chore: add GitHub Actions workflows, CodeRabbit config, and update RE…

[SauelAlmonte]

…ADME

• ci.yml: type-check, lint, and build on every PR targeting main
• deploy.yml: prebuilt Vercel production deploy on push to main, scoped to production environment
• .coderabbit.yaml: auto-review on PRs, chill profile, no drafts
• add type-check script to package.json
• update README with CI/CD section

Summary by CodeRabbit

• New Features

  • Added automated continuous integration pipeline that runs type checking, linting, and builds on every pull request targeting the main branch.
  • Added automated deployment pipeline that builds and deploys to production on every push to the main branch.

• Documentation

  • Updated README with CI/CD workflow descriptions.

• Chores

  • Configured code review automation.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
shadeworks	Ready	Preview, Comment	May 9, 2026 1:44pm

[coderabbitai]

Warning

Rate limit exceeded

@SauelAlmonte has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 54 minutes and 41 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c6237871-f606-443d-9e53-8cfdd2f64c0f

📥 Commits

Reviewing files that changed from the base of the PR and between cde04ff and 281be3f.

📒 Files selected for processing (3)

• .github/workflows/ci.yml
• .github/workflows/deploy.yml
• package.json

📝 Walkthrough

Walkthrough

Adds CI/CD infrastructure comprising CodeRabbit review configuration, GitHub Actions workflows for pull-request validation (type-check, lint, build) and production deployment to Vercel, a type-check build script, and updated README documentation describing the automated pipelines.

Changes

CI/CD Infrastructure

Layer / File(s)	Summary
CodeRabbit Review Configuration .coderabbit.yaml	CodeRabbit configured with English language, chill review profile, auto-review enabled for main branch (drafts excluded), high-level summaries, and automatic chat replies.
Build Scripts package.json	Added type-check script running tsc --noEmit for TypeScript validation.
CI Workflow .github/workflows/ci.yml	GitHub Actions workflow on pull requests to main; checks out code, installs pnpm and Node 20 with caching, installs dependencies with frozen lockfile, then runs type-check, lint, and build.
Deploy Workflow .github/workflows/deploy.yml	GitHub Actions workflow on pushes to main targeting production; sets up pnpm and Node 20, installs dependencies and Vercel CLI globally, executes vercel pull, vercel build --prod, and vercel deploy --prebuilt --prod using token authentication.
Documentation README.md	CI/CD section added describing CI triggers and steps (type-check → lint → build on PRs) and deploy triggers and steps (pull → build → deploy on main pushes); notes CodeRabbit and GitHub Copilot for automated code review.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A rabbit hops with glee,
CI pipelines now run free!
Type-check, lint, then build so right,
Deploy to Vercel through the night.
CodeRabbit watches every line—
Infrastructure now designed so fine! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: adding GitHub Actions workflows (CI and deploy), CodeRabbit configuration, and updating the README with CI/CD documentation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/github-actions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/deploy.yml (1)

19-21: ⚡ Quick win

Consider pinning the pnpm version for reproducible builds.

Using version: latest can lead to non-deterministic builds when new pnpm versions introduce breaking changes or behavioral differences.

📌 Suggested change

       - uses: pnpm/action-setup@v4
         with:
-          version: latest
+          version: 9

Check your local pnpm version with pnpm --version and pin to that major version.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/deploy.yml around lines 19 - 21, The workflow uses
pnpm/action-setup with version: latest which makes builds non-deterministic;
change the action input to pin the pnpm version used (replace version: latest
with the specific version you test locally, e.g., the output of pnpm --version
or its major range) so pnpm/action-setup@v4 installs a fixed pnpm release for
reproducible CI runs.

.github/workflows/ci.yml (1)

14-16: ⚡ Quick win

Consider pinning the pnpm version for reproducible builds.

Using version: latest can lead to non-deterministic builds when new pnpm versions introduce breaking changes or behavioral differences.

📌 Suggested change

       - uses: pnpm/action-setup@v4
         with:
-          version: latest
+          version: 9

Check your local pnpm version with pnpm --version and pin to that major version.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 14 - 16, Replace the non-deterministic
pnpm setup entry that currently uses "version: latest" in the CI job
(pnpm/action-setup@v4) by pinning the pnpm version to a specific, reproducible
value (at least the major version or the exact patch you use locally); update
the "version" field from "latest" to that pinned version (e.g., the output of
`pnpm --version`) so CI uses the same pnpm release each run.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/deploy.yml:
- Around line 28-42: Add pre-build validation steps to the GitHub Actions deploy
workflow: before the "Build" job that runs "vercel build" ensure you run "pnpm
type-check" and "pnpm lint" (and fail the job on errors) so type and lint checks
execute even on direct pushes; update the job that currently runs "vercel pull"
and "vercel build" to include separate steps named like "Type check" (run: pnpm
type-check) and "Lint" (run: pnpm lint) that use the same environment variables
(VERCEL_TOKEN if needed) and run before the "Build" step to enforce quality
gates prior to invoking vercel build.
- Around line 11-15: The deploy job named "deploy" currently runs on every push
to main without waiting for CI; either add an explicit dependency so the deploy
job waits for the CI workflow (e.g., make the CI workflow callable and add
needs: [ci] or use a workflow_run trigger to only run deploy after the CI
workflow completes successfully) or enforce branch protection on main to require
the CI check ("Type Check, Lint & Build") to pass before merges; update the
deploy job configuration (job name "deploy") accordingly or set branch
protection in the repo settings to require the CI status check.

---

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 14-16: Replace the non-deterministic pnpm setup entry that
currently uses "version: latest" in the CI job (pnpm/action-setup@v4) by pinning
the pnpm version to a specific, reproducible value (at least the major version
or the exact patch you use locally); update the "version" field from "latest" to
that pinned version (e.g., the output of `pnpm --version`) so CI uses the same
pnpm release each run.

In @.github/workflows/deploy.yml:
- Around line 19-21: The workflow uses pnpm/action-setup with version: latest
which makes builds non-deterministic; change the action input to pin the pnpm
version used (replace version: latest with the specific version you test
locally, e.g., the output of pnpm --version or its major range) so
pnpm/action-setup@v4 installs a fixed pnpm release for reproducible CI runs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b2b2ba61-7f9f-4d9d-9f8c-cafb7a927c74

📥 Commits

Reviewing files that changed from the base of the PR and between 4961124 and cde04ff.

📒 Files selected for processing (5)

• .coderabbit.yaml
• .github/workflows/ci.yml
• .github/workflows/deploy.yml
• README.md
• package.json