chore: Revert "fix(deps): update all non-major dependencies"

[elibosley]

Reverts #1633

Summary by CodeRabbit

• Chores
  • Standardized Node.js runtime to 22.18.0 across development, CI, and container images for consistency.
  • Standardized pnpm to 10.15.0 across the repository.
  • Aligned dependency versions across API, UI, web, and plugins to earlier patch releases for stability.
  • Updated build/test/release and Storybook workflows to use the aligned toolchain.
  • No user-facing features changed; behavior remains the same.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Version downgrades across Node.js, pnpm, and numerous dependencies. Workflow files and Dockerfiles pin Node.js 22.18.0. pnpm pinned to 10.15.0 across manifests and one workflow. Multiple package.json files adjust dependency versions (mostly patch/minor downgrades) without code or API changes.

Changes

Cohort / File(s)	Summary of Changes
Node.js pin downgrade \.nvmrc, .github/workflows/deploy-storybook.yml, .github/workflows/release-production.yml, api/Dockerfile, plugin/Dockerfile	Node.js version changed from 22.19.0 to 22.18.0 (Docker base images and CI setup).
pnpm pin downgrade .github/workflows/test-libvirt.yml, package.json, api/package.json, plugin/package.json, unraid-ui/package.json, web/package.json	pnpm version changed from 10.15.1 to 10.15.0 (workflow step and packageManager/engines fields).
API dependencies api/package.json	Multiple dependencies and devDependencies downgraded one patch/minor; no additions/removals; packageManager updated to pnpm@10.15.0.
Root metadata package.json	Minor downgrades for @manypkg/cli, chalk, lint-staged; packageManager set to pnpm@10.15.0.
UI packages unraid-ui/package.json, web/package.json	Broad dependency/devDependency pin downgrades (Storybook, Tailwind, Vite, Vue, related tooling); optional Rollup binary tag adjusted; packageManager set to pnpm@10.15.0.
Plugin library manifests packages/unraid-api-plugin-connect/package.json, packages/unraid-api-plugin-generator/package.json, packages/unraid-shared/package.json	Patch/minor downgrades for selected dependencies/devDependencies (e.g., got, jose, chalk, @types/node); no code changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• zackspear
• pujitm

Poem

Thump-thump, I hop through versions old,
Nudging pins a notch—quiet, controlled.
Node steps back, pnpm in tow,
Dependencies line up in a tidy row.
Carrot in paw, I sign this note:
“All set to build”—the rabbit wrote. 🥕✨

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5dd6f42 and 204cdf2.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (14)

• .github/workflows/deploy-storybook.yml (1 hunks)
• .github/workflows/release-production.yml (1 hunks)
• .github/workflows/test-libvirt.yml (1 hunks)
• .nvmrc (1 hunks)
• api/Dockerfile (1 hunks)
• api/package.json (8 hunks)
• package.json (2 hunks)
• packages/unraid-api-plugin-connect/package.json (3 hunks)
• packages/unraid-api-plugin-generator/package.json (2 hunks)
• packages/unraid-shared/package.json (1 hunks)
• plugin/Dockerfile (1 hunks)
• plugin/package.json (1 hunks)
• unraid-ui/package.json (3 hunks)
• web/package.json (2 hunks)

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch revert-1633-renovate/all-minor-patch

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @elibosley's task —— View job

---

PR Review: Revert Dependency Updates

Task: Review the diff/changeset for critical issues only

Todo List:

• Analyze the specific changes made in the revert
• Check for critical bugs, security issues, breaking changes, or data loss risks
• Provide feedback on changed lines only

Analysis

This PR reverts dependency updates from PR #1633. The changes involve:

Node.js Version Revert:

• .nvmrc: Node 22.18.0 → 22.18.0 (no actual change in current state)

Package Version Reverts:

• Multiple package.json files reverting dependency versions
• Docker base images reverting to older Node versions
• GitHub Actions workflows reverting Node versions

Critical Analysis:
✅ No critical issues found in changes

The revert appears to be a straightforward rollback of dependency updates. Since this is reverting to previously working versions rather than introducing new code or dependencies, the primary risk would be reintroducing known vulnerabilities that were fixed in the reverted updates.

However, reviewing only the diff changes themselves (as instructed), I don't see:

• Logic errors or breaking API changes
• Security vulnerabilities introduced by the revert code
• Data loss operations
• Critical bugs in the revert implementation

The revert is clean and only touches dependency declarations and Node version specifications - no application logic was modified.

---

[github-actions]

🚀 Storybook has been deployed to staging: https://unraid-ui-storybook-staging.unraid-workers.workers.dev

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.58%. Comparing base (5dd6f42) to head (204cdf2).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1675   +/-   ##
=======================================
  Coverage   58.58%   58.58%           
=======================================
  Files         624      624           
  Lines       30769    30769           
  Branches     3618     3618           
=======================================
  Hits        18026    18026           
  Misses      12706    12706           
  Partials       37       37           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

This plugin has been deployed to Cloudflare R2 and is available for testing.
Download it at this URL:

https://preview.dl.unraid.net/unraid-api/tag/PR1675/dynamix.unraid.net.plg