build(deps): bump hono from 4.12.9 to 4.12.12 in the npm_and_yarn group across 1 directory#104
Merged
github-actions[bot] merged 1 commit intodevelopfrom Apr 13, 2026
Conversation
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Bumps the npm_and_yarn group with 1 update in the / directory: [hono](https://github.com/honojs/hono). Updates `hono` from 4.12.9 to 4.12.12 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.9...v4.12.12) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.12 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/npm_and_yarn-7868ad5c7f
branch
from
eaa5bcd to
c0ab7bf
Compare
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm_and_yarn-7868ad5c7f
branch
ignromanov
added a commit
that referenced
this pull request
Apr 14, 2026
…ity (#137) * docs: update privacy policy with Umami analytics details Add dedicated "Product Analytics" section, add Umami to Third-Party Services, fix misleading "Analytics or telemetry" item in "What We Don't Collect" section. * fix(demo): correct demo invoice data and native token template loading - Fix txHash #1 missing 2 hex chars (62→64 hex digits) - Remove redundant "(40 hours)" from description where qty=40 - Change Invoice #2 discount from 8% to 5% so tax/discount don't cancel out - Fix native token (ETH, POL) not recognized when loading invoice as template: spread merge didn't clear default tokenAddress when decoded data omits the key * docs: add community files, security policy, README redesign - LICENSE (MIT) - SECURITY.md + public/.well-known/security.txt (RFC 9116) - CONTRIBUTING.md, CODE_OF_CONDUCT.md (Contributor Covenant v2.1) - README.md full redesign: badges, How It Works, features, quick start - .github/FUNDING.yml (GitHub Sponsors + Giveth) - .github/dependabot.yml (weekly npm, monthly GHA) - .github/pull_request_template.md - .github/ISSUE_TEMPLATE/feature_request.md * fix(docs): simplify PR template to match existing style Summary + Test plan (lowercase), no generic checklist — CI handles validation. * fix(docs): PR template with structured summary and specific test plan Matches PR #45 style: subsections for larger PRs, concrete test checkboxes. * ci: add Dependabot auto-merge for patch and minor updates Auto-approve and squash-merge Dependabot PRs for patch/minor versions after CI passes. Major version updates require manual review. * build(deps-dev): bump tailwindcss from 4.1.18 to 4.2.2 (#70) Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) from 4.1.18 to 4.2.2. - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.2/packages/tailwindcss) --- updated-dependencies: - dependency-name: tailwindcss dependency-version: 4.2.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump tailwind-merge from 3.4.0 to 3.5.0 (#62) Bumps [tailwind-merge](https://github.com/dcastil/tailwind-merge) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/dcastil/tailwind-merge/releases) - [Commits](https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.5.0) --- updated-dependencies: - dependency-name: tailwind-merge dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump zustand from 5.0.9 to 5.0.12 (#68) Bumps [zustand](https://github.com/pmndrs/zustand) from 5.0.9 to 5.0.12. - [Release notes](https://github.com/pmndrs/zustand/releases) - [Commits](https://github.com/pmndrs/zustand/compare/v5.0.9...v5.0.12) --- updated-dependencies: - dependency-name: zustand dependency-version: 5.0.12 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump lint-staged from 16.2.7 to 16.4.0 (#61) Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 16.2.7 to 16.4.0. - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](https://github.com/lint-staged/lint-staged/compare/v16.2.7...v16.4.0) --- updated-dependencies: - dependency-name: lint-staged dependency-version: 16.4.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump viem from 2.43.4 to 2.47.6 (#63) Bumps [viem](https://github.com/wevm/viem) from 2.43.4 to 2.47.6. - [Release notes](https://github.com/wevm/viem/releases) - [Commits](https://github.com/wevm/viem/compare/viem@2.43.4...viem@2.47.6) --- updated-dependencies: - dependency-name: viem dependency-version: 2.47.6 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @next/eslint-plugin-next from 16.1.1 to 16.2.1 (#69) Bumps [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) from 16.1.1 to 16.2.1. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.1/packages/eslint-plugin-next) --- updated-dependencies: - dependency-name: "@next/eslint-plugin-next" dependency-version: 16.2.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump zod from 4.3.4 to 4.3.6 (#66) Bumps [zod](https://github.com/colinhacks/zod) from 4.3.4 to 4.3.6. - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](https://github.com/colinhacks/zod/compare/v4.3.4...v4.3.6) --- updated-dependencies: - dependency-name: zod dependency-version: 4.3.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(github): issue templates frontmatter, dependabot auto-merge workflow - Add name/about/title/assignees to issue templates so GitHub recognizes them - Create config.yml disabling blank issues with security advisory link - Replace dependabot-auto-merge.yml with simplified dependabot-automerge.yml * build(deps-dev): bump lucide-static from 0.577.0 to 1.7.0 (#67) Bumps [lucide-static](https://github.com/lucide-icons/lucide) from 0.577.0 to 1.7.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/compare/0.577.0...1.7.0) --- updated-dependencies: - dependency-name: lucide-static dependency-version: 1.7.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @types/node from 22.19.3 to 25.5.0 (#65) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.19.3 to 25.5.