[_]: chore/migrate to NPM

[xabg2]

• Migrating the project to NPM.
• Adding a script to check that the used package manager is NPM, otherwise throw.
• Adding a basic README.md.
• Updating the CodeRabbit config.

Summary by CodeRabbit

• Documentation

  • Updated project title formatting.

• Chores

  • Enforced npm as the required package manager for development installs.
  • Removed an unused testing dependency.
  • Added a pre-install check to ensure the correct package manager.
  • Updated CI workflows to use npm-based commands and caching.
  • Updated internal review configuration settings.

[coderabbitai]

Warning

Rate limit exceeded

@xabg2 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 13 minutes and 31 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: f8f2c693-fa00-431c-8de4-57238ff50f3a

📥 Commits

Reviewing files that changed from the base of the PR and between d3d8471 and ebfa2e0.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• .github/workflows/ci.yml

Walkthrough

Updated review and tooling configuration; README title capitalization changed. Enforced npm as the package manager via a new preinstall script and check script. Removed a testing devDependency. CI workflows switched from Yarn to npm and adjusted SonarCloud integration.

Changes

Cohort / File(s)	Summary
Review & Tooling Config .coderabbit.yaml	Adjusted review flags (disabled high_level_summary and review_status, enabled changed_files_summary and collapse_walkthrough) and removed biome.enabled entry; added several false flags (sequence_diagrams, related_issues, related_prs, suggested_labels, assess_linked_issues).
Package manifest & scripts package.json, scripts/check-package-manager.js	Added preinstall script that runs node scripts/check-package-manager.js; removed @testing-library/react-hooks devDependency; added script file to enforce npm via npm_execpath check.
Documentation README.md	Updated project title capitalization from "mail-web" to "Mail web".
CI / Static Analysis Workflows .github/workflows/ci.yml, .github/workflows/sonarcloud.yml	Switched CI and SonarCloud workflows from Yarn to npm: fixed Node version to 24, replaced yarn commands with npm ci / npm run ..., adjusted caching and SonarCloud action/source and environment vars, simplified matrix/strategy configuration.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub Actions
    participant NPM as npm
    participant SC as SonarCloud

    Dev->>GH: push commit (includes workflows, package.json, scripts)
    GH->>NPM: run `npm ci` (install)
    GH->>NPM: run `npm run build` / `npm run test` / `npm run test:coverage`
    GH->>SC: send scan results (SonarCloud Scan)
    SC-->>GH: scan report/status
    GH-->>Dev: workflow result (success/failure)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore/migrate to NPM' directly aligns with the main objective: migrating the project from Yarn to NPM across configuration files, workflows, and package management.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/migrate-to-npm

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Warning

CodeRabbit couldn't request changes on this pull request because it doesn't have sufficient GitHub permissions.

Please grant CodeRabbit Pull requests: Read and write permission and re-run the review.

👉 Steps to fix this

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@README.md`:
- Around line 47-58: The README's fenced code block containing the directory
tree starting with "src/" lacks a language specifier; update that
triple-backtick fence to include a language tag (e.g., ```text) so the block is
explicitly marked as plain text and the markdownlint warning is resolved—modify
the fenced block around the "src/" directory tree in README.md accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: e0498828-60e0-4503-adb4-9ce49f0f25f7

📥 Commits

Reviewing files that changed from the base of the PR and between b8ba395 and eaf97ed.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (4)

• .coderabbit.yaml
• README.md
• package.json
• scripts/check-package-manager.js

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/ci.yml (1)

11-29: 🧹 Nitpick | 🔵 Trivial

Minor inconsistency between matrix and hardcoded node version.

The matrix defines node-version: [24.x] (line 13), but the setup-node action uses node-version: 24 (line 28), which overrides the matrix value. This makes the matrix redundant.

Consider using the matrix variable for consistency:

♻️ Suggested fix

       - uses: actions/setup-node@v4
         with:
-          node-version: 24
+          node-version: ${{ matrix.node-version }}
           cache: "npm"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/ci.yml around lines 11 - 29, The Github Actions workflow
has a mismatch: the matrix defines node-version: [24.x] but the setup-node step
hardcodes node-version: 24, making the matrix pointless; update the setup-node
step to consume the matrix value (use node-version: ${{ matrix.node-version }})
so the matrix controls the runner version (or alternatively remove the matrix
and keep a single hardcoded value) and ensure the symbol to edit is the
setup-node step's node-version field.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In @.github/workflows/ci.yml:
- Around line 11-29: The Github Actions workflow has a mismatch: the matrix
defines node-version: [24.x] but the setup-node step hardcodes node-version: 24,
making the matrix pointless; update the setup-node step to consume the matrix
value (use node-version: ${{ matrix.node-version }}) so the matrix controls the
runner version (or alternatively remove the matrix and keep a single hardcoded
value) and ensure the symbol to edit is the setup-node step's node-version
field.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 6568db34-afb4-4425-b3ea-ff3c388e98c5

📥 Commits

Reviewing files that changed from the base of the PR and between eaf97ed and d3d8471.

📒 Files selected for processing (4)

• .coderabbit.yaml
• .github/workflows/ci.yml
• .github/workflows/sonarcloud.yml
• README.md

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud