1. Created workflow file: .github/workflows/deploy-demo.yml:1

[hbmartin]

• Builds the library first
  • Builds the demo with the library source bundled in
  • Deploys to GitHub Pages
  • Triggers on pushes to master branch and can be manually triggered
  2. Added build script: package.json:25
  • Added build:demo script for building the demo locally

Fixes #ABC

What did you change (functionally and technically)?

Checklist (remove this list before you submit the PR)

• Are there tests for the new code?
• Does the code comply to our code conventions?
• Does the PR resolve the whole issue?

Additional review hints (remove this list before you submit the PR)

• Besides the code review, what should the reviewer test?
• Are there any edge cases?
• Do you have any test files or test set-up?
• Could your changes cause side effects elsewhere in the code base?

Summary by Sourcery

Configure CI workflows to use Node.js 22 with caching, extend linting and auditing steps, and add a dedicated workflow for building and deploying the demo to GitHub Pages along with a new local build script.

New Features:

• Introduce deploy-demo workflow for building and deploying the demo to GitHub Pages
• Add build:demo npm script for local demo builds

Enhancements:

• Upgrade Node.js to 22.x and enable yarn caching in CI workflows
• Extend tests CI job with yarn audit and Prettier checks
• Update ESLint dependencies and configure jest and promise plugins
• Correct repository URL format in package.json

CI:

• Bump Node.js version in release workflow to 22.x

Summary by CodeRabbit

• New Features

  • Automated deployment of a public demo to GitHub Pages, with builds on main pushes and manual runs.

• Tests

  • CI now runs dependency audits, formatting checks, tests, and linting on Node.js 22 for more reliable validation.

• Chores

  • Upgraded CI environments to Node.js 22.
  • Enhanced linting configuration and tooling.
  • Ignored build artifacts in version control.
  • Corrected repository URL metadata.

[sourcery-ai]

Reviewer's Guide

This PR introduces a new GitHub Actions workflow to build and deploy the demo to GitHub Pages, updates existing CI workflows to use Node 22 and enhanced linting/auditing steps, and adds local demo build support along with dependency and ESLint configuration updates.

Class diagram for updated package.json scripts

classDiagram
  class PackageJson {
    scripts: clean
    scripts: build
    scripts: build:demo
    scripts: typecheck
    scripts: format
    scripts: lint
    scripts: test
    scripts: test:watch
    scripts: test:coverage
    scripts: test:ci
    scripts: prepare
  }
  class BuildDemoScript {
    command: "vite build --config demo/vite.config.ts"
  }
  PackageJson "1" -- "1" BuildDemoScript: contains

Loading

File-Level Changes

Change	Details	Files
Add deploy-demo workflow for building library, demo, and deploying to GitHub Pages	Created .github/workflows/deploy-demo.yml Configured triggers on push to master and manual dispatch Set up actions to checkout code, install deps, build library, build demo, and deploy pages	.github/workflows/deploy-demo.yml
Enhance tests CI workflow with Node.js 22 and additional quality checks	Switched actions/setup-node to v4 with Node 22.x and yarn caching Added yarn audit and prettier check before tests Reordered and consolidated install, test, and lint steps	.github/workflows/tests.yml
Introduce build:demo script and fix repository URL in package.json	Added "build:demo" script to invoke Vite for demo Corrected repository URL protocol Upgraded ESLint version and added eslint-plugin-jest, eslint-plugin-promise and publint dependencies	package.json
Update ESLint configuration to include Jest and Promise plugins	Imported and registered eslint-plugin-jest in eslint.config.ts Added pluginPromise and jestPlugin to recommended configs	eslint.config.ts
Upgrade release workflow Node.js version to 22.x	Changed node-version input from 20.x to 22.x in release workflow	.github/workflows/release.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[gemini-code-assist]

Summary of Changes

Hello @hbmartin, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the project's development and deployment infrastructure. It introduces an automated continuous deployment pipeline for the demo application to GitHub Pages, simplifies the local demo build process, and improves code quality enforcement through updated ESLint configurations and new plugins. These changes collectively aim to create a more efficient and robust development workflow.