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/upload-artifact from 4 to 7 (#60) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump pnpm/action-setup from 4 to 5 (#59) Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 4 to 5. - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](https://github.com/pnpm/action-setup/compare/v4...v5) --- updated-dependencies: - dependency-name: pnpm/action-setup dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/checkout from 4 to 6 (#58) Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/cache from 4 to 5 (#57) Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/setup-node from 4 to 6 (#56) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump picomatch from 2.3.1 to 2.3.2 (#55) Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) --- updated-dependencies: - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump vitest and @vitest/coverage-istanbul (#64) Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) and [@vitest/coverage-istanbul](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-istanbul). These dependencies needed to be updated together. Updates `vitest` from 4.0.16 to 4.1.2 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/vitest) Updates `@vitest/coverage-istanbul` from 4.0.16 to 4.1.2 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/coverage-istanbul) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.1.2 dependency-type: direct:development update-type: version-update:semver-minor - dependency-name: "@vitest/coverage-istanbul" dependency-version: 4.1.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump the npm_and_yarn group across 1 directory with 11 updates (#71) Bumps the npm_and_yarn group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [next](https://github.com/vercel/next.js) | `15.5.9` | `15.5.14` | | [happy-dom](https://github.com/capricorn86/happy-dom) | `20.0.11` | `20.8.9` | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` | | [axios](https://github.com/axios/axios) | `1.13.2` | `1.14.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` | | [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` | | [h3](https://github.com/h3js/h3) | `1.15.4` | `1.15.10` | | [hono](https://github.com/honojs/hono) | `4.11.3` | `4.12.9` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [rollup](https://github.com/rollup/rollup) | `4.54.0` | `4.60.1` | | [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.5` | `4.2.6` | Updates `next` from 15.5.9 to 15.5.14 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.9...v15.5.14) Updates `happy-dom` from 20.0.11 to 20.8.9 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.11...v20.8.9) Updates `ajv` from 6.12.6 to 6.14.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0) Updates `axios` from 1.13.2 to 1.14.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.2...v1.14.0) Updates `brace-expansion` from 1.1.12 to 1.1.13 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13) Updates `flatted` from 3.3.3 to 3.4.2 - [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2) Updates `h3` from 1.15.4 to 1.15.10 - [Release notes](https://github.com/h3js/h3/releases) - [Changelog](https://github.com/h3js/h3/blob/v1.15.10/CHANGELOG.md) - [Commits](https://github.com/h3js/h3/compare/v1.15.4...v1.15.10) Updates `hono` from 4.11.3 to 4.12.9 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](https://github.com/honojs/hono/compare/v4.11.3...v4.12.9) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5) Updates `rollup` from 4.54.0 to 4.60.1 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.54.0...v4.60.1) Updates `socket.io-parser` from 4.2.5 to 4.2.6 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/socket.io-parser@4.2.5...socket.io-parser@4.2.6) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.14 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.8.9 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 1.14.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 1.1.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: h3 dependency-version: 1.15.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hono dependency-version: 4.12.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.60.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-version: 4.2.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump yaml from 2.8.2 to 2.8.3 (#53) Bumps [yaml](https://github.com/eemeli/yaml) from 2.8.2 to 2.8.3. - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](https://github.com/eemeli/yaml/compare/v2.8.2...v2.8.3) --- updated-dependencies: - dependency-name: yaml dependency-version: 2.8.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @xmldom/xmldom (#72) Bumps the npm_and_yarn group with 1 update in the / directory: [@xmldom/xmldom](https://github.com/xmldom/xmldom). Updates `@xmldom/xmldom` from 0.8.11 to 0.8.12 - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12) --- updated-dependencies: - dependency-name: "@xmldom/xmldom" dependency-version: 0.8.12 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs: add Drips FUNDING.json + fix Giveth URL in FUNDING.yml - FUNDING.json: Drips Network project claim (treasury wallet) - FUNDING.yml: correct Giveth project URL slug * Add newline at end of FUNDING.json Fix formatting by adding a newline at the end of the file. * docs: add OP Atlas projectId to FUNDING.json * docs: add Optimism network to Drips FUNDING.json * docs: add Buy Me a Coffee to FUNDING.yml * build(deps): bump lodash in the npm_and_yarn group across 1 directory (#78) Bumps the npm_and_yarn group with 1 update in the / directory: [lodash](https://github.com/lodash/lodash). Updates `lodash` from 4.17.21 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump defu in the npm_and_yarn group across 1 directory (#80) Bumps the npm_and_yarn group with 1 update in the / directory: [defu](https://github.com/unjs/defu). Updates `defu` from 6.1.4 to 6.1.6 - [Release notes](https://github.com/unjs/defu/releases) - [Changelog](https://github.com/unjs/defu/blob/main/CHANGELOG.md) - [Commits](https://github.com/unjs/defu/compare/v6.1.4...v6.1.6) --- updated-dependencies: - dependency-name: defu dependency-version: 6.1.