chore: update @redocly/ajv dependency and temporary pin it

[AlbinaBlazhko17]

What/Why/How?

Hotfix:

• After release of new ajv v8.18.2 the smoke tests started to fail
• Temporary pin the dep, will be unpinned in this PR #2689

Reference

Testing

Screenshots (optional)

Check yourself

• This PR follows the contributing guide
• All new/updated code is covered by tests
• Core code changed? - Tested with other Redocly products (internal contributions only)
• New package installed? - Tested in different environments (browser/node)
• Documentation update has been considered

Security

• The security impact of the change has been considered
• Code follows company security practices and guidelines

---

Note

Low Risk
Low risk dependency maintenance change, but it affects schema validation behavior by locking both @redocly/ajv and the ajv alias to a specific patch version.

Overview
Updates @redocly/openapi-core and @redocly/respect-core to pin @redocly/ajv (and the ajv npm alias) to 8.18.1 instead of allowing ^8.18.0 ranges, and updates the lockfile accordingly.

Adds a changeset to publish patch releases for both packages reflecting this temporary dependency pin.

^{Reviewed by Cursor Bugbot for commit e5b19b6. Bugbot is set up for automated code reviews on this repo. Configure here.}

[changeset-bot]

🦋 Changeset detected

Latest commit: e5b19b6

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@redocly/respect-core	Patch
@redocly/openapi-core	Patch
@redocly/cli	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	79.92% (🎯 79%)	6685 / 8364
🔵	Statements	79.35% (🎯 79%)	6916 / 8715
🔵	Functions	83.12% (🎯 82%)	1355 / 1630
🔵	Branches	71.61% (🎯 71%)	4546 / 6348

File Coverage

No changed files found.

Generated in workflow #9308 for commit e5b19b6 by the Vitest Coverage Report Action

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit e5b19b6. Configure here.}

[cursor]

CLI package ajv dependency not updated to 8.18.1

Medium Severity

The @redocly/cli package still has "ajv": "npm:@redocly/ajv@8.18.0" while packages/core and packages/respect-core were both updated to npm:@redocly/ajv@8.18.1. This creates a version inconsistency across the monorepo — the cli package resolves its own ajv to 8.18.0 (confirmed in the lockfile) while its transitive dependencies openapi-core and respect-core use 8.18.1. This was likely an oversight when applying the version update and pin.

 

^{Reviewed by Cursor Bugbot for commit e5b19b6. Configure here.}