[Snyk] Upgrade react-dom from 18.3.1 to 19.2.0 by Dargon789 · Pull Request #122 · Dargon789/sequence.js

Dargon789 · 2025-12-20T22:00:48Z

Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 420 versions ahead of your current version.
The recommended version was released 3 months ago.

Release notes

Package name: react-dom

19.2.0 - 2025-10-01
Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features
- <Activity>: A new API to hide and restore the UI and internal state of its children.
- useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.
- cacheSignal (for RSCs) lets your know when the cache() lifetime is over.
- React Performance tracks appear on the Performance panel’s timeline in your browser developer tools
New React DOM Features
- Added resume APIs for partial pre-rendering with Web Streams:
  - resume: to resume a prerender to a stream.
  - resumeAndPrerender: to resume a prerender to HTML.
- Added resume APIs for partial pre-rendering with Node Streams:
  - resumeToPipeableStream: to resume a prerender to a stream.
  - resumeAndPrerenderToNodeStream: to resume a prerender to HTML.
- Updated prerender APIs to return a postponed state that can be passed to the resume APIs.
Notable changes
- React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.
- Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js
- Use underscore instead of : IDs generated by useId
All Changes

React
- <Activity /> was developed over many years, starting before ClassComponent.setState (@ acdlite @ sebmarkbage and many others)
- Stringify context as "SomeContext" instead of "SomeContext.Provider" (@ kassens #33507)
- Include stack of cause of React instrumentation errors with %o placeholder (@ eps1lon #34198)
- Fix infinite useDeferredValue loop in popstate event (@ acdlite #32821)
- Fix a bug when an initial value was passed to useDeferredValue (@ acdlite #34376)
- Fix a crash when submitting forms with Client Actions (@ sebmarkbage #33055)
- Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@ sebmarkbage #32900)
- Avoid stack overflow on wide trees during Hot Reload (@ sophiebits #34145)
- Improve Owner and Component stacks in various places (@ sebmarkbage, @ eps1lon: #33629, #33724, #32735, #33723)
- Add cacheSignal (@ sebmarkbage #33557)
React DOM
- Block on Suspensey Fonts during reveal of server-side-rendered content (@ sebmarkbage #33342)
- Use underscore instead of : for IDs generated by useId (@ sebmarkbage, @ eps1lon: #32001, #33342 #33099, #33422)
- Stop warning when ARIA 1.3 attributes are used (@ Abdul-Omira #34264)
- Allow nonce to be used on hoistable styles (@ Andarist #32461)
- Warn for using a React owned node as a Container if it also has text content (@ sebmarkbage #32774)
- s/HTML/text for for error messages if text hydration mismatches (@ rickhanlonii #32763)
- Fix a bug with React.use inside React.lazy-ed Component (@ hi-ogawa #33941)
- Enable the progressiveChunkSize option for server-side-rendering APIs (@ sebmarkbage #33027)
- Fix a bug with deeply nested Suspense inside Suspense fallback when server-side-rendering (@ gnoff #33467)
- Avoid hanging when suspending after aborting while rendering (@ gnoff #34192)
- Add Node Web Streams to server-side-rendering APIs for Node.js (@ sebmarkbage #33475)
React Server Components
- Preload <img> and <link> using hints before they're rendered (@ sebmarkbage #34604)
- Log error if production elements are rendered during development (@ eps1lon #34189)
- Fix a bug when returning a Temporary reference (e.g. a Client Reference) from Server Functions (@ sebmarkbage #34084, @ denk0403 #33761)
- Pass line/column to filterStackFrame (@ eps1lon #33707)
- Support Async Modules in Turbopack Server References (@ lubieowoce #34531)
- Add support for .mjs file extension in Webpack (@ jennyscript #33028)
- Fix a wrong missing key warning (@ unstubbable #34350)
- Make console log resolve in predictable order (@ sebmarkbage #33665)
React Reconciler
- createContainer and createHydrationContainer had their parameter order adjusted after on* handlers to account for upcoming experimental APIs
eslint-plugin-react-hooks@6.1.0

Note: Version 6.0.0 was mistakenly released and immediately deprecated and untagged on npm. This is the first official 6.x major release and includes breaking changes.