Highlights

• GitHub Actions Workflow: A new GitHub Actions workflow (.github/workflows/deploy-demo.yml) has been created to automate the build and deployment of the demo application to GitHub Pages. This workflow builds the library, then the demo with the bundled library source, and is configured to trigger on pushes to the master branch or can be manually invoked.
• Local Demo Build Script: A new build:demo script has been added to package.json to enable local building of the demo application using Vite, streamlining the development process.
• ESLint Configuration Enhancements: The ESLint configuration (eslint.config.ts) has been updated to integrate eslint-plugin-promise and eslint-plugin-jest, providing enhanced static analysis for asynchronous code and Jest test files, respectively. The core eslint package has also been updated to a newer version.
• Dependency Management and Repository URL Fix: The package.json and yarn.lock files have been updated to reflect the new ESLint plugins, an updated eslint version, and the addition of publint as a development dependency. Additionally, the repository URL in package.json has been corrected.

Ignored Files

• Ignored by pattern: .github/workflows/** (3)
  • .github/workflows/deploy-demo.yml
  • .github/workflows/release.yml
  • .github/workflows/tests.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Walkthrough

Introduces a new GitHub Pages deployment workflow, updates Node.js versions in CI (release and tests) to 22.x, restructures the tests workflow, ignores root-level dist in .gitignore, enhances ESLint configuration with promise and jest plugins, and updates package.json scripts, repository URL, and devDependencies.

Changes

Cohort / File(s)	Summary
CI/CD: Deploy Demo to Pages .github/workflows/deploy-demo.yml	New workflow to build library and demo with Node 20, upload demo artifact, and deploy to GitHub Pages with concurrency control and pages/id-token permissions.
CI/CD: Release Node Update .github/workflows/release.yml	Bumps setup-node to use Node.js 22.x in the release workflow.
CI/CD: Tests Restructure & Node Update .github/workflows/tests.yml	Replaces prior steps with setup-node@v4 (Node 22.x, yarn cache), runs yarn install with frozen lockfile, yarn audit, Prettier check, tests, and lint in a new sequence.
Tooling: ESLint Plugins eslint.config.ts	Adds eslint-plugin-promise and eslint-plugin-jest; extends with their recommended configs; registers jest plugin.
Tooling: Package Config package.json	Adds build:demo script; fixes repository URL scheme; bumps ESLint; adds eslint-plugin-jest, eslint-plugin-promise, and publint to devDependencies.
Repo Housekeeping .gitignore	Ignores root-level dist; retains .idea ignore.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Dev as Push/Dispatch
  participant GA as GitHub Actions
  participant Build as Job: build
  participant Deploy as Job: deploy
  participant Pages as GitHub Pages

  Dev->>GA: push to master / workflow_dispatch
  GA->>Build: start (ubuntu-latest)
  Build->>Build: checkout repo
  Build->>Build: setup-node (Node 20, yarn cache)
  Build->>Build: yarn install --frozen-lockfile
  Build->>Build: yarn build (library)
  Build->>Build: yarn vite build (demo) with base path
  Build->>GA: upload artifact (demo dist)
  GA->>Deploy: start after build
  Deploy->>Pages: actions/deploy-pages@v4
  Pages-->>Deploy: page_url output
  note right of Deploy: Exposes page URL via outputs

Loading

sequenceDiagram
  autonumber
  participant Dev as Push/PR
  participant GA as GitHub Actions
  participant Test as Job: tests

  Dev->>GA: trigger tests workflow
  GA->>Test: start (ubuntu-latest)
  Test->>Test: setup-node@v4 (Node 22.x, yarn cache)
  Test->>Test: yarn --frozen-lockfile
  Test->>Test: yarn audit
  Test->>Test: prettier --check src/**/*.{ts,tsx,js,jsx,json,css,md}
  Test->>Test: yarn test
  Test->>Test: yarn lint

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I hop through pipelines, ears held high,
New pages bloom beneath the sky.
Tests now sprint on twenty-two,
Lints and promises tidy, too.
A demo built, a swift deploy—
In burrows of CI, I thump with joy. 🐇🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "Created workflow file: .github/workflows/deploy-demo.yml:1" accurately describes the primary addition in the changeset—the creation of a new GitHub Actions workflow for deploying the demo to GitHub Pages. While the PR also includes supplementary changes (updates to other workflows, ESLint configuration, .gitignore, and package.json), the title captures the main feature being introduced. The title is specific, clear, and directly related to a significant real change in the PR, though it is worth noting the unusual ":1" suffix appears to be formatting that could be clearer.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch publish-pages-demo