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: remove robots.txt (static export doesn't serve it) * feat: add 512x512 app icon for PWA and social sharing * feat: add TalentApp domain verification meta tag * build(deps): bump @tanstack/react-query from 5.90.16 to 5.96.2 (#82) Bumps [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) from 5.90.16 to 5.96.2. - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.96.2/packages/react-query) --- updated-dependencies: - dependency-name: "@tanstack/react-query" dependency-version: 5.96.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @next/eslint-plugin-next from 16.2.1 to 16.2.2 (#84) Bumps [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) from 16.2.1 to 16.2.2. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.2/packages/eslint-plugin-next) --- updated-dependencies: - dependency-name: "@next/eslint-plugin-next" dependency-version: 16.2.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump framer-motion from 12.23.26 to 12.38.0 (#87) Bumps [framer-motion](https://github.com/motiondivision/motion) from 12.23.26 to 12.38.0. - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](https://github.com/motiondivision/motion/compare/v12.23.26...v12.38.0) --- updated-dependencies: - dependency-name: framer-motion dependency-version: 12.38.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @vitejs/plugin-react from 5.1.2 to 5.2.0 (#88) Bumps [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) from 5.1.2 to 5.2.0. - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/plugin-react@5.2.0/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.2.0/packages/plugin-react) --- updated-dependencies: - dependency-name: "@vitejs/plugin-react" dependency-version: 5.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump postcss from 8.5.6 to 8.5.8 (#89) Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.8. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.5.6...8.5.8) --- updated-dependencies: - dependency-name: postcss dependency-version: 8.5.8 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump typescript-eslint from 8.51.0 to 8.58.0 (#92) Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.51.0 to 8.58.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: typescript-eslint dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @testing-library/react from 16.3.1 to 16.3.2 (#93) Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 16.3.1 to 16.3.2. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/react-testing-library/compare/v16.3.1...v16.3.2) --- updated-dependencies: - dependency-name: "@testing-library/react" dependency-version: 16.3.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @web3icons/react from 4.1.14 to 4.1.17 (#94) Bumps [@web3icons/react](https://github.com/0xa3k5/web3icons/tree/HEAD/packages/react) from 4.1.14 to 4.1.17. - [Release notes](https://github.com/0xa3k5/web3icons/releases) - [Changelog](https://github.com/0xa3k5/web3icons/blob/main/packages/react/CHANGELOG.md) - [Commits](https://github.com/0xa3k5/web3icons/commits/@web3icons/react@4.1.17/packages/react) --- updated-dependencies: - dependency-name: "@web3icons/react" dependency-version: 4.1.17 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @upstash/ratelimit from 2.0.7 to 2.0.8 (#91) Bumps [@upstash/ratelimit](https://github.com/upstash/ratelimit) from 2.0.7 to 2.0.8. - [Release notes](https://github.com/upstash/ratelimit/releases) - [Commits](https://github.com/upstash/ratelimit/compare/v2.0.7...v2.0.8) --- updated-dependencies: - dependency-name: "@upstash/ratelimit" dependency-version: 2.0.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @eslint/eslintrc from 3.3.3 to 3.3.5 (#96) Bumps [@eslint/eslintrc](https://github.com/eslint/eslintrc) from 3.3.3 to 3.3.5. - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslintrc/compare/eslintrc-v3.3.3...eslintrc-v3.3.5) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.5 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump pixi.js from 8.14.3 to 8.17.1 (#100) Bumps [pixi.js](https://github.com/pixijs/pixijs) from 8.14.3 to 8.17.1. - [Release notes](https://github.com/pixijs/pixijs/releases) - [Commits](https://github.com/pixijs/pixijs/compare/v8.14.3...v8.17.1) --- updated-dependencies: - dependency-name: pixi.js dependency-version: 8.17.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump geist from 1.5.1 to 1.7.0 (#98) Bumps [geist](https://github.com/vercel/geist-font/tree/HEAD/packages/next) from 1.5.1 to 1.7.0. - [Release notes](https://github.com/vercel/geist-font/releases) - [Changelog](https://github.com/vercel/geist-font/blob/main/packages/next/CHANGELOG.md) - [Commits](https://github.com/vercel/geist-font/commits/geist@1.7.0/packages/next) --- updated-dependencies: - dependency-name: geist dependency-version: 1.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @types/node from 25.5.0 to 25.5.2 (#99) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.5.0 to 25.5.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump viem from 2.47.6 to 2.47.10 (#97) Bumps [viem](https://github.com/wevm/viem) from 2.47.6 to 2.47.10. - [Release notes](https://github.com/wevm/viem/releases) - [Commits](https://github.com/wevm/viem/compare/viem@2.47.6...viem@2.47.10) --- updated-dependencies: - dependency-name: viem dependency-version: 2.47.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @eslint/js from 9.39.2 to 9.39.4 (#101) Bumps [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) from 9.39.2 to 9.39.4. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v9.39.4/packages/js) --- updated-dependencies: - dependency-name: "@eslint/js" dependency-version: 9.39.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump vite in the npm_and_yarn group across 1 directory (#102) Bumps the npm_and_yarn group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 7.3.0 to 7.3.2 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.3.