chore(deps): May updates

[basmasking]

Fixes #774

Changes proposed in this pull request:

• updated dependencies
• removed creator package (one less dependency for us)

@MaskingTechnology/jitar

[coderabbitai]

Summary by CodeRabbit

• Chores
  • Updated dotenv, rollup, and rollup-plugin-dts dependencies to latest versions.
  • Removed the create-jitar package and associated configuration files.
  • Updated dev dependency version specifiers in website package configuration.

Walkthrough

This PR removes the deprecated create-jitar package entirely and updates dependencies across the monorepo. The dotenv library is bumped to 17.4.2 in both configuration and jitar packages, rollup tooling is updated, and website devDependencies move to caret semver ranges.

Changes

Dependency Updates

Layer / File(s)	Summary
Shared Dependency Bumps packages/configuration/package.json, packages/jitar/package.json	dotenv is updated from 17.3.1 to 17.4.2 in both packages.
Build Tool Updates packages/jitar/package.json	rollup is updated to 4.60.3 (from 4.59.0) and rollup-plugin-dts to 6.4.1 (from 6.3.0).
Semver Range Updates website/package.json	devDependencies for cpx2, rimraf, and minify are changed from fixed versions to caret (^) semver ranges.

Create-Jitar Package Removal

Layer / File(s)	Summary
Package Manifest Removal packages/create-jitar/package.json	The entire package manifest defining npm package metadata, entrypoints (bin, main), build scripts, and runtime configuration is deleted.
Build Configuration Cleanup packages/create-jitar/tsconfig.json	TypeScript compiler configuration extending the base tsconfig and defining rootDir/outDir is removed.
Documentation and Changelog Cleanup packages/create-jitar/CHANGELOG.md, packages/create-jitar/README.md	Package-level changelog reference and README deprecation notice are deleted.
Source Code Removal packages/create-jitar/index.js, packages/create-jitar/src/index.ts	CLI entry point shebang/import and deprecation console output are deleted.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• MaskingTechnology/jitar#751: Both PRs modify the create-jitar package files (README, package.json, tsconfig.json, index.js), indicating related removal or restructuring work.
• MaskingTechnology/jitar#658: Both PRs bump the dotenv dependency in packages/configuration and packages/jitar to the same version.
• MaskingTechnology/jitar#672: Both PRs modify website/package.json devDependencies, including rimraf and minify version updates.

Suggested reviewers

• petermasking

Poem

🐰 A farewell to deprecated days,
Where jitar's init found forgotten ways,
Now dotenv blooms with version new,
As build tools roll and semver grew,
The old create-jitar bids adieu! 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'chore(deps): May updates' accurately summarizes the main change—updating dependencies in May—and is concise and clear.
Description check	✅ Passed	The description follows the template structure and includes issue reference (#774), clear change summary (dependency updates and package removal), and team mention.
Linked Issues check	✅ Passed	The PR addresses issue #774 by updating dependencies across multiple packages and removing the deprecated create-jitar package as intended.
Out of Scope Changes check	✅ Passed	All changes are within scope: dependency updates in multiple package.json files and removal of the deprecated create-jitar package aligns with the stated objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@website/package.json`:
- Around line 16-18: The package.json devDependency entries for "cpx2",
"rimraf", and "minify" were changed to caret ranges which can cause
non-deterministic builds; either commit a lockfile (package-lock.json or
npm-shrinkwrap.json) to ensure reproducible installs or revert these three
entries back to pinned exact versions to preserve strict build
reproducibility—update the repository to include the lockfile if you want caret
ranges, or change the versions for "cpx2", "rimraf", and "minify" back to exact
pins if you want to avoid automatic minor/patch updates.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 36b0fd64-f3af-459e-a31a-594d7bc4d66a

📥 Commits

Reviewing files that changed from the base of the PR and between 1de18a1 and 915a909.

⛔ Files ignored due to path filters (3)

• documentation/package-lock.json is excluded by !**/package-lock.json
• package-lock.json is excluded by !**/package-lock.json
• website/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (9)

• packages/configuration/package.json
• packages/create-jitar/CHANGELOG.md
• packages/create-jitar/README.md
• packages/create-jitar/index.js
• packages/create-jitar/package.json
• packages/create-jitar/src/index.ts
• packages/create-jitar/tsconfig.json
• packages/jitar/package.json
• website/package.json

💤 Files with no reviewable changes (6)

• packages/create-jitar/src/index.ts
• packages/create-jitar/tsconfig.json
• packages/create-jitar/CHANGELOG.md
• packages/create-jitar/package.json
• packages/create-jitar/README.md
• packages/create-jitar/index.js