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Unpinned tool version Description: Using an unpinned Node.js major version ('20') in setup-node may introduce supply-chain risk due to implicit updates; prefer pinning to an exact version or at least a minor range. deploy-demo.yml [28-39] Referred Code node-version: '20' cache: 'yarn' - name: Install dependencies run: yarn install --frozen-lockfile - name: Build library run: yarn build - name: Build demo run: yarn vite build --config demo/vite.config.ts --base=/react-mentions-ts/
	Excess permissions Description: Broad GitHub Pages deployment permissions are granted to the workflow; least-privilege review is recommended to ensure only necessary scopes are enabled. deploy-demo.yml [9-13] Referred Code permissions: contents: read pages: write id-token: write
Ticket Compliance
⚪	🎫 No ticket provided - [ ] Create ticket/issue <!-- /create_ticket --create_ticket=true --> </details></td></tr>
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	No custom compliance provided Follow the guide to enable custom compliance check.

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	sade@​1.8.1
	@​publint/​pack@​0.1.2
	publint@​0.3.14
	eslint-plugin-promise@​7.2.1
	eslint-plugin-jest@​29.0.1

View full report

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Use the new build:demo npm script in deploy-demo.yml instead of repeating the vite build command to avoid duplication.
• Standardize the Node.js version across workflows (tests, release, deploy-demo) to prevent inconsistencies; e.g., use 22.x everywhere.
• You added the 'publint' dependency but didn't configure it in eslint.config.ts—either integrate it into the ESLint plugins or remove the unused dependency.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Use the new build:demo npm script in deploy-demo.yml instead of repeating the vite build command to avoid duplication.
- Standardize the Node.js version across workflows (tests, release, deploy-demo) to prevent inconsistencies; e.g., use 22.x everywhere.
- You added the 'publint' dependency but didn't configure it in eslint.config.ts—either integrate it into the ESLint plugins or remove the unused dependency.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[openhands-ai]

Looks like there are a few issues preventing this PR from being merged!

• GitHub Actions are failing:
  • CI

If you'd like me to help, just leave a comment, like

@OpenHands please fix the failing actions on PR #9 at branch `publish-pages-demo`

Feel free to include any additional details that might help me get this PR into a better state.

_{^{You can manage your notification settings}}

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
High-level	Unify Node.js versions across workflows The new deploy-demo.yml workflow uses Node.js v20, while other workflows were updated to v22. It is recommended to unify the Node.js version across all workflows for consistency and predictability. Examples: .github/workflows/deploy-demo.yml [28] node-version: '20' .github/workflows/tests.yml [11] node-version: 22.x Solution Walkthrough: Before: # .github/workflows/deploy-demo.yml ... - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' ... # .github/workflows/tests.yml ... - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 22.x ... After: # .github/workflows/deploy-demo.yml ... - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '22.x' ... # .github/workflows/tests.yml ... - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 22.x ... Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a significant inconsistency in Node.js versions across CI workflows, which is a best practice to avoid for ensuring predictable builds and simplifying maintenance.	Medium
General	Cancel in-progress deployments for efficiency Set cancel-in-progress to true in the concurrency block to cancel older running deployments when a new one is triggered. This ensures the latest version is always deployed and saves runner minutes. .github/workflows/deploy-demo.yml [14-16] concurrency: group: "pages" - cancel-in-progress: false + cancel-in-progress: true Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies a potential inefficiency in the deployment workflow and proposes a standard best practice to ensure only the latest commit is deployed, saving runner time.	Low
	Update action to its latest version Update the actions/upload-pages-artifact action from v3 to the latest major version, v4, to benefit from the latest features, bug fixes, and security enhancements. .github/workflows/deploy-demo.yml [43-46] - name: Upload artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@v4 with: path: './demo/dist' Apply / Chat Suggestion importance[1-10]: 4 __ Why: The suggestion correctly advises updating the GitHub Action actions/upload-pages-artifact to its latest major version (v4), which is a good practice for maintenance and consistency with other actions in the workflow.	Low
More

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 1a5886e in 1 minute and 41 seconds. Click for details.