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * refactor(history): redesign history page cards with payment panel style (#103) * feat(history): add StatusGradientBar component * feat(history): add NetworkBadge component with tests * refactor(history): redesign InvoiceStatusBadge with dot + glow * refactor(history): restyle InvoiceCardShell with zinc-900 + gradient bar * refactor(history): rewrite HistoryList with new card layout, network badge, subtotal * refactor(history): rewrite ReceivedInvoiceList with unified card design + Template button * refactor(history): update HistoryWorkspace colors gray→zinc * fix(history): remove unused type imports in ReceivedInvoiceList * refactor(history): extract shared InvoiceCard, remove duplicate card components Unified HistoryEntryCard and ReceivedInvoiceCard (~95% identical) into a single InvoiceCard with a nameLabel prop. Removed defeated memo(), pointless useMemo, dead source prop, and unnecessary JSX comments. Collapsed identical DecodedReceivedInvoice type into alias for DecodedHistoryEntry. * refactor(history): consolidate duplicated configs, merge list components - Merge HistoryList + ReceivedInvoiceList into unified InvoiceList with variant prop ('created'|'received') controlling route, name, empty text - Extract INVOICE_STATUS_CHIPS to entities/invoice for shared status colors consumed by InvoiceStatusBadge (features) and StatusChip (widgets) - Move network badge dark-mode colors to entities/network (NETWORK_BADGES_DARK) - Add formatDateMedium, formatDateCompact, isoToUnix to shared/lib/date-time - Remove deprecated DecodedReceivedInvoice type alias - Net -54 lines, 59/59 tests pass, tsc + lint clean * feat: add Base network (8453) + refactor network visual system (#79) * fix: remove robots.txt (static export doesn't serve it) * feat: add BaseIcon SVG component for Base network * feat: add Base (8453) and Base Sepolia (84532) to chain config * feat: add Base network metadata and codes * feat: add Base token registry (ETH, USDC, USDT) * feat: add Base provider slugs for Alchemy and Infura * feat: add Base confirmation config (OP Stack) * feat: add Base block estimation parameters * feat: add Base UI theming, badges, glows, and explorer * feat: add Base RPC URL env vars to schema * fix: add Base to theme configs, update chain count tests and snapshots * fix: add Base to NetworkIcon component (web3icons + fallback) * fix: update Base reference block from live explorer data * refactor: remove unused BaseIcon (NetworkIcon uses @web3icons/react) * fix: boost Base glow opacity (blue is subtle on dark background) * revert: restore original Base glow values * fix: resolve testnet glow/shadow/badge lookups via withTestnets helper Visual config Records (NETWORK_SHADOWS, NETWORK_GLOWS, NETWORK_GLOW_SHADOWS, NETWORK_GLOW_BORDERS, NETWORK_BADGES) were keyed by mainnet chain IDs only, causing missing glow on testnet invoices (e.g. Base Sepolia 84532). Added withTestnets() helper that auto-derives testnet entries from TESTNET_PARENT, so new networks only need one mapping update. * docs: update supported networks count and add Base to README and snapshot tests * docs: add Base to all network references across landing, legal, and test files * refactor: create canonical network palette and testnet utilities * chore: bump Node.js version to v24 in .nvmrc * chore: gitignore AI tool facades, plugins, and supabase local config * refactor: rename getNetworkTheme→getNetworkName, extract testnet utils, lowercase addresses * refactor: derive brand-tokens from palette, remove dead env vars, fix NetworkIcon a11y - NetworkTheme now aliases NetworkThemeName from network-palette (canonical source) - isValidNetworkTheme validates against NETWORK_PALETTE instead of NETWORK_THEMES - Remove 10 dead NEXT_PUBLIC_ALCHEMY/INFURA_*_URL env vars (RPC proxy uses API keys + slug maps) - NetworkIcon resolves testnet chain IDs to mainnet for icon/color/letter lookup - Add aria-label to both branded and fallback NetworkIcon paths - Export NETWORK_PALETTE and NetworkThemeName from shared/ui public API * refactor: derive network-themes from canonical palette + withTestnets * refactor: update consumers to use getNetworkThemeName, hoist widget colors * feat: add Base demo invoice, fix tokenAddress not clearing for native tokens Add 5th demo invoice for Base network (USDC, pending status) to landing page carousel. Fix react-hook-form reset() not clearing tokenAddress when loading native token templates (ETH/POL) — undefined must be mapped to '' so RHF treats it as an explicit value rather than "keep current". * fix: address PR review findings — remove unverified USDT, harden env, stabilize snapshots - Remove Base USDT token (no official Tether deployment on Base) - Add BLOCK_EXPLORERS comment explaining withTestnets exclusion - Update Base Sepolia block anchor from live RPC (28M → 39.88M) - Replace Math.random() with crypto.randomUUID() in RPC proxy - Harden validateEnv to throw in production on missing vars - Add Radix UI snapshot serializer for stable aria-controls IDs * fix: prevent stale total when switching tokens, add replaceDraft for clean data loading Total was stored as pre-calculated atomic units tied to a specific token's decimals. Switching tokens reconverted line item rates but left total stale, causing the preview to format ETH-scale values with USDC decimals (e.g. 5,510,000,000,000 instead of 5.80). - Add replaceDraft() for atomic draft replacement (hash decode, template load) - Extract toInvoiceItems/draftWithItems helpers, DRY 4 line item methods - Clear stale total on: token switch, item mutations, template save/load - Strip total from hash decode in CreateWorkspace (editor recalculates) - Handle string quantities in invoiceItemsToLineItems (old localStorage) * fix(history): resolve testnet networks showing as "Unknown" in history badges Use getNetworkName() for O(1) lookup across all networks instead of NETWORK_CONFIG.find() which only covered mainnets. Wrap NETWORK_BADGES_DARK with withTestnets() so testnet badges inherit parent network brand colors. * fix(create): reset all draft fields on form clear, extract store→form adapter draftSyncStatus leaked through reset because createNewDraft/clearDraft/replaceDraft didn't explicitly set it to 'idle'. Tax/discount/notes leaked because react-hook-form treats undefined in reset() as "keep previous value". Extract draftDataToFormValues() adapter as single source of truth for PartialInvoice→InvoiceFormValues conversion, replacing duplicated 60-line inline mappings. All optional string fields now coerced to '' on reset. * fix(test): align NetworkBadge test with getNetworkName fallback to chain ID * feat: update comparison table data to April 2026 research RF pricing changed to \$250+/mo subscription, data storage corrected to Centralized (hybrid API + on-chain, not pure IPFS), KYC/KYB updated to required (yes). Disclaimer and comment block updated to April 2026. * feat: add comparison page content data (VP vs Request Finance) * feat: add /compare/request-finance comparison page * feat: add /compare pages priority to sitemap config * feat: add link to detailed comparison from landing table * test: add comparison page tests * fix: improve comparison page UI and remove duplicate footer Apply UI/UX audit improvements: text-pretty headings, tabular-nums table, hover states, glow CTA button, visual star rating, TL;DR label, violet accent on bottom-line boxes. Remove duplicate footer links since app-level footer already exists. * ci: add project-sync workflow for auto VP Roadmap sync New issues automatically added to VP Roadmap project board with fields (Status, Priority, Advisor, Type, Source Repo) parsed from labels. Agents no longer need manual item-add. * fix(ci): use GraphQL API for project-sync workflow gh project item-add/item-edit fail with "unknown owner type" on user-level projects. Switch to direct GraphQL mutations. * chore: add .superpowers/ to gitignore * fix: invoice generation bugs — flash, source immutability, cross-tab sync (#105) * fix: prevent invoice flash on generate, preserve source immutability, add cross-tab sync - Remove clearDraft setTimeout that caused visible flash during navigation - Make TrackedInvoice.source immutable (first-write-wins) so visiting /pay doesn't overwrite 'created' to 'received' - Add localStorage storage event listener for cross-tab store rehydration * fix(ui): add cursor-pointer to CreatorHintBanner dismiss button * fix(store): key TrackedInvoice by contentHash (SHA-256) instead of invoiceId (#112) * feat(codec): add computeContentHash — SHA-256 bytes32 digest for invoice identity * feat(codec): return contentHash from parseInvoiceHash * feat(store): key TrackedInvoice by contentHash instead of invoiceId * feat(create): compute contentHash on invoice generation * feat(view): compute and expose contentHash from useInvoiceView * feat(import): compute contentHash for imported invoices * refactor(ui): wire contentHash through component hierarchy * refactor(payment): all hooks key by contentHash instead of invoiceId Updates SmartPayButtonProps, UsePaymentFlowParams, UsePaymentVerificationParams, UseFinalizationTrackerParams, UsePaymentPollingParams, and UseManualVerifyParams to accept contentHash. All store action calls (setTxHash, setError, setValidated, setFinalized, resetPaymentState, setConfirmations) now use contentHash as the key. Internal polling helpers (loops, visibility-handler) updated consistently. * fix: use contentHash key in polling params * test: update all tests for contentHash-based store key * fix: review fixes — runtime bugs, security hardening, perf improvements - Fix PaymentPanel using invoiceId instead of contentHash for store lookup (BUG-01: PDF export lost paidAt) - Fix DevStatusToggle passing invoiceId to contentHash-keyed store methods (BUG-02) - Use Promise.allSettled in migration to survive partial failures (S-01) - Always recompute contentHash on import, never trust pre-supplied values (S-02) - Add empty fragment guard in addToHistory (H-1) - Early return in setTxHash for unknown invoice (M-2) - Add console.warn to migration catch block (F-04) - Parallelize decode + hash in parseInvoiceHash via Promise.all - Parallelize import hash computation, eliminate in-place mutation * fix: resolve history page flickering and infinite migration loop - Replace non-reactive hasHydrated() with useStoreHydrated() hook that subscribes via onFinishHydration for proper React re-render on hydration - Make persist migration synchronous to avoid zustand v5 hydrationVersion race condition that cancelled in-flight async migrations - Compute contentHash post-hydration via onFinishHydration + hasHydrated guard to handle both sync and async hydration paths - Remove cross-tab storage event listener that triggered rehydrate() loops from stale tabs still writing version 1 * fix: show full invoice data in debug panel instead of decode flag * fix: skip post-hydration hash computation on v2+ stores Add _pendingHashComputation flag set only by migrate() during v1→v2 transition. _computeMissingContentHashes() now exits immediately on v2+ stores instead of reading store state on every hydration. * fix: remove console.info logs and fix test type errors Remove informational console logs from TrackedInvoiceStore (keep warnings). Add missing contentHash to SmartPayButton test fixtures. Add scrollMargin to MockIntersectionObserver for TS 5.5+ compat. * refactor: replace async crypto.subtle with sync @noble/hashes for SHA-256 Async two-phase migration (sync migrate → async post-hydration hash) caused store data loss: zustand persisted entries with empty contentHash between phases, and any failure in the async phase dropped invoices. Switch to sync SHA-256 via @noble/hashes (already a dependency via viem) so contentHash is computed atomically inside migrate(). Removes ~55 lines of async infrastructure: _pendingHashComputation, _computeMissingContentHashes, _sha256, onFinishHydration/hasHydrated fallback. * docs: fix SECURITY.md — styled-components → inline style injection, add /api/health to out-of-scope * fix(wallet): sync connection state between scoped Web3Providers LazyWalletButton in the header could stay in static placeholder state ("Connect") while PayButton's scoped provider already