- Breaking: Require Node.js 18 or newer. (@ michaelfaith in #32458)
- Breaking: Flat config is now the default recommended preset. Legacy config moved to recommended-legacy. (@ michaelfaith in #32457)
- New Violations: Disallow calling use within try/catch blocks. (@ poteto in #34040)
- New Violations: Disallow calling useEffectEvent functions in arbitrary closures. (@ jbrown215 in #33544)
- Handle React.useEffect in addition to useEffect in rules-of-hooks. (@ Ayc0 in #34076)
- Added react-hooks settings config option that to accept additionalEffectHooks that are used across exhaustive-deps and rules-of-hooks rules. (@ jbrown215) in #34497
19.2.0-canary-fa3feba6-20250623 - 2025-06-23
19.2.0-canary-f9ae0a4c-20250527 - 2025-05-27
19.2.0-canary-f7396427-20250501 - 2025-05-02
19.2.0-canary-f508edc8-20250818 - 2025-08-18
19.2.0-canary-f3a80361-20250911 - 2025-09-11
19.2.0-canary-f1e70b5e-20250811 - 2025-08-11
19.2.0-canary-f1222f76-20250812 - 2025-08-13
19.2.0-canary-ef8b6fa2-20250702 - 2025-07-03
19.2.0-canary-ef889445-20250930 - 2025-09-30
19.2.0-canary-edac0dde-20250723 - 2025-07-23
19.2.0-canary-eaee5308-20250728 - 2025-07-28
19.2.0-canary-ea05b750-20250408 - 2025-04-09
19.2.0-canary-e9db3cc2-20250501 - 2025-05-01
19.2.0-canary-e9638c33-20250721 - 2025-07-21
19.2.0-canary-e6dc25da-20250709 - 2025-07-09
19.2.0-canary-e5dd82a7-20250401 - 2025-04-01
19.2.0-canary-e2332183-20250924 - 2025-09-24
19.2.0-canary-dffacc7b-20250717 - 2025-07-17
19.2.0-canary-df38ac9a-20250926 - 2025-09-26
19.2.0-canary-de5a1b20-20250905 - 2025-09-05
19.2.0-canary-d92056ef-20250627 - 2025-06-27
19.2.0-canary-d85f86cf-20250514 - 2025-05-14
19.2.0-canary-d85ec5f5-20250716 - 2025-07-16
19.2.0-canary-d415fd3e-20250919 - 2025-09-19
19.2.0-canary-d15d7fd7-20250929 - 2025-09-29
19.2.0-canary-cee7939b-20250625 - 2025-06-25
19.2.0-canary-c498bfce-20250426 - 2025-04-28
19.2.0-canary-c4676e72-20250520 - 2025-05-20
19.2.0-canary-c44e4a25-20250409 - 2025-04-10
19.2.0-canary-c260b38d-20250731 - 2025-07-31
19.2.0-canary-c129c242-20250505 - 2025-05-05
19.2.0-canary-c0464aed-20250523 - 2025-05-26
19.2.0-canary-befc1246-20250708 - 2025-07-08
19.2.0-canary-be11cb5c-20250804 - 2025-08-04
19.2.0-canary-bdb4a96f-20250801 - 2025-08-01
19.2.0-canary-bc6184dd-20250417 - 2025-04-18
19.2.0-canary-bbc13fa1-20250624 - 2025-06-24
19.2.0-canary-bb6f0c8d-20250901 - 2025-09-01
19.2.0-canary-b9cfa0d3-20250505 - 2025-05-05
19.2.0-canary-b9a04536-20250904 - 2025-09-04
19.2.0-canary-b94603b9-20250513 - 2025-05-13
19.2.0-canary-b7e2de63-20250611 - 2025-06-11