• Reviewed 185 lines of code in 5 files
• Skipped 2 files when reviewing.
• Skipped posting 7 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. .github/workflows/deploy-demo.yml:28

• Draft comment:
  Node.js version '20' here differs from '22.x' used in other workflows. Consider aligning them for consistency.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 20% vs. threshold = 50% 1. This is a new file being added, so any changes would be relevant. 2. The comment claims there's inconsistency with other workflows, but I can't verify this claim without seeing the other files. 3. Node.js 20 is a valid LTS version and perfectly reasonable choice. 4. Version consistency across workflows is nice-to-have but not critical - different workflows might have different requirements. I might be too quick to dismiss version consistency - it could lead to subtle issues if different parts of the codebase are tested/built with different Node versions. While consistency is good, without seeing the other workflows, we can't verify if this is actually an issue or if Node 20 was chosen deliberately for this specific workflow. Delete this comment because we lack the context to verify if there's actually an inconsistency, and Node.js 20 is a valid choice on its own.

2. .github/workflows/deploy-demo.yml:37

• Draft comment:
  Consider using the 'build:demo' script from package.json instead of directly invoking Vite, unless the added '--base' flag is intentional.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 20% vs. threshold = 50% 1. The --base flag is crucial for GitHub Pages deployment to work correctly. 2. We don't have visibility into package.json to know if build:demo exists or what it does. 3. Even if build:demo exists, it might not include the necessary --base flag. 4. The current command is explicit and clear about what it's doing. 5. This seems like a preference suggestion rather than a necessary change. Without seeing package.json, we can't be certain whether build:demo would be better or worse. The current command might be duplicating existing configuration. The explicit command with --base flag shows clear intention for GitHub Pages deployment, and we can't assume a package.json script would handle this correctly. Delete the comment as it's speculative without package.json context and the current command is clearly intentional for GitHub Pages deployment.

3. eslint.config.ts:6

• Draft comment:
  Ensure that the rules from eslint-plugin-promise integrate well with your existing async and code-quality rules.
• Reason this comment was not posted:
  Confidence changes required: 33% <= threshold 50% None

4. eslint.config.ts:15

• Draft comment:
  Verify that the newly added jest plugin configuration does not conflict with your test file linting rules.
• Reason this comment was not posted:
  Confidence changes required: 33% <= threshold 50% None

5. package.json:25

• Draft comment:
  Review the 'build:demo' script for consistency with the workflow command, as the workflow uses an extra '--base' flag.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% 1. The comment references a workflow that isn't shown in the diff or context. 2. Without seeing the workflow file, we can't verify if this inconsistency actually exists. 3. The '--base' flag in Vite is for setting the base public path, which is a deployment concern. 4. Making assumptions about workflow requirements without evidence violates our review rules. I might be missing some important CI/CD context that could make this flag necessary. The workflow file might exist elsewhere. Even if there is a workflow file somewhere, we're instructed to ignore cross-file issues and only keep comments with strong evidence in the current diff. Delete this comment as it makes assumptions about workflow requirements without clear evidence in the current diff.

6. package.json:40

• Draft comment:
  Repository URL now correctly uses 'https'. Ensure this update is reflected in all related documentation.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to ensure that documentation is updated, which is against the rules. It doesn't provide a specific code suggestion or point out a potential issue with the code itself.

7. package.json:87

• Draft comment:
  ESLint dependency updated to ^9.37.0. Confirm that your configuration remains compatible with this newer version.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is about a dependency update, specifically ESLint. It asks the author to confirm compatibility with the new version. According to the rules, comments on dependency changes or asking for confirmation are not allowed. Therefore, this comment should be removed.

Workflow ID: wflow_iLn8l4ujupLfD40u

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[gemini-code-assist]

Code Review

This pull request introduces a GitHub Actions workflow for deploying the demo to GitHub Pages, updates Node.js versions in other workflows, and enhances the ESLint configuration by adding eslint-plugin-promise and eslint-plugin-jest. The changes are generally good, but I've provided a couple of suggestions in eslint.config.ts to improve code style and consistency by sorting imports and plugin definitions, adhering to the project's own linting rules.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

.github/workflows/deploy-demo.yml (1)

37-38: Consider using the build:demo script for consistency.

While the inline command works, using the build:demo script from package.json would provide better consistency and make the workflow easier to maintain.

