docs: replace Jekyll with VitePress documentation site

[mroderick]

Summary

This PR replaces the Jekyll-based documentation site with a VitePress-based site.

Changes

• Removed: Jekyll configuration, themes, layouts, and versioned release docs
• Added: VitePress site with modern search, dark mode, and fast builds
• Added: docs/package.json for isolated docs dependencies
• Added: .github/workflows/docs.yml for CI build, link-check, and GitHub Pages deployment
• Updated: CONTRIBUTING.md with VitePress local setup instructions
• Updated: scripts/postversion.sh to remove docs release copying
• Removed: Root Gemfile/Gemfile.lock (Jekyll no longer needed)

Local setup

cd docs
npm install
npm run docs:dev

Other commands (run from docs/):

• npm run docs:build — production build
• npm run docs:preview — preview production build
• npm run test:docs — run executable documentation examples
• npm run docs:link-check — verify links

Deployment

GitHub Actions builds and deploys the site on every push to main.

Action required for maintainers

After merging, go to Settings > Pages and switch the source from "Deploy from a branch" to "GitHub Actions".

Versioned docs

Versioned documentation is no longer maintained. Only the latest docs are published.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​vitepress@​2.0.0-alpha.17
	npm/​eslint-config-prettier@​10.1.8
	npm/​vue@​3.5.35
	npm/​vitepress-plugin-llms@​1.13.1
	npm/​sass@​1.100.0
	npm/​jsdom@​29.1.1 ⏵ 28.1.0
	npm/​tap@​21.7.4
	npm/​eslint-plugin-prettier@​5.5.6
	npm/​eslint@​8.57.1 ⏵ 10.4.1	+2			+46

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm entities is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: docs/package-lock.json → npm/vitepress-plugin-llms@1.13.1 → npm/entities@4.5.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@4.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm markdown-it is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: docs/package-lock.json → npm/vitepress-plugin-llms@1.13.1 → npm/markdown-it@14.2.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/markdown-it@14.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.40%. Comparing base (49bf019) to head (962306a).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2720   +/-   ##
=======================================
  Coverage   97.40%   97.40%           
=======================================
  Files          39       39           
  Lines        1810     1810           
=======================================
  Hits         1763     1763           
  Misses         47       47           

Flag	Coverage Δ
unit	97.40% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mroderick]

CodeQL Configuration Note

This PR removes the last of the Ruby/Jekyll code from the repository. The existing CodeQL Default Setup is currently configured to scan Ruby, which will no longer find any source files to analyze.

What needs to change at merge time

Go to Settings → Security → Code security and analysis → Code scanning → Default setup and either:

1. Switch to Advanced setup — this will use the committed .github/workflows/codeql.yml (added in this PR) which is configured to analyze JavaScript instead of Ruby.

2. Or disable CodeQL entirely — the Node CI workflow already runs zizmor for security scanning, so CodeQL is optional.

About the new workflow

.github/workflows/codeql.yml:

• Language: javascript
• Triggers: push/PR to main, plus weekly schedule
• Uses pinned action SHAs with minimal permissions
• Follows the same security patterns as the existing main.yml

If left as-is, the Default Setup will likely show a configuration warning (or silently no-op) once the Ruby files are gone.