19.2.0-canary-b6c0aa88-20250609 - 2025-06-09
19.2.0-canary-b4477d38-20250605 - 2025-06-05
19.2.0-canary-b1b0955f-20250901 - 2025-09-01
19.2.0-canary-b10cb4c0-20250403 - 2025-04-03
19.2.0-canary-b0c1dc01-20250925 - 2025-09-25
19.2.0-canary-b07717d8-20250528 - 2025-05-28
19.2.0-canary-b04254fd-20250415 - 2025-04-16
19.2.0-canary-ac7820a9-20250811 - 2025-08-11
19.2.0-canary-ab859e31-20250606 - 2025-06-06
19.2.0-canary-aad7c664-20250829 - 2025-08-29
19.2.0-canary-a96a0f39-20250815 - 2025-08-15
19.2.0-canary-a7a11657-20250708 - 2025-07-08
19.2.0-canary-a00ca6f6-20250611 - 2025-06-11
19.2.0-canary-9be531cd-20250729 - 2025-07-29
19.2.0-canary-99efc627-20250523 - 2025-05-23
19.2.0-canary-97cdd5d3-20250710 - 2025-07-11
19.2.0-canary-9784cb37-20250730 - 2025-07-30
19.2.0-canary-96c61b7f-20250709 - 2025-07-10
19.2.0-canary-93d7aa69-20250912 - 2025-09-12
19.2.0-canary-914319ae-20250423 - 2025-04-23
19.2.0-canary-8e60cb7e-20250902 - 2025-09-02
19.2.0-canary-8d7b5e49-20250827 - 2025-08-28
19.2.0-canary-8ce15b0f-20250522 - 2025-05-22
19.2.0-canary-8bb7241f-20250926 - 2025-09-26
19.2.0-canary-8a8e9a7e-20250912 - 2025-09-12
19.2.0-canary-89a803fc-20250828 - 2025-08-28
19.2.0-canary-886b3d36-20250910 - 2025-09-10
19.2.0-canary-873f7112-20250821 - 2025-08-21
19.2.0-canary-86181134-20251001 - 2025-10-01
19.2.0-canary-84af9085-20250917 - 2025-09-18
19.2.0-canary-83c88ad4-20250923 - 2025-09-23
19.2.0-canary-7deda941-20250804 - 2025-08-05
19.2.0-canary-7a2c7045-20250506 - 2025-05-06
19.2.0-canary-79d9aed7-20250620 - 2025-06-20
19.2.0-canary-7513996f-20250722 - 2025-07-22
19.2.0-canary-73aa744b-20250702 - 2025-07-02
19.2.0-canary-7216c0f0-20250630 - 2025-07-01
19.2.0-canary-72135096-20250421 - 2025-04-22
19.2.0-canary-6eda5347-20250918 - 2025-09-19
19.2.0-canary-6de32a5a-20250822 - 2025-08-22
19.2.0-canary-6b70072c-20250909 - 2025-09-09
19.2.0-canary-6a7650c7-20250405 - 2025-04-05
19.2.0-canary-67a44bcd-20250915 - 2025-09-15
19.2.0-canary-66f09bd0-20250806 - 2025-08-06
19.2.0-canary-65c4decb-20250630 - 2025-06-30
19.2.0-canary-63779030-20250328 - 2025-03-31
19.2.0-canary-60b5271a-20250709 - 2025-07-09
19.2.0-canary-5e0c951b-20250916 - 2025-09-16
19.2.0-canary-5dc00d6b-20250428 - 2025-04-28
19.2.0-canary-5d87cd22-20250704 - 2025-07-04
19.2.0-canary-56408a5b-20250610 - 2025-06-10
19.2.0-canary-548235db-20251001 - 2025-10-01
19.2.0-canary-540cd652-20250403 - 2025-04-04
19.2.0-canary-534bed5f-20250813 - 2025-08-13
19.2.0-canary-526dd340-20250602 - 2025-06-02
19.2.0-canary-4db4b21c-20250626 - 2025-06-26
19.2.0-canary-4a45ba92-20250515 - 2025-05-15
19.2.0-canary-4a36d3ea-20250416 - 2025-04-17
19.2.0-canary-462d08f9-20250517 - 2025-05-19
19.2.0-canary-4448b187-20250515 - 2025-05-16
19.2.0-canary-4123f6b7-20250826 - 2025-08-26
19.2.0-canary-408d055a-20250430 - 2025-04-30
19.2.0-canary-3fbfb9ba-20250409 - 2025-04-09
19.2.0-canary-3fb190f7-20250908 - 2025-09-08
19.2.0-canary-3d14fcf0-20250724 - 2025-07-24
19.2.0-canary-39cad7af-20250411 - 2025-04-14
19.2.0-canary-3958d5d8-20250807 - 2025-08-07
19.2.0-canary-38ef6550-20250508 - 2025-05-08
19.2.0-canary-3820740a-20250509 - 2025-05-12
19.2.0-canary-379a083b-20250813 - 2025-08-14
19.2.0-canary-37054867-20250604 - 2025-06-04
19.2.0-canary-33a1095d-20250827 - 2025-08-27
19.2.0-canary-33661467-20250407 - 2025-04-07
19.2.0-canary-3302d1f7-20250903 - 2025-09-03
19.2.0-canary-2f0e7e57-20250715 - 2025-07-15
19.2.0-canary-280ff6fe-20250606 - 2025-06-06
19.2.0-canary-2805f0ed-20250903 - 2025-09-03
19.2.0-canary-23884812-20250520 - 2025-05-21
19.2.0-canary-223f81d8-20250707 - 2025-07-07
19.2.0-canary-21fdf308-20250508 - 2025-05-09
19.2.0-canary-1eca9a27-20250922 - 2025-09-22
19.2.0-canary-1dc3bdea-20250812 - 2025-08-12
19.2.0-canary-1d6c8168-20250411 - 2025-04-11
19.2.0-canary-1bd1f01f-20251001 - 2025-10-01
19.2.0-canary-1ae0a845-20250603 - 2025-06-03
19.2.0-canary-19baee81-20250725 - 2025-07-25
19.2.0-canary-197d6a04-20250424 - 2025-04-24
19.2.0-canary-143d3e1b-20250425 - 2025-04-25
19.2.0-canary-14094f80-20250529 - 2025-05-29
19.2.0-canary-12bc60f5-20250613 - 2025-06-13
19.2.0-canary-128abcfa-20250917 - 2025-09-17
19.2.0-canary-0ff1d13b-20250507 - 2025-05-07
19.2.0-canary-0bdb9206-20250818 - 2025-08-19
19.2.0-canary-06e89951-20250620 - 2025-06-20
19.2.0-canary-040f8286-20250402 - 2025-04-02
19.2.0-canary-03fda05d-20250820 - 2025-08-20
19.2.0-canary-0038c501-20250429 - 2025-04-29
19.1.4 - 2025-12-11
React Server Components
- Add extra loop protection to React Server Functions (@ sebmarkbage #35351)
19.1.3 - 2025-12-11
React Server Components
- Move react-server-dom-webpack/*.unbundled to private react-server-dom-unbundled (@ eps1lon #35290)
- Patch Promise cycles and toString on Server Functions (@ sebmarkbage, @ unstubbable #35289, #35345)
19.1.2 - 2025-12-03
React Server Components
- Bring React Server Component fixes to Server Actions (@ sebmarkbage #35277)
19.1.1 - 2025-07-28
19.1.0 - 2025-03-28
19.1.0-canary-ff628334-20250205 - 2025-02-06
19.1.0-canary-fcb4e0f1-20250219 - 2025-02-20
19.1.0-canary-fc8a898d-20241226 - 2024-12-27
19.1.0-canary-fbcda19a-20250317 - 2025-03-17
19.1.0-canary-f9d78089-20250306 - 2025-03-07
19.1.0-canary-f83903bf-20250212 - 2025-02-12
19.1.0-canary-f457d0b4-20250313 - 2025-03-13
19.1.0-canary-f0edf41e-20250115 - 2025-01-14
19.1.0-canary-ef979d47-20241218 - 2024-12-18
19.1.0-canary-ef4bc8b4-20250328 - 2025-03-28
19.1.0-canary-ebc22ef7-20250225 - 2025-02-26
19.1.0-canary-e670e72f-20250214 - 2025-02-14
19.1.0-canary-e1e74071-20250321 - 2025-03-21
19.1.0-canary-e06c72fc-20241215 - 2024-12-16
19.1.0-canary-e03ac20f-20250305 - 2025-03-05
19.1.0-canary-de82912e-20241220 - 2024-12-20
19.1.0-canary-de1eaa26-20250124 - 2025-01-24
19.1.0-canary-db7dfe05-20250319 - 2025-03-19
19.1.0-canary-d85cf3e5-20250205 - 2025-02-05
19.1.0-canary-d55cc79b-20250228 - 2025-02-28
19.1.0-canary-d46b04a2-20250117 - 2025-01-17
19.1.0-canary-d4287258-20241217 - 2024-12-17
19.1.0-canary-d331ba04-20250307 - 2025-03-10
19.1.0-canary-cd90a4d8-20250210 - 2025-02-11
19.1.0-canary-cbbe8666-20250213 - 2025-02-13
19.1.0-canary-cabd8a0e-20250113 - 2025-01-13
19.1.0-canary-c69a5fc5-20250318 - 2025-03-18
19.1.0-canary-c492f975-20250128 - 2025-01-29
19.1.0-canary-c01b8058-20241229 - 2024-12-30
19.1.0-canary-bb9a24d9-20250130 - 2025-01-30
19.1.0-canary-b3a95caf-20250113 - 2025-01-14
19.1.0-canary-b158439a-20250115 - 2025-01-15
19.1.0-canary-ae9017ce-20250122 - 2025-01-23
19.1.0-canary-a84862db-20250218 - 2025-02-19
19.1.0-canary-a4f9bd58-20250319 - 2025-03-20
19.1.0-canary-a4b2d0d5-20250203 - 2025-02-03
19.1.0-canary-9ff42a87-20250130 - 2025-01-31
19.1.0-canary-9eabb373-20250124 - 2025-01-27
19.1.0-canary-9b62ee71-20250122 - 2025-01-22
19.1.0-canary-97d79495-20241223 - 2024-12-24
19.1.0-canary-9463d51e-20241219 - 2024-12-19
19.1.0-canary-93b58361-20250209 - 2025-02-10
19.1.0-canary-8a7b487e-20250218 - 2025-02-18
19.1.0-canary-8759c5c8-20250207 - 2025-02-07
19.1.0-canary-7eb8234f-20241218 - 2024-12-18
19.1.0-canary-7b402084-20250107 - 2025-01-07
19.1.0-canary-74ea0c73-20250109 - 2025-01-09
19.1.0-canary-740a4f7a-20250325 - 2025-03-25
19.1.0-canary-7130d0c6-20241212 - 2024-12-12
19.1.0-canary-6aa8254b-20250312 - 2025-03-12
19.1.0-canary-694d3e1a-20241231 - 2025-01-01
19.1.0-canary-6907aa2a-20241220 - 2024-12-23
19.1.0-canary-662957cc-20250221 - 2025-02-21
19.1.0-canary-62208bee-20250102 - 2025-01-02
19.1.0-canary-5b51a2b9-20250116 - 2025-01-16
19.1.0-canary-540efebc-20250112 - 2025-01-12
19.1.0-canary-5398b711-20250314 - 2025-03-14
19.1.0-canary-518d06d2-20241219 - 2024-12-19
19.1.0-canary-4dff0e62-20241213 - 2024-12-13
19.1.0-canary-4632e36a-20250216 - 2025-02-17
19.1.0-canary-443b7ff2-20250303 - 2025-03-04
19.1.0-canary-4280563b-20250326 - 2025-03-27
19.1.0-canary-42687267-20250108 - 2025-01-08
19.1.0-canary-3ce77d55-20250106 - 2025-01-06
19.1.0-canary-3b009b4c-20250102 - 2025-01-03
19.1.0-canary-37906d4d-20250127 - 2025-01-28
19.1.0-canary-32b0cad8-20250213 - 2025-02-13
19.1.0-canary-313332d1-20250326 - 2025-03-26
19.1.0-canary-2980f277-20250301 - 2025-03-03
19.1.0-canary-25677265-20250224 - 2025-02-24
19.1.0-canary-22e39ea7-20250225 - 2025-02-25
19.1.0-canary-18eaf51b-20250118 - 2025-01-20
19.1.0-canary-130095f7-20241212 - 2024-12-12
19.1.0-canary-0ca3deeb-20250311 - 2025-03-11
19.1.0-canary-0a82580b-20250203 - 2025-02-04
19.1.0-canary-056073de-20250109 - 2025-01-10
19.1.0-canary-029e8bd6-20250306 - 2025-03-06
19.0.3 - 2025-12-11
React Server Components
- Add extra loop protection to React Server Functions (@ sebmarkbage #35351)
19.0.2 - 2025-12-11
React Server Components
- Patch Promise cycles and toString on Server Functions (@ sebmarkbage, @ unstubbable #35289, #35345)
19.0.1 - 2025-12-03
React Server Components
- Bring React Server Component fixes to Server Actions (@ sebmarkbage #35277)
19.0.0 - 2024-12-05
19.0.0-rc-fb9a90fa48-20240614 - 2024-06-14
19.0.0-rc-fa6eab58-20240815 - 2024-08-16
19.0.0-rc-f9ebd85a-20240925 - 2024-09-25
19.0.0-rc-f994737d14-20240522 - 2024-05-22
19.0.0-rc-f90a6bcc-20240827 - 2024-08-27
19.0.0-rc-f6cce072-20240723 - 2024-07-23
19.0.0-rc-f65ac7bd-20240826 - 2024-08-27
19.0.0-rc-f3e09d6328-20240612 - 2024-06-12
19.0.0-rc-f38c22b244-20240704 - 2024-07-05
19.0.0-rc-f2df5694-20240916 - 2024-09-16
19.0.0-rc-ee1a403a-20240916 - 2024-09-16
19.0.0-rc-ed966dac-20241007 - 2024-10-08
19.0.0-rc-ed15d500-20241110 - 2024-11-11
19.0.0-rc-eb3ad065-20240822 - 2024-08-22
19.0.0-rc-eb259b5d3b-20240605 - 2024-06-05
19.0.0-rc-e948a5ac-20240807 - 2024-08-07
19.0.0-rc-e740d4b1-20240919 - 2024-09-19
19.0.0-rc-e684ca66ab-20240619 - 2024-06-19
19.0.0-rc-e56f4ae3-20240830 - 2024-08-30
19.0.0-rc-e4953922-20240919 - 2024-09-20
19.0.0-rc-e210d081-20240909 - 2024-09-09
19.0.0-rc-e1ef8c95-20241115 - 2024-11-15
19.0.0-rc-e02baf6c92-20240627 - 2024-06-27
19.0.0-rc-dfd30974ab-20240613 - 2024-06-13
19.0.0-rc-df783f9ea1-20240708 - 2024-07-08
19.0.0-rc-df5f2736-20240712 - 2024-07-12
19.0.0-rc-de68d2f4-20241204 - 2024-12-04
19.0.0-rc-d8c90fa4-20241001 - 2024-10-01
19.0.0-rc-d6cb4e77-20240911 - 2024-09-11
19.0.0-rc-d5bba18b-20241009 - 2024-10-09
19.0.0-rc-d49123f7-20241019 - 2024-10-20
19.0.0-rc-d48603a5-20240813 - 2024-08-13
19.0.0-rc-d3ce0d3ea9-20240520 - 2024-05-20