Apply this diff:

       - name: Build demo
-        run: yarn vite build --config demo/vite.config.ts --base=/react-mentions-ts/
+        run: yarn build:demo --base=/react-mentions-ts/

Note: Verify that the vite CLI accepts the --base flag when run through the package.json script.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 056fb21 and 1a5886e.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (6)

• .github/workflows/deploy-demo.yml (1 hunks)
• .github/workflows/release.yml (1 hunks)
• .github/workflows/tests.yml (1 hunks)
• .gitignore (1 hunks)
• eslint.config.ts (3 hunks)
• package.json (4 hunks)

🧰 Additional context used

🪛 GitHub Actions: CI

eslint.config.ts

[error] 1-1: ESLint Resolve error: typescript with invalid interface loaded as resolver (import/namespace).

package.json

[warning] 1-1: ESLint was unable to complete due to the above errors; there may be additional warnings in the full log.

🪛 GitHub Check: build

eslint.config.ts

[failure] 15-15:
eslint-plugin-jest import should occur before import of eslint-plugin-prettier/recommended

---

[failure] 44-44:
Unsafe member access .configs on an error typed value

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Sourcery review

🔇 Additional comments (11)

.gitignore (1)

12-13: LGTM!

The additions are appropriate:

• /.idea correctly ignores IDE-specific files
• dist at root level complements the existing /demo/dist ignore and aligns with the new build outputs

eslint.config.ts (1)

44-52: Verify compatibility of new ESLint plugins.

The added plugins (eslint-plugin-promise@7.2.1 and eslint-plugin-jest@29.0.1) both support flat config as confirmed by the learnings. However, ensure they're compatible with ESLint ^9.37.0 and the other plugins in your configuration.

Based on learnings: Both plugins support flat/recommended configs and are at their latest versions. However, the pipeline failure suggests there may be a compatibility issue with the import resolver.

package.json (3)

25-25: LGTM! Build script aligns with deployment workflow.

The build:demo script is correctly referenced by the deploy-demo workflow (line 38 of deploy-demo.yml uses the inline command, but this script provides a convenient shorthand for local development).

---

40-40: Good catch fixing the malformed repository URL.

The previous git+https@... syntax was invalid. The corrected git+https://... format is proper.

---

87-87: Dependency additions align with ESLint configuration changes.

The new dependencies are appropriate:

• eslint-plugin-jest@29.0.1 and eslint-plugin-promise@7.2.1 match the imports in eslint.config.ts
• publint@0.3.14 is a useful tool for validating package exports

Based on learnings: Both ESLint plugins are at their latest stable versions and support the flat config format being used.

Also applies to: 91-91, 94-94, 106-106

.github/workflows/tests.yml (2)

8-13: Excellent workflow improvements.

The new setup is clearer and adds valuable checks:

• Node.js 22.x aligns with the release workflow
• Yarn caching improves CI performance
• Explicit cache-dependency-path ensures cache invalidation on lockfile changes

---

14-18: Good additions: audit and prettier checks.

The workflow now includes:

• yarn audit for security vulnerability scanning
• Prettier format checking before tests
• Explicit test and lint steps

These additions improve code quality gates and security posture.

.github/workflows/deploy-demo.yml (3)

9-16: LGTM! Appropriate permissions and concurrency configuration.

The workflow correctly:

• Grants minimal required permissions (contents: read, pages: write, id-token: write)
• Uses a concurrency group to prevent simultaneous deployments
• Disables cancel-in-progress to avoid partial deployments

---

19-46: Workflow structure is sound.

The build job correctly:

• Checks out code and sets up dependencies
• Builds the library before the demo (correct dependency order)
• Configures GitHub Pages and uploads the artifact from the correct path

---

48-57: Deployment job is correctly configured.

The deploy job:

• Properly depends on the build job
• Uses the standard actions/deploy-pages action
• Exposes the deployment URL via outputs

.github/workflows/release.yml (1)

22-22: Standardize Node.js version across workflows.

The inconsistency is confirmed: tests.yml and release.yml both specify Node.js 22.x, while deploy-demo.yml uses Node.js 20. Verify whether the deploy-demo workflow requires Node.js 20 for specific reasons; if not, upgrade it to 22.x for consistency across all workflows.