chore: use public packages from @deepnote/ org in npm

[saltenasl]

Fixes #

Summary by CodeRabbit

• Chores
  • Updated internal dependencies (@deepnote packages) to latest compatible versions for enhanced stability and performance.
  • Streamlined continuous integration and deployment infrastructure by simplifying configuration settings and improving build process efficiency.

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

This PR removes GitHub Package Registry integration across CI/CD workflows and npm configuration. Changes include eliminating packages: read permissions from GitHub Actions workflows, removing registry-url and scope settings from Node.js setup steps, stripping NODE_AUTH_TOKEN environment variables, and deleting the scoped npmrc entry for @deepnote. Additionally, transitive dependencies (@deepnote/blocks and @deepnote/convert) are upgraded, likely reflecting their availability on the default npm registry.

Possibly related PRs

• chore(deps): pin dependencies #46: Modifies the same actions/setup-node workflow steps in parallel, pinning action references to specific commit SHAs while this PR removes registry/auth configuration.

Suggested reviewers

• Artmann
• jamesbhobbs

Pre-merge checks

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "chore: use public packages from @deepnote/ org in npm" accurately summarizes the primary change: migrating from private npm registry configuration to public packages. The PR systematically removes GitHub Actions package read permissions, registry-url/scope configurations, and NODE_AUTH_TOKEN environment variables across multiple workflows, plus removes the scoped registry from .npmrc and renovate.json. The title is concise, specific, and clearly conveys the core objective without listing implementation details.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73%. Comparing base (e53b235) to head (64a59ea).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@          Coverage Diff          @@
##            main    #154   +/-   ##
=====================================
  Coverage     73%     73%           
=====================================
  Files        548     548           
  Lines      43272   43272           
  Branches    5256    5256           
=====================================
  Hits       31590   31590           
  Misses      9942    9942           
  Partials    1740    1740           

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.