fix: use specific @wundergraph/composition version to avoid breaking changes in control plane

[alepane21]

Summary by CodeRabbit

• Chores
  • Updated a package dependency to a specific released version.
• Tests
  • Adjusted a test import to use a local path for improved module resolution.

Checklist

• I have discussed my proposed changes in an issue and have received approval to proceed.
• I have followed the coding standards of the project.
• Tests or benchmarks have been added or updated.
• Documentation has been updated on https://github.com/wundergraph/cosmo-docs.
• I have read the Contributors Guide.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2e1cb8e and 4a534b7.

📒 Files selected for processing (1)

• controlplane/test/contracts.test.ts

---

Walkthrough

A dependency specifier in controlplane/package.json was changed from a workspace reference to a fixed version; a test file import path was updated to a relative module path.

Changes

Cohort / File(s)	Summary
Dependency Version Update controlplane/package.json	Changed @wundergraph/composition from workspace:* to fixed version 0.51.1.
Test import path update controlplane/test/contracts.test.ts	Adjusted import of normalizeString from an external module path to a relative path within the test file (module resolution update only).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: make dependency versions be fixed #2357: Modifies multiple package.json dependency specifiers to use fixed versions instead of dynamic references, sharing the same pattern of pinning workspace dependencies to explicit version numbers.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: pinning a specific @wundergraph/composition version to avoid breaking changes in the control plane. This directly aligns with the primary change in controlplane/package.json.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 43.87%. Comparing base (589af86) to head (4a534b7).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##            main    #2578       +/-   ##
==========================================
+ Coverage   1.49%   43.87%   +42.38%     
==========================================
  Files        294     1039      +745     
  Lines      47248   145764    +98516     
  Branches     433     9360     +8927     
==========================================
+ Hits         704    63954    +63250     
- Misses     46260    80114    +33854     
- Partials     284     1696     +1412     

see 745 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Router-nonroot image scan failed

❌ Security vulnerabilities found in image:

ghcr.io/wundergraph/cosmo/router:sha-0997e2f390c391555cc1860ac7066de02fb73165-nonroot

Please check the security vulnerabilities found in the PR.

If you believe this is a false positive, please add the vulnerability to the .trivyignore file and re-run the scan.

[StarpTech]

LGTM