feat: enhance meta-tx handler tests with comprehensive coverage for s… (#1018)

* feat: enhance meta-tx handler tests with comprehensive coverage for signing functions

- Added tests for various signing functions including signMetaTx, signMetaTxCreateSeller, signMetaTxUpdateSeller, and others.
- Implemented assertions for signed meta transactions and structured data.
- Introduced shared constants and helper functions to streamline test setup.
- Updated existing tests to utilize new constants and improve readability.
- Ensured compatibility with Biconomy paths in relevant test cases.

* lint

* fix: update documentation for completeExchangeBatch to completeExchange in meta transaction signing

* feat: add comprehensive tests for MetaTxMixin functions in mixin.test.ts

* refactor: improve formatting and readability in mixin.test.ts

* feat: add settings.json for claude configuration with permissions

* feat: enhance MetaTxMixin tests with additional assertions and mock data

* feat: add Claude code instructions for post-task linting process

* refactor: improve code formatting and readability in mixin.test.ts

* fix: normalize BigNumberish nonce to string in signMetaTx message

Agent-Logs-Url: https://github.com/bosonprotocol/core-components/sessions/aabe43be-8339-4df3-8e78-18e865c3f825

Co-authored-by: levalleux-ludo <7184124+levalleux-ludo@users.noreply.github.com>

* feat: enhance signNativeMetaTx and signNativeMetaTxApproveExchangeToken with overloads for returnTypedDataToSign; add comprehensive tests for both functions

* refactor: update signNativeMetaTx and related functions to return UnsignedMetaTx instead of StructuredData

- Changed return type of signNativeMetaTx and signNativeMetaTxApproveExchangeToken functions to UnsignedMetaTx.
- Updated implementation to include functionName and functionSignature in the returned UnsignedMetaTx.
- Modified tests to assert against UnsignedMetaTx instead of StructuredData, ensuring correct structure and presence of new fields.
- Adjusted mixin methods to align with the updated return types and assertions.

* fix: convert nonce to string in signNativeMetaTx message

* refactor: remove debug logging from meta-tx tests

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: levalleux-ludo <7184124+levalleux-ludo@users.noreply.github.com>

