[codex] Pin current turborepo and Bun dev versions

[Kitenite]

What changed

• pinned the repo root turbo devDependency to 2.8.21
• added a tracked .bun-version file with 1.3.6
• updated GitHub Actions workflows to read Bun from .bun-version via bun-version-file
• refreshed bun.lock so the pinned dependency state installs cleanly with --frozen
• added !.bun-version to .gitignore so the Bun version file is tracked in this checkout

Why

The repo was mixing multiple Bun versions across workflows (1.3.2, 1.3.3, and 1.3.6) while the root package manager declaration already pointed at bun@1.3.6. Turbo was also still declared as a range in package.json even though the lockfile had already resolved to 2.8.21.

Pinning both tools removes version drift between local development and CI and makes the intended toolchain explicit.

Impact

• local development and CI now share a single Bun version source of truth
• Turbo is pinned to the current resolved stable version instead of a floating range
• frozen installs remain aligned with the committed manifests and lockfile

Validation

• bun install --lockfile-only
• bun install --frozen --ignore-scripts

---

Summary by cubic

Pin turbo to 2.8.21 and standardize on Bun 1.3.6 across local dev and CI by adding a .bun-version file and updating GitHub Actions to read it. This removes version drift and keeps frozen installs consistent.

• Dependencies
  • Pinned turbo devDependency to 2.8.21.
  • Added tracked .bun-version with 1.3.6; workflows now use bun-version-file in oven-sh/setup-bun@v2.
  • Regenerated bun.lock for clean bun install --frozen installs.
  • Updated .gitignore to ensure .bun-version is committed.

^{Written for commit 803119c. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Centralized Bun runtime version management across all build workflows for improved consistency and reproducibility
  • Updated build tool dependency for enhanced build performance and stability

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 319e8848-06fc-487f-99b2-1f7eda7607b4

📥 Commits

Reviewing files that changed from the base of the PR and between ce88250 and 803119c.

⛔ Files ignored due to path filters (1)

• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (10)

• .bun-version
• .github/workflows/build-desktop.yml
• .github/workflows/ci.yml
• .github/workflows/deploy-preview.yml
• .github/workflows/deploy-production.yml
• .github/workflows/generate-changelog.yml
• .github/workflows/triage-issue.yml
• .github/workflows/update-docs.yml
• .gitignore
• package.json

---

📝 Walkthrough

Walkthrough

A .bun-version file is introduced specifying version 1.3.6 to centralize Bun runtime version management. All GitHub Actions workflows are updated to source the Bun version from this file instead of using hardcoded values. The turbo dependency is locked to 2.8.21.

Changes

Cohort / File(s)	Summary
Bun version management .bun-version, .gitignore	Added .bun-version file with version 1.3.6 and updated .gitignore to explicitly track it.
GitHub Actions workflows .github/workflows/build-desktop.yml, .github/workflows/ci.yml, .github/workflows/deploy-preview.yml, .github/workflows/deploy-production.yml, .github/workflows/generate-changelog.yml, .github/workflows/triage-issue.yml, .github/workflows/update-docs.yml	All workflow setup-bun steps now reference the centralized .bun-version file instead of hardcoded versions (updated from 1.3.2, 1.3.3, and 1.3.6 variants).
Dependencies package.json	Updated turbo devDependency from ^2.8.7 to fixed version 2.8.21.

Poem

🐰 A version file hops into place,
No more scattered versions all over the space!
One .bun-version to rule them all,
Workflows in sync—won't they have a ball?
Turbo locked tight at 2.8.21, hooray! 🎉

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main changes: pinning turborepo to a specific version and standardizing Bun dev versions across the repository.
Description check	✅ Passed	The PR description provides comprehensive details on changes, rationale, and impact, though it does not follow the template structure with all required sections.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch pin-turborepo-and-bun-dev-versions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 11 files

[github-actions]

🚀 Preview Deployment

🔗 Preview Links

Service	Status	Link
Database (Neon)	✅	View Branch
Electric (Fly.io)	✅	View App
API (Vercel)	✅	Open Preview
Web (Vercel)	✅	Open Preview
Marketing (Vercel)	✅	Open Preview
Admin (Vercel)	✅	Open Preview
Docs (Vercel)	✅	Open Preview

---

Preview updates automatically with new commits