chore(deps): Update dependencies and improve type safety

[yamadashy]

This PR updates multiple dependencies to their latest versions and fixes type safety issues in the browser extension.

Summary

Dependency Updates

• @secretlint packages: 9.3.x → 11.2.4 (major version bump)
• clipboardy: 4.0.0 → 5.0.0
• globby: 14.1.0 → 15.0.0
• log-update: 6.1.0 → 7.0.1
• tinypool: 1.1.1 → 2.0.0
• @clack/prompts: 0.10.1 → 0.11.0
• iconv-lite: 0.6.3 → 0.7.0
• commander: 14.0.0 → 14.0.1
• fast-xml-parser: 5.2.0 → 5.2.5
• minimatch: 10.0.1 → 10.0.3
• tiktoken: 1.0.20 → 1.0.22
• tsx: 4.20.5 → 4.20.6 (dev)
• vite: 7.1.6 → 7.1.7 (dev)

Type Safety Improvements

• Fixed linting warnings in browser/types.d.ts by replacing any return types with proper TypeScript definitions
• Added BackgroundDefinition and ContentScriptDefinition interfaces for WXT functions

DevContainer Update

• Updated Node.js version from 20 to 24 in .devcontainer/Dockerfile

Checklist

• Run npm run test
• Run npm run lint

🤖 Generated with Claude Code

[coderabbitai]

Walkthrough

Bumps the devcontainer base image to Node.js 24, tightens TypeScript type declarations for WXT APIs in browser/types.d.ts (introducing named interfaces and updated function signatures), and updates multiple dependency versions in package.json. No runtime logic or behavior changes are included.

Changes

Cohort / File(s)	Summary of Changes
Devcontainer base image .devcontainer/Dockerfile	Update base image from node:20 to node:24; other steps unchanged.
WXT type definitions browser/types.d.ts	Add BackgroundDefinition and ContentScriptDefinition interfaces; update defineBackground to return BackgroundDefinition; update defineContentScript to accept and return ContentScriptDefinition; adjust comments to reflect type imports.
Dependency version bumps package.json	Increment versions for multiple dependencies and devDependencies; no code or configuration structural changes.

Sequence Diagram(s)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat(browser): migrate from webextension-toolbox to WXT framework #859 — Similar edits to browser/types.d.ts, adjusting defineBackground and defineContentScript signatures.
• chore(deps): update Node.js version from 23.1.0 to 23.6.0 #284 — Updates Node.js versions in Dockerfiles/configs, aligning with this PR’s Node 24 devcontainer change.
• chore(deps): Update dependencies across browser and website packages #874 — Repository-wide dependency version bumps, matching this PR’s package.json updates.

Suggested labels

dependencies

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title succinctly captures the core changes in this pull request by highlighting both the dependency updates and the improvements to type safety, which are the main focuses of the diff. It is clear, specific, and directly reflects the modifications made across package.json, browser/types.d.ts, and the DevContainer, enabling reviewers to quickly grasp the intent without extraneous information.
Description Check	✅ Passed	The description provides a clear summary at the top, detailed breakdowns of dependency upgrades, type safety enhancements, and the DevContainer update, followed by a checklist confirming that tests and linting have been executed. It aligns with the repository’s template by including both a summary of changes and the required “## Checklist” section with the appropriate items. The information is complete and structured, offering reviewers all necessary context.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/deps

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7c12cca and 198c2fc.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• .devcontainer/Dockerfile (1 hunks)
• browser/types.d.ts (1 hunks)
• package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: Build and run (ubuntu-latest, 20.x)
• GitHub Check: Build and run (ubuntu-latest, 22.x)
• GitHub Check: Build and run (macos-latest, 22.x)
• GitHub Check: Build and run (ubuntu-latest, 24.x)
• GitHub Check: Test (ubuntu-latest, 20.x)
• GitHub Check: Test (macos-latest, 24.x)
• GitHub Check: Test (macos-latest, 22.x)
• GitHub Check: Test (ubuntu-latest, 22.x)
• GitHub Check: Test (windows-latest, 22.x)
• GitHub Check: Lint Browser Extension
• GitHub Check: Build and run with Bun (windows-latest, latest)

🔇 Additional comments (4)

browser/types.d.ts (1)

3-17: Excellent type safety improvements!