had the wallet connected. Root cause: LazyWalletButton only checked localStorage on mount and had no way to detect connections from other providers. Add WalletStateSync component that dispatches a custom DOM event on wallet connect, and a listener in LazyWalletButton to activate when the event fires. * fix(wallet): prevent rehydration race in scoped Web3Providers Multiple WagmiProvider instances sharing one wagmiConfig caused connector state corruption: each mount triggered rehydrate() which overwrote live connector instances with serialized plain objects from localStorage. Between rehydrate() and reconnect() completing, writeContract/sendTransaction crashed with "getChainId is not a function" because the connector lacked methods. Use WagmiContext.Provider (context-only, no hydration) for all Web3Provider instances after the first one. A module-level flag ensures only the primary instance triggers full WagmiProvider hydration + reconnect. * fix(payment): keyframe rotate to prevent SmartPay spinner freeze on Rabby framer-motion v12 with WAAPI backend stalls single-value rotate loops on the second iteration when a wallet extension's content script forces a re-render mid-mount. The breathing label kept animating (keyframes array) while the spinner icon froze (single value 360). Switching to explicit keyframes [0, 360] gives WAAPI an unambiguous start/end on every iteration and matches the pattern already used by FluidOverlay for all other infinite loops in the button tree. * fix(history): batch-check unpaid for both created and received invoices Parametrize useBatchCheck by invoice source so the History page can verify pending payments for both own and counterparty invoices, not just created. Add a Check Unpaid button to the Received section mirroring the Created one. Make invoice number and counterparty name in InvoiceCard clickable — both trigger the View action with hover/focus styling. * build(deps): bump viem from 2.47.10 to 2.47.16 (#122) Bumps [viem](https://github.com/wevm/viem) from 2.47.10 to 2.47.16. - [Release notes](https://github.com/wevm/viem/releases) - [Commits](https://github.com/wevm/viem/compare/viem@2.47.10...viem@2.47.16) --- updated-dependencies: - dependency-name: viem dependency-version: 2.47.16 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump typescript-eslint from 8.58.0 to 8.58.2 (#124) Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.58.0 to 8.58.2. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.2/packages/typescript-eslint) --- updated-dependencies: - dependency-name: typescript-eslint dependency-version: 8.58.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @noble/hashes from 2.0.1 to 2.2.0 (#125) Bumps [@noble/hashes](https://github.com/paulmillr/noble-hashes) from 2.0.1 to 2.2.0. - [Release notes](https://github.com/paulmillr/noble-hashes/releases) - [Commits](https://github.com/paulmillr/noble-hashes/compare/2.0.1...2.2.0) --- updated-dependencies: - dependency-name: "@noble/hashes" dependency-version: 2.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump prettier from 3.7.4 to 3.8.2 (#126) Bumps [prettier](https://github.com/prettier/prettier) from 3.7.4 to 3.8.2. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/3.7.4...3.8.2) --- updated-dependencies: - dependency-name: prettier dependency-version: 3.8.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump use-debounce from 10.0.6 to 10.1.1 (#127) Bumps [use-debounce](https://github.com/xnimorz/use-debounce) from 10.0.6 to 10.1.1. - [Release notes](https://github.com/xnimorz/use-debounce/releases) - [Changelog](https://github.com/xnimorz/use-debounce/blob/master/CHANGELOG.md) - [Commits](https://github.com/xnimorz/use-debounce/commits) --- updated-dependencies: - dependency-name: use-debounce dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump hono in the npm_and_yarn group across 1 directory (#104) Bumps the npm_and_yarn group with 1 update in the / directory: [hono](https://github.com/honojs/hono). Updates `hono` from 4.12.9 to 4.12.12 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](https://github.com/honojs/hono/compare/v4.12.9...v4.12.12) --- updated-dependencies: - dependency-name: hono dependency-version: 4.12.12 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump react-hook-form from 7.70.0 to 7.72.1 (#130) Bumps [react-hook-form](https://github.com/react-hook-form/react-hook-form) from 7.70.0 to 7.72.1. - [Release notes](https://github.com/react-hook-form/react-hook-form/releases) - [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md) - [Commits](https://github.com/react-hook-form/react-hook-form/compare/v7.70.0...v7.72.1) --- updated-dependencies: - dependency-name: react-hook-form dependency-version: 7.72.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @tailwindcss/postcss from 4.1.18 to 4.2.2 (#131) Bumps [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) from 4.1.18 to 4.2.2. - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.2/packages/@tailwindcss-postcss) --- updated-dependencies: - dependency-name: "@tailwindcss/postcss" dependency-version: 4.2.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump lucide-static from 1.7.0 to 1.8.0 (#123) Bumps [lucide-static](https://github.com/lucide-icons/lucide) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/compare/1.7.0...1.8.0) --- updated-dependencies: - dependency-name: lucide-static dependency-version: 1.8.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump @tanstack/react-query from 5.96.2 to 5.99.0 (#128) Bumps [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) from 5.96.2 to 5.99.0. - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.99.0/packages/react-query) --- updated-dependencies: - dependency-name: "@tanstack/react-query" dependency-version: 5.99.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @types/node from 25.5.2 to 25.6.0 (#132) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.5.2 to 25.6.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.6.