chore: update dependencies to latest versions (#325)

* chore: rename build

* docs: add missing ADRs and update existing ones

Documents architectural decisions previously undocumented in the codebase.

**New ADRs:**
- ADR-0020: Testing Framework (Vitest + property-based testing)
- ADR-0021: Code Quality Toolchain (ESLint, Prettier, TypeScript)
- ADR-0022: Package Manager Choice (pnpm)
- ADR-0023: Release Management with Changesets
- ADR-0024: CI/CD Platform (GitHub Actions)
- ADR-0025: Container and Security Scanning (Trivy, SLSA, SBOM)
- ADR-0026: Circuit Breaker Pattern (opossum)
- ADR-0027: Docker Publishing Strategy (GHCR to Docker Hub)
- ADR-0028: Session-Based HTTP Transport with SSE

**Updated ADRs:**
- ADR-0011: Docker implementation (multi-platform, GHCR, security)
- ADR-0016: Marked as superseded by ADR-0019
- ADR-0018: Circuit breaker cross-references
- ADR-0019: Marked as partially superseded by ADR-0028

ADR-0028 documents the session-based HTTP transport added after
ADR-0019 removed OAuth HTTP. Uses session management instead of OAuth
and delegates authentication to external gateways.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* docs: add key architectural decisions to CLAUDE.md

Summarizes key decisions from ADRs for quick reference:
- Testing: Vitest + fast-check (80% coverage)
- Code quality: TypeScript strict, ESLint, Prettier
- Package manager: pnpm with version consistency
- Release: Changesets workflow
- CI/CD: GitHub Actions (7 workflows)
- Security: Multi-layered (Trivy, CodeQL, SLSA, SBOM)
- Resilience: Circuit breaker (opossum)
- Docker: Multi-platform, GHCR→Docker Hub
- Transport: stdio (default) + HTTP (optional)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* chore: add empty changeset for documentation updates

Documentation-only changes do not require a version bump.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

* chore: update dependencies to latest versions

- Updated pino from 9.12.0 to 10.0.0
- Updated pino-roll from 3.1.0 to 4.0.0
- Updated @types/node from 24.7.1 to 24.7.2
- Kept zod at 3.25.76 for compatibility
- All tests passing, no breaking changes identified

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

---------

Co-authored-by: Claude <[email protected]>

Author: sapientpants

.changeset/update-dependencies-2025-10.md

@@ -0,0 +1,12 @@
+---
+'sonarqube-mcp-server': patch
+---
+
+Update production dependencies to latest versions:
+
+- pino: 9.12.0 → 10.0.0 (major version update with improved performance)
+- pino-roll: 3.1.0 → 4.0.0 (compatible with Pino 10)
+- @types/node: 24.7.1 → 24.7.2 (minor type definition updates)
+- zod: kept at 3.25.76 (maintained for compatibility)
+
+All tests passing with no breaking changes identified.

package.json

@@ -93,8 +93,8 @@
     "express": "5.1.0",
     "lodash": "^4.17.21",
     "opossum": "^9.0.0",
-    "pino": "9.12.0",
-    "pino-roll": "3.1.0",
+    "pino": "10.0.0",
+    "pino-roll": "4.0.0",
     "pino-syslog": "3.2.0",
     "sonarqube-web-api-client": "0.11.1",
     "uuid": "13.0.0",
@@ -113,7 +113,7 @@
     "@types/express": "5.0.3",
     "@types/jest": "^30.0.0",
     "@types/lodash": "^4.17.20",
-    "@types/node": "^24.7.1",
+    "@types/node": "^24.7.2",
     "@types/opossum": "^8.1.9",
     "@typescript-eslint/eslint-plugin": "^8.46.0",
     "@typescript-eslint/parser": "^8.46.0",