chore(deps): change pinning

[avivkeller]

cc @ovflowd

Changes the dependency pinning per our docs. Rolldown was changed to be an exact dependency, as each release candidate may contain breaking changes.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
api-docs-tooling	Ready	Preview	Mar 7, 2026 7:24pm

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.90%. Comparing base (1aef493) to head (363c90c).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #654   +/-   ##
=======================================
  Coverage   75.90%   75.90%           
=======================================
  Files         145      145           
  Lines       13735    13735           
  Branches      992      992           
=======================================
  Hits        10426    10426           
  Misses       3303     3303           
  Partials        6        6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

orama-db Generator

File	Base	Head	Diff
orama-db.json	8.05 MB	8.05 MB	+2.00 B (+0.00%)

[Copilot]

Pull request overview

Updates dependency version pinning to align with the project’s desired semver strategy, with a specific focus on making rolldown an exact version to avoid RC breakage leaking in via ranges.

Changes:

• Convert several devDependencies from caret ranges (^) to pinned versions (exact and ~ patch ranges).
• Pin rolldown to an exact release-candidate version (1.0.0-rc.6) in both manifest and shrinkwrap.
• Regenerate npm-shrinkwrap.json to reflect the updated specifiers.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
package.json	Updates dev dependency ranges (mostly pinned) and pins rolldown exactly.
npm-shrinkwrap.json	Keeps shrinkwrap aligned with package.json changes and updates lock metadata accordingly.

Files not reviewed (1)

• npm-shrinkwrap.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[MattIPv4]

Not sure I totally agree with this approach of exact pinning, given this repo has demonstrated up until this point that it isn't really needed, but happy to approve, given this is what our current policy states. I agree with pinning rolldown specifically though.

[ovflowd]

The pinning of the devDependencies look correct, but of the regular dependencies, not. Some of these below I believe should be ~, would you mind giving this a 2nd pass? When in the past I used AI to update the pinning based on our docs it did it 99% correct, although the dependency pinning is more of a guidance, in the end you decide which ones should be ^ or ~ or exact version. The nodejs.org repo is a good example, although over the years not sure how much is still accurate tho.

[ovflowd]

SGTM although I feel some runtime dependencies could be more stricter.