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps-dev): bump @next/eslint-plugin-next from 16.2.2 to 16.2.3 (#134) Bumps [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) from 16.2.2 to 16.2.3. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.3/packages/eslint-plugin-next) --- updated-dependencies: - dependency-name: "@next/eslint-plugin-next" dependency-version: 16.2.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(payment): typed wagmi error handling + onReplaced support (#115) * feat(payment): typed wagmi error handling + onReplaced support Replace fragile string-matching error classification with typed detection via viem's BaseError.walk() across the payment and wallet-connect features. Add onReplaced callback to handle user speedup/cancel of pending transactions. Component A: shared/lib/web3-errors - New module with isUserRejected, isInsufficientFunds, isChainMismatch, isReceiptNotFound, isReceiptTimeout, isTxReverted, walkCause - Walks BaseError cause chain via viem's typed API, falls back to string matching for non-BaseError edge cases (mobile WalletConnect) - 38 unit tests covering direct, wrapped, and fallback paths Component B: classifier refactor - classify-error.ts rewritten to use typed detectors before string matching - Removed step-based NETWORK_SWITCH_FAILED fallback — was masking user rejections of network switches - Added TX_REPLACED to PaymentErrorType + ERROR_MESSAGES entry - CANCELED_COPY constant for message unification - connection-error.ts now calls isUserRejected first for typed detection Component C: payment flow integration - use-payment-flow.ts: console.error moved below USER_REJECTED early return (fixes verbose wagmi stack in console on user cancel) - useWaitForTransactionReceipt now receives onReplaced callback: - reason 'cancelled' → toast + RESET (user intent) - reason 'replaced'/'repriced' → update hash + continue - New REPLACED reducer action for hash swap during confirming state - use-payment-verification.ts: sanitize raw viem errors through formatErrorMessage before writing to store + onReplaced observability * refactor(payment): address review feedback on typed wagmi error handling - Drop unused _step parameter from classifyPaymentError (dead arg after step-based fallback removal); update call site and 20+ test cases. - Fix incorrect comment in usePaymentVerification onReplaced — both hooks consume useWaitForTransactionReceipt in parallel, not sequentially. - Add TransactionExecutionError coverage to detect.test.ts (revert vs OOG shortMessage branches). * feat(payment-panel): persistent network chip across all states Adds a branded NetworkIcon + name chip at the top of PaymentPanel so payers always see which chain the payment targets — visible in pending, paid, paid-fallback and overdue states. Reserves right-side space via pr-12 to avoid overlap with the minimize button. Also migrates AmountDisplay assertions from toBeDefined() to toBeInTheDocument() per testing rules. * refactor(payment-panel): anchor network chip to amount, own minimize button Move the network chip from the panel header into each state's heading row (Total Due / Payment Successful / Expired / paid-fallback) so it sits beside the amount it qualifies — semantically tying chain to value instead of floating in an empty header strip. Extract NetworkChip into a shared presentational component to drop duplication across states. Pull the minimize button into PaymentPanel behind an onMinimize prop, removing the duplicated absolute overlay from PayWorkspace and InvoiceWorkspace. The button now coordinates with the pr-12 right-side clearance baked into every heading row. * fix(history): network icons, button sizing, robust template flow - NetworkBadge: render NetworkIcon (web3icons) before name - InvoiceCard: match Confirm/Cancel button height to regular buttons (min-h-[44px] py-2.5) to prevent layout shift on delete toggle - InvoiceList: replace fragile duplicateFromUrl + setState + push flow with hash-based navigation /create?template=1#<hash> - CreateWorkspace: detect ?template=1 and reset issuedAt/dueAt/total/ magicDust after replaceDraft so templates start with fresh dates - Remove unused duplicate-invoice.ts and its test mock * refactor(payment-panel): group network chip with due/paid date Relocates NetworkChip into a compact metadata row next to the due date (pending) or relative paidAt (paid/expired). Drops the "TOTAL DUE" label — the amount is self-explanatory and the label created a "Total Due ... Due May 2" tautology with the date chunk. - pending: [chip] Due <date> above the amount - paid: [chip] Funds sent · <relative> under Payment Successful - expired: [chip] Was due <date> · Payment disabled under header Adds formatRelativeTime() in shared/lib/date-time for ISO → "Just now" / "5 min ago" / "2 h ago" rendering. PaymentPanel now subscribes to tracked paidAt via a store selector so the subtitle reactively updates when the payment transitions to paid. Clears the chip out of the emerald amount accent box on paid state — zinc chip no longer clashes with the emerald tint. * fix(wallet): visible loading state during wagmi reconnect SmartPayButton and WalletButton both appeared frozen while wagmi restored the persisted connection: the pay button stayed on "Pay X Y" while disabled, and the header wallet button was hidden via opacity:0 so clicks fell through. Now both surfaces render an explicit disabled "Reconnecting…" state with a visible spinner and aria-busy. Covered by 6 new tests (3 SmartPayButton reconnect cases, 3 WalletButton). * fix(wallet): cover SSR pre-hydration gap in pay + header buttons Two bugs under one symptom ("click during page-load race gets stuck at Connecting"): 1. Pre-hydration gap: wagmi with `ssr: true` reports `status: 'disconnected'` on the first client render even when a persisted connection exists in localStorage. `isReconnecting` is false in that window, so the previous fix did not catch it — SmartPayButton flashed a clickable "Connect Wallet" and WalletButton did the same in the header. 