chore: remove stale lockfile

[tassoevan]

It removes the obsolete lockfile.

[coderabbitai]

Walkthrough

A new Zod validation library dependency (version ^4.2.1) has been added to the project's package.json with updated formatting to include proper comma placement and line separation.

Changes

Cohort / File(s)	Summary
Dependency Addition package.json	Added "zod": "^4.2.1" to dependencies; updated formatting with trailing comma after "tweetnacl": "^1.0.3"

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A hop, a skip, a zod so new,
Schema validation through and through,
Our package grows with every bound,
Type-safe handling all around! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'chore: remove stale lockfile' does not match the actual changes, which add the zod dependency to package.json. The objective indicates this is about upgrading zod, not removing a lockfile.	Update the title to reflect the actual change, such as 'chore(deps): upgrade zod' or 'chore: add zod dependency to package.json'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/upgrade-zod

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 52.29%. Comparing base (1890741) to head (cee3e7e).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #323      +/-   ##
==========================================
+ Coverage   52.04%   52.29%   +0.25%     
==========================================
  Files          97       97              
  Lines       13153    13153              
==========================================
+ Hits         6845     6878      +33     
+ Misses       6308     6275      -33     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cubic-dev-ai]

No issues found across 3 files

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1890741 and cee3e7e.

⛔ Files ignored due to path filters (2)

• bun.lock is excluded by !**/*.lock
• bun.lockb is excluded by !**/bun.lockb

📒 Files selected for processing (1)

• package.json

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: ricardogarim
Repo: RocketChat/homeserver PR: 184
File: packages/federation-sdk/src/services/media.service.ts:21-31
Timestamp: 2025-09-14T13:15:46.588Z
Learning: In the RocketChat homeserver project, ricardogarim prefers to defer timeout and retry enhancements for media downloads when there's already a TODO to make timeouts configurable, indicating they manage technical debt systematically rather than implementing every suggested improvement immediately.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: cubic · AI code reviewer

🔇 Additional comments (1)

package.json (1)

28-28: Zod version 4.2.1 exists on npm with no known security vulnerabilities. However, since the codebase uses Zod extensively across multiple packages (room types, federation SDK specs, event schemas, and config services), verify that all existing schema definitions and validation patterns are compatible with Zod 4's breaking changes before merging.

[cubic-dev-ai]

No issues found across 1 file