Enhanced the documentation publishing process with more reliable synchronous file replacements.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: bbffb7e5-7ef9-4e46-a0ea-39d6a246d6d5

📥 Commits

Reviewing files that changed from the base of the PR and between 5c22bcf and ecbbd2f.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (5)

• package.json
• publish-docs.cjs
• src/components/form/form.types.ts
• vitest-setup-browser.ts
• vitest-setup.ts

---

📝 Walkthrough

Walkthrough

This PR updates the development environment by bumping dependency versions across the tooling ecosystem, adapting build scripts to the updated replace-in-file API, adding test environment compatibility shims for mock-doc limitations, and reformatting type definitions.

Changes

Development Environment Updates

Layer / File(s)	Summary
Dependency version updates package.json	Bumps devDependencies for @stencil/, @rjsf/, @microsoft/api-extractor, vitest, React types, cross-env, dayjs, diff, eslint, glob, globals, prettier, prosemirror-*, react/react-dom, replace-in-file, sortablejs, tabulator-tables, postal-mime, and related tooling. Moves diff and sortablejs from production dependencies to devDependencies.
Documentation build tool API update publish-docs.cjs	Adapts to the replace-in-file package update by destructuring replaceInFileSync and replacing replace.sync() calls with the new named export.
Test DOM and fetch compatibility vitest-setup-browser.ts, vitest-setup.ts	Adds globalThis.fetch override to mock PDF asset responses in browser tests; patches globalThis.HTMLElement for instanceof consistency; provides validity property shim for input elements to support Material field initialization; adds MutationObserver mock for component initialization.
Type generic constraint reformatting src/components/form/form.types.ts	Reformats GridLayoutOptions, RowLayoutOptions, and FormSchema generic constraints across multiple lines without changing type semantics.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Possibly related PRs

• Lundalogik/lime-elements#3607: Both PRs modify the documentation build pipeline in publish-docs.cjs, updating how replace-in-file is used and which docs files are processed during build operations.
• Lundalogik/lime-elements#3967: Both PRs bump the diff dependency version, with the main PR moving it from production to devDependencies.
• Lundalogik/lime-elements#3895: Both PRs update @stencil/* toolchain dependencies as part of broader development environment refreshes.

Suggested labels

released

Suggested reviewers

• jgroth
• Befkadu1

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'chore(deps): update dependencies' is vague and generic, using non-descriptive language that does not convey meaningful information about the specific dependency updates or the nature of the changes beyond the fact that dependencies were updated.	Consider making the title more specific, such as 'chore(deps): update devDependencies and fix vitest setup' or 'chore(deps): update dependencies and add browser fetch/DOM compatibility patches' to better reflect the substantial changes to testing infrastructure.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch update-dependencies

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Documentation has been published to https://lundalogik.github.io/lime-elements/versions/PR-4099/

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@package.json`:
- Around line 73-74: The packages `diff` and `sortablejs` are currently listed
only in `devDependencies` but are imported in shipped runtime code files:
`src/components/form/templates/array-field.ts` (sortablejs),
`src/components/code-diff/diff-engine.ts` (diff), and
`src/components/drag-handle/examples/drag-handle-horizontal.tsx` (sortablejs).
Move both `diff` and `sortablejs` entries from the `devDependencies` section to
the `dependencies` section in package.json to ensure consumers of this package
receive these required modules when installing, preventing runtime import
failures.

In `@vitest-setup-browser.ts`:
- Around line 20-23: The URL extraction logic in the globalThis.fetch function
does not properly handle Request objects. Currently, when a Request object is
passed as the input parameter, calling toString() on it returns "[object
Request]" instead of the actual URL. Fix this by checking if the input is a
Request object first and extracting its url property before handling the string
case. Update the URL extraction logic to use the pattern: if input is a Request,
use input.url; otherwise if input is a string, use it directly; otherwise call
toString() on the URL object.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 9658fb1f-6490-407a-8547-c7970b3e352f

📥 Commits

Reviewing files that changed from the base of the PR and between 9362dc3 and 5c22bcf.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (5)

• package.json
• publish-docs.cjs
• src/components/form/form.types.ts
• vitest-setup-browser.ts
• vitest-setup.ts

[lime-opensource]

🎉 This PR is included in version 39.34.1 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