Author: levalleux-ludo

.claude/settings.json

@@ -0,0 +1,159 @@
+{
+  "permissions": {
+    "allow": [
+      // ========== WEB FETCH ==========
+      "WebFetch(*)",
+
+      // ========== FILE OPERATIONS (read-only & safe writes) ==========
+      "Bash(ls:*)",
+      "Bash(pwd:*)",
+      "Bash(cat:*)",
+      "Bash(mkdir:*)",
+      "Bash(cp:*)",
+      "Bash(mv:*)",
+      "Bash(find:*)",
+      "Bash(grep:*)",
+      "Bash(sed:*)",
+      "Bash(awk:*)",
+      "Bash(sort:*)",
+      "Bash(uniq:*)",
+      "Bash(wc:*)",
+      "Bash(head:*)",
+      "Bash(tail:*)",
+      "Bash(touch:*)",
+      "Bash(tree:*)",
+      "Bash(du:*)",
+      "Bash(df:*)",
+
+      // ========== NODE.JS / PACKAGE MANAGEMENT ==========
+      "Bash(node:*)",
+      "Bash(npm:*)",
+      "Bash(npx:*)",
+      "Bash(yarn:*)",
+      "Bash(pnpm:*)",
+
+      // ========== TYPESCRIPT / BUILD ==========
+      "Bash(tsc:*)",
+      "Bash(ts-node:*)",
+
+      // ========== TESTING ==========
+      "Bash(jest:*)",
+
+      // ========== LINTING / FORMATTING ==========
+      "Bash(eslint:*)",
+      "Bash(prettier:*)",
+
+      // ========== SAFE GIT OPERATIONS ==========
+      "Bash(git status:*)",
+      "Bash(git log:*)",
+      "Bash(git diff:*)",
+      "Bash(git show:*)",
+      "Bash(git branch:*)",
+      "Bash(git stash list:*)",
+      "Bash(git tag:*)",
+      "Bash(git remote -v:*)",
+      "Bash(git fetch:*)",
+      "Bash(git add:*)",
+      "Bash(git commit:*)",
+      "Bash(git checkout:*)",
+      "Bash(git merge:*)",
+      "Bash(git rebase:*)",
+
+      // ========== TEXT PROCESSING & UTILITIES ==========
+      "Bash(echo:*)",
+      "Bash(printf:*)",
+      "Bash(tr:*)",
+      "Bash(cut:*)",
+      "Bash(xargs:*)",
+      "Bash(jq:*)",
+      "Bash(base64:*)",
+
+      // ========== PROCESS INFO (read-only) ==========
+      "Bash(ps:*)",
+      "Bash(whoami:*)",
+      "Bash(which:*)",
+      "Bash(where:*)",
+
+      // ========== MISC UTILITIES ==========
+      "Bash(date:*)",
+      "Bash(sleep:*)",
+      "Bash(test:*)",
+      "Bash(zip:*)",
+      "Bash(unzip:*)"
+    ],
+
+    "deny": [
+      // ========== DESTRUCTIVE FILESYSTEM OPERATIONS ==========
+      "Bash(rm -rf /)",
+      "Bash(rm -rf *)",
+      "Bash(rm -rf ./*)",
+      "Bash(rm -rf ../*)",
+      "Bash(dd if=/dev/zero*)",
+      "Bash(mkfs.*)",
+      "Bash(format:*)",
+
+      // ========== DESTRUCTIVE GIT OPERATIONS ==========
+      "Bash(git push:*)",
+      "Bash(git push --force:*)",
+      "Bash(git push -f:*)",
+      "Bash(git reset --hard:*)",
+      "Bash(git clean -f:*)",
+      "Bash(git clean -fd:*)",
+      "Bash(git checkout -- .:*)",
+      "Bash(git branch -D:*)",
+      "Bash(git restore .:*)",
+
+      // ========== PRIVILEGE ESCALATION ==========
+      "Bash(sudo:*)",
+      "Bash(su:*)",
+      "Bash(doas:*)",
+
+      // ========== FORK BOMBS ==========
+      "Bash(:(){:|:&};:)",
+
+      // ========== REVERSE SHELLS ==========
+      "Bash(/dev/tcp/*)",
+      "Bash(/dev/udp/*)",
+      "Bash(nc -e /bin/bash*)",
+      "Bash(bash -c 'exec 1<>/dev/tcp/*')",
+
+      // ========== PIPE-EXEC FROM REMOTE ==========
+      "Bash(curl * | bash*)",
+      "Bash(curl * | sh*)",
+      "Bash(wget * | bash*)",
+      "Bash(wget * | sh*)",
+      "Bash(source <(curl*)",
+      "Bash(bash <(curl*)",
+
+      // ========== CREDENTIAL THEFT ==========
+      "Bash(cat /etc/shadow*)",
+      "Bash(cat /etc/passwd*)",
+      "Bash(cat ~/.ssh/id_rsa*)",
+      "Bash(cat ~/.aws/credentials*)",
+      "Bash(cat ~/.docker/config.json*)",
+      "Bash(cat ~/.kube/config*)",
+
+      // ========== PROCESS KILLING ==========
+      "Bash(kill -9:*)",
+      "Bash(killall:*)",
+
+      // ========== LOG & AUDIT DELETION ==========
+      "Bash(history -c*)",
+      "Bash(cat /dev/null > ~/.bash_history*)",
+
+      // ========== CLOUD METADATA EXPLOITS ==========
+      "Bash(curl http://169.254.169.254/*)",
+      "Bash(curl http://metadata.google.internal/*)",
+
+      // ========== DANGEROUS EVAL / INJECTION ==========
+      "Bash(eval:*)",
+
+      // ========== KERNEL / SYSTEM MODIFICATION ==========
+      "Bash(sysctl -w*)",
+      "Bash(modprobe:*)",
+      "Bash(insmod:*)",
+      "Bash(rmmod:*)",
+      "Bash(iptables -F*)"
+    ]
+  }
+}

.gitignore

@@ -41,3 +41,6 @@ scripts/abi-signatures.csv
 storybook-static
 .qodo
 .env
+
+# claude
+.claude/settings.local.json

CLAUDE.md

@@ -0,0 +1,13 @@
+# Claude Code Instructions
+
+## Post-task linting
+
+After completing any task (once code and test changes have been functionally validated), always run:
+
+```bash
+npm run lint:fix
+```
+
+This fixes linting issues introduced by the changes before considering the task done.
+
+Run it **without a `cd &&` prefix** — use `npm run lint:fix` directly so it matches the `Bash(npm:*)` allow rule and does not prompt for authorisation.