The addition of explicit BackgroundDefinition and ContentScriptDefinition interfaces with proper type signatures replaces the previous any types. This provides better IDE support, compile-time checking, and documentation.

The comment structure is clear:

• Lines 3-6: Type definitions for interfaces
• Lines 15-17: Function declarations that use those types

package.json (2)

81-101: Verify compatibility of major-version dependency updates.

• @secretlint/core & @secretlint/secretlint-rule-preset-recommend
• clipboardy
• globby
• log-update
• tinypool
• iconv-lite

Confirm these updated APIs align with existing usage and adjust code or tests as needed.

---

122-124: No change needed for Node.js engine requirement
All key dependencies support Node 20.x as their minimum (log-update accepts ≥20.0.0 or ≥22.0.0; others require ≥20 or lower), so "node": ">=20.0.0" remains valid. Bumping the engine to ≥22 or ≥24 isn’t necessary.

.devcontainer/Dockerfile (1)

1-1: Acknowledge Node.js 24 availability

Node.js v24.0.0 was officially released on May 6, 2025 and is available as the “current” release; no change is needed for FROM node:24.

Likely an incorrect or invalid review comment.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🧪 Early access (Sonnet 4.5): enabled

We are currently testing the Sonnet 4.5 model, which is expected to improve code review quality. However, this model may lead to increased noise levels in the review comments. Please disable the early access features if the noise level causes any inconvenience.

Note:

• Public repositories are always opted into early access features.
• You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR updates multiple dependencies to their latest versions and improves type safety in the browser extension. The changes focus on keeping dependencies current while maintaining compatibility.

• Updates major dependencies including @secretlint packages (9.3.x → 11.2.4), clipboardy (4.0.0 → 5.0.0), globby (14.1.0 → 15.0.0), and others
• Improves development environment by updating Node.js from version 20 to 24 in the devcontainer
• Minor version updates for development tools like tsx, vite, and oxlint

Reviewed Changes

Copilot reviewed 2 out of 4 changed files in this pull request and generated no comments.

File	Description
package.json	Updates 16 production and development dependencies to latest versions
.devcontainer/Dockerfile	Updates Node.js base image from version 20 to 24

[gemini-code-assist]

Summary of Changes

Hello @yamadashy, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on modernizing the project's dependencies and enhancing the robustness of the browser extension through improved type definitions. By upgrading numerous packages to their latest versions, including several major bumps, the project benefits from the newest features, performance improvements, and security patches. Concurrently, explicit type definitions have been introduced for WXT global functions, moving away from any types to provide clearer contracts and better compile-time validation. The development container's Node.js version has also been updated to ensure a consistent and up-to-date development environment.

Highlights

• Core Dependency Upgrades: Several key dependencies, including @secretlint packages, clipboardy, globby, log-update, and tinypool, have been updated to their latest major versions, bringing in new features and bug fixes.
• Enhanced Type Safety: The browser/types.d.ts file has been refactored to replace generic any return types with specific BackgroundDefinition and ContentScriptDefinition interfaces, significantly improving type clarity and reducing potential runtime errors in the browser extension.
• Development Environment Modernization: The .devcontainer/Dockerfile has been updated to use Node.js version 24, ensuring the development environment is aligned with the latest LTS release and best practices.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[cloudflare-workers-and-pages]

Deploying repomix with    Cloudflare Pages

Latest commit:	198c2fc
Status:	✅  Deploy successful!
Preview URL:	https://c598af1b.repomix.pages.dev
Branch Preview URL:	https://chore-deps.repomix.pages.dev

View logs

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.85%. Comparing base (7c12cca) to head (198c2fc).
⚠️ Report is 7 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #875   +/-   ##
=======================================
  Coverage   88.85%   88.85%           
=======================================
  Files         109      109           
  Lines        7575     7575           
  Branches     1423     1423           
=======================================
  Hits         6731     6731           
  Misses        844      844           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[gemini-code-assist]

Code Review

This pull request brings valuable updates to the project by upgrading numerous dependencies to their latest versions, including several major bumps that keep the codebase modern and secure. The improvements to type safety in browser/types.d.ts are particularly noteworthy, as replacing any types with specific BackgroundDefinition and ContentScriptDefinition interfaces enhances code clarity, maintainability, and robustness. The update to Node.js 24 in the DevContainer is also a welcome modernization. Overall, these are excellent changes that improve the project's health.