2. Stuck-at-connecting race: when a user clicked through the flash, `handlePay` entered `connecting` and opened the Rainbow modal. Meanwhile wagmi finished the background reconnect. The lifecycle effect in `usePaymentFlow` checked `connectModalOpen` before `isConnected`, so if Rainbow's modal state didn't cleanly flip through the expected order the flow stayed in `connecting` forever. Fix: - New shared hook `useWagmiHydrating` detects pre-hydration (persisted connector id in localStorage + wagmi still on initial disconnected), plus the normal `connecting` / `reconnecting` statuses. Drops the pre-hydration heuristic once wagmi leaves the initial snapshot so later manual disconnect/reconnect cycles behave normally. - SmartPayButton and WalletButton now use `useWagmiHydrating` instead of `isReconnecting`. Both render a disabled loading button with aria-busy=true across the whole hydration window. - `usePaymentFlow` connecting effect now checks `isConnected` before `connectModalOpen`, so a background reconnect always wins and the flow cannot strand in `connecting`. - Regression tests: reorder-safe race in `use-payment-flow`, pre-hydration coverage in SmartPayButton + WalletButton suites. 387 payment + wallet-connect tests green. * fix(payment): cap wait-for-receipt timeout at 60s, disable retry Ensures a stuck transaction surfaces a user-visible RPC_ERROR banner within one block window instead of hanging on the spinner. Previously, viem's 180s default timeout combined with TanStack Query's default retry (3) meant the first user-visible error could be delayed by up to 9 minutes. Also drops the TEMP DEBUG console.logs added during manual test verification — all three test paths (USER_REJECTED silence, onReplaced cancel, onReplaced speedup) have been validated on Eth Sepolia + Rabby. Part of PR #115. * fix(payment): raise wait-for-receipt timeout to viem default 180s 60s was too aggressive — near-zero-gas transactions legitimately need several blocks on L1 before inclusion. Combined with retry: 0 this still caps the hidden wait at 3 minutes (vs viem's default retry × 180s = 9 minutes that motivated the original fix). Field-verified on Base Sepolia: a stuck tx now surfaces the RPC_ERROR banner as expected — only thing that needed tuning was the ceiling. Part of PR #115. * fix(payment-panel): make error banner X button clickable and cursor visible Tailwind v4 dropped the default pointer cursor on <button>, and dismissError only cleared the store — local paymentError stayed set, so the X appeared dead. Add cursor-pointer + type=button, and wire a composite handler that clears both paymentError and the tracked-invoice store error. * refactor(payment): simplify PR #115 after parallel review Findings from three parallel review agents (reuse, quality, efficiency) aggregated and fixed: - Remove dead TX_REPLACED PaymentErrorType: defined but never emitted (onReplaced dispatches REPLACED/RESET directly, classifier never returns it) - Remove walkCause from web3-errors barrel export: internal-only, test file imports from ../detect - Memoize onReplaced + extract RECEIPT_QUERY_OPTIONS/TIMEOUT_MS to module level in use-payment-flow.ts (inline refs were re-subscribing TanStack Query / viem watcher every render during confirming step) - Hoist stateless handleVerificationReplaced + memoize receiptQuery in use-payment-verification.ts (compounded by useBlockNumber watch: true) - Unwrap naked <div> wrapper with no props/layout in WalletButton.tsx - Fix misleading CANCELED_COPY comment (claimed cross-feature usage that never existed) Follow-ups tracked in #120 (NetworkChip/NetworkBadge unification), #121 (nowUnix migration). Net: -71 / +66 lines. Type-check, lint, 277 affected tests pass. * fix(payment): address PR #115 review findings - use receipt.transactionHash on CONFIRMED so replaced/repriced tx hashes aren't overwritten by the stale wagmi send hash - REPLACED reducer explicitly clears error for future-proofing - console.error logs shortMessage only to avoid leaking calldata if observability is wired later - use-payment-verification: consolidate imports above function decl - add reducer test covering REPLACED error preservation * fix(payment): correct block-time drift breaking creator-side verification Root cause: AVG_BLOCK_TIME_MS[11155111] was 12_000 but Sepolia actually runs ~13s/block. Over 35 days of forward drift estimateFromBlockHex returned a block above the real chain head; alchemy_getAssetTransfers returned empty and creators saw "payment not found" on confirmed transactions. Arbitrum Sepolia had the same class of bug (250ms assumed vs ~286ms measured). - AVG_BLOCK_TIME_MS: Sepolia 12000→13000, Arb Sepolia 250→286 (measured via 10k-block samples across all 10 supported chains). REFERENCE_BLOCKS left frozen — v1.0 shipped Mar 28, old invoices must decode with the same calibration they were created with. - /api/transfers: defense-in-depth safety net. Fetches eth_blockNumber in parallel with the transfers query, and on drifted client fromBlock retries with a 3-day lookback anchored to the real chain head. Drift logged via console.warn for observability. Eliminates the bug class regardless of anchor staleness. - scripts/measure-block-times.ts + pnpm check:block-drift: diagnostic that measures real avgBlockTime for every chain, compares vs hardcoded values, reports lookback margin, and exits non-zero on BROKEN verdict. - Route tests updated for the new parallel fetch; added cases covering both retry and no-retry paths of t…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 1 update in the / directory: hono.
Updates
honofrom 4.12.9 to 4.12.12Release notes
Sourced from hono's releases.
... (truncated)
Commits
c37ba264.12.12cc067c8Merge commit from forka586cd7Merge commit from fork48fa223Merge commit from forkb470278Merge commit from fork9aff14bMerge commit from fork2c403c64.12.11f82aba8feat(css): add classNameSlug option to createCssContext (#4834)9f374a54.12.10a8c56a6docs(ip-restriction): add clear JSDoc examples and param types (#4851)