chore(deps): update all dev dependencies and bump osv-scanner-action

[camcima]

Summary

Updates all dev dependencies to their latest versions across the workspace and bumps the google/osv-scanner-action GitHub Action. This consolidates the open dependabot PRs (#17, #14) into a single PR so they can be reviewed and merged together.

Dev dependency bumps (root + workspace packages)

Package	From	To
@commitlint/cli	20.5.3	21.0.2
@commitlint/config-conventional	20.5.3	21.0.2
@release-it/conventional-changelog	11.0.0	11.0.1
@typescript-eslint/eslint-plugin	8.59.1	8.60.0
@typescript-eslint/parser	8.59.1	8.60.0
typescript-eslint	8.59.1	8.60.0
@vitest/coverage-v8	4.1.5	4.1.7
vitest	4.1.5	4.1.7
eslint	10.3.0	10.4.1
lefthook	2.1.6	2.1.9
turbo	2.9.8	2.9.16
vite	8.0.10	8.0.14
release-it	20.0.1	20.2.0
@nestjs/common, @nestjs/core, @nestjs/testing	11.1.19	11.1.24
better-sqlite3	12.9.0	12.10.0
ioredis	5.10.1	5.11.0
typescript (workspace packages)	6.0.2	6.0.3

CI

• google/osv-scanner-action v2.3.5 → v2.3.8

No production/runtime dependencies were changed. @commitlint/cli crosses a major version (20 → 21); the existing commitlint config validates cleanly against it.

Verification

All checks run locally and pass:

• ✅ pnpm build
• ✅ pnpm lint
• ✅ pnpm format:check
• ✅ pnpm typecheck
• ✅ pnpm test:coverage (unit)
• ✅ pnpm test:functional:redis (105 tests, via docker)
• ✅ pnpm test:functional:memcache (91 tests, via docker)
• ✅ pnpm test:functional:sqlite (90 tests)
• ✅ pnpm install --frozen-lockfile (lockfile consistent)

Note

release-it-pnpm@4.6.6 declares a peer range of release-it@^17–19 but the repo already pins release-it@20.x — this peer mismatch is pre-existing and unchanged by this PR.

Closes #17
Closes #14

🤖 Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.44%. Comparing base (517d499) to head (4c0e9de).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #18   +/-   ##
=======================================
  Coverage   97.44%   97.44%           
=======================================
  Files          11       11           
  Lines         549      549           
  Branches      132      132           
=======================================
  Hits          535      535           
  Misses         14       14           

Flag	Coverage Δ
unit	97.44% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.