fix(shared): update packages

[designcode]

Note

Modernizes release workflow (Node 22, OIDC, build/test all packages) and upgrades tooling (semantic-release v25, vitest v4) while removing commitizen and tidying React dev deps.

• CI/Release:
  • Overhaul /.github/workflows/release.yaml to use Node 22, grant OIDC (id-token) permissions, build/test all workspaces (storage, keyv-tigris, react), run npm audit signatures, and publish via multi-semantic-release.
• Dependencies/Tooling:
  • Upgrade semantic-release to ^25 and related plugins; bump vitest to ^4 and modernize transitive deps (Octokit, npm, etc.).
  • Remove commitizen/cz-conventional-changelog from root dev deps.
• Monorepo:
  • Ensure workspaces include packages/storage, packages/keyv-tigris, packages/react.
• React package:
  • Simplify devDependencies (rely on root tooling); keep build/test scripts unchanged.

^{Written by Cursor Bugbot for commit 7d203c6. This will update automatically on new commits. Configure here.}

[greptile-apps]

Greptile Overview

Greptile Summary

This PR updates key development dependencies to their latest versions and improves the monorepo configuration:

• Updated semantic-release from v22 to v25 and vitest from v3 to v4
• Added id-token: write permission to the release workflow for OIDC authentication support
• Removed commitizen and cz-conventional-changelog dependencies (no longer needed)
• Cleaned up duplicate devDependencies in packages/react/package.json (tsup, typescript, vitest) which are now properly inherited from the root workspace

These are maintenance updates that modernize the tooling and improve the workspace dependency management.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The changes are straightforward dependency updates and configuration improvements. The semantic-release and vitest upgrades follow semantic versioning, the OIDC permission addition is a standard security enhancement for modern GitHub Actions workflows, and the removal of duplicate dependencies from the react package properly leverages workspace inheritance. No breaking changes or logic modifications are introduced.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
.github/workflows/release.yaml	5/5	Added id-token: write permission for OIDC authentication support
package.json	5/5	Updated semantic-release from v22 to v25, vitest from v3 to v4, removed commitizen and cz-conventional-changelog dependencies
packages/react/package.json	5/5	Removed duplicate tsup, typescript, and vitest devDependencies (now inherited from root workspace)

[greptile-apps]

_{3 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[pboros]

stamped for unblocking

[github-actions]

🎉 This PR is included in version 1.1.1 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 1.0.8 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 2.10.1 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