housekeep

[ycmjason]

• bump deps
• update publish script to use OIDC

[Copilot]

Pull request overview

This PR performs routine housekeeping by bumping dependencies to their latest versions and modernizing the npm publishing workflow to use GitHub Actions OIDC authentication instead of a bash script.

Changes:

• Updated all dependencies to their latest versions (babel, stricli, biome, typescript, vitest, etc.)
• Replaced bash-based publish script with GitHub Actions workflow using OIDC
• Enhanced test setup to clean dist directory with force flag

Reviewed changes

Copilot reviewed 6 out of 7 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
vitest.setup.ts	Added force flag to rmSync to prevent errors if dist doesn't exist
src/api/getSemanticDiagnostics.test.ts	Added force flag to rmSync for safer cleanup
scripts/build-and-publish.bash	Removed bash script in favor of GitHub Actions workflow
pnpm-lock.yaml	Updated lockfile with new dependency versions
package.json	Bumped version to 1.4.0, updated dependencies, added publishConfig for provenance
.github/workflows/ci.yml	Updated GitHub Actions to v6 for checkout and setup-node
.github/workflows/cd.yml	Implemented OIDC-based publishing workflow with pre-release support

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.