19.0.0-rc-d1afcb43-20240903 - 2024-09-04
19.0.0-rc-d025ddd3-20240722 - 2024-07-22
19.0.0-rc-cd22717c-20241013 - 2024-10-13
19.0.0-rc-cc1ec60d0d-20240607 - 2024-06-07
19.0.0-rc-cae764ce-20241025 - 2024-10-25
19.0.0-rc-ca587425-20241211 - 2024-12-12
19.0.0-rc-c3cdbec0a7-20240708 - 2024-07-09
19.0.0-rc-c21bcd627b-20240624 - 2024-06-24
19.0.0-rc-c1e1358b-20241020 - 2024-10-20
19.0.0-rc-c11c9510-20241120 - 2024-11-21
19.0.0-rc-bf7e210c-20241017 - 2024-10-17
19.0.0-rc-bf3a29d097-20240603 - 2024-06-04
19.0.0-rc-b8ae38f8-20241018 - 2024-10-18
19.0.0-rc-b7e21579-20241031 - 2024-11-01
19.0.0-rc-b57d2823-20240822 - 2024-08-23
19.0.0-rc-b01722d5-20241114 - 2024-11-14
19.0.0-rc-ab7c1663-20240730 - 2024-07-30
19.0.0-rc-ab2135c7-20240724 - 2024-07-24
19.0.0-rc-a99d8e8d-20240916 - 2024-09-17
19.0.0-rc-a960b92c-20240819 - 2024-08-20
19.0.0-rc-a7d1240c-20240731 - 2024-07-31
19.0.0-rc-a532d91d01-20240610 - 2024-06-10
19.0.0-rc-a26e3f403e-20240611 - 2024-06-11
19.0.0-rc-a19a8ab4-20240829 - 2024-08-29
19.0.0-rc-a03254bc-20240905 - 2024-09-06
19.0.0-rc-9d4fba0788-20240530 - 2024-05-30
19.0.0-rc-9d2da591-20240808 - 2024-08-08
19.0.0-rc-9c6806964f-20240703 - 2024-07-03
19.0.0-rc-99da76f23a-20240606 - 2024-06-06
19.0.0-rc-9598c41a20-20240603 - 2024-06-03
19.0.0-rc-94e652d5-20240912 - 2024-09-12
19.0.0-rc-941e1b4a-20240729 - 2024-07-29
19.0.0-rc-935180c7e0-20240524 - 2024-05-24
19.0.0-rc-915b914b3a-20240515 - 2024-05-15
19.0.0-rc-91061073-20241121 - 2024-11-22
19.0.0-rc-8f3c0525f9-20240521 - 2024-05-21
19.0.0-rc-8b08e99e-20240713 - 2024-07-15
19.0.0-rc-8971381549-20240625 - 2024-06-25
19.0.0-rc-85acf2d195-20240711 - 2024-07-11
19.0.0-rc-83825814-20241015 - 2024-10-15
19.0.0-rc-827cbea417-20240606 - 2024-06-07
19.0.0-rc-8269d55d-20240802 - 2024-08-02
19.0.0-rc-81c5ff2e04-20240521 - 2024-05-21
19.0.0-rc-7c8e5e7a-20241101 - 2024-11-01
19.0.0-rc-7ac8e612-20241113 - 2024-11-13
19.0.0-rc-79ddf5b5-20241210 - 2024-12-11
19.0.0-rc-77f43893-20241010 - 2024-10-10
19.0.0-rc-77b637d6-20241016 - 2024-10-16
19.0.0-rc-778e1ed2-20240926 - 2024-09-25
19.0.0-rc-7771d3a7-20240827 - 2024-08-28
19.0.0-rc-7670501b-20241124 - 2024-11-25
19.0.0-rc-76002254-20240724 - 2024-07-25
19.0.0-rc-7283a213-20241206 - 2024-12-06
19.0.0-rc-70fb1363-20241010 - 2024-10-10
19.0.0-rc-6fb39ec9e9-20240621 - 2024-06-21
19.0.0-rc-6f23540c7d-20240528 - 2024-05-28
19.0.0-rc-6f0dc294-20241119 - 2024-11-19
19.0.0-rc-6ebfd5b0-20240818 - 2024-08-19
19.0.0-rc-6d3110b4d9-20240531 - 2024-05-31
19.0.0-rc-6cf85185-20241014 - 2024-10-14
19.0.0-rc-69d4b800-20241021 - 2024-10-21
19.0.0-rc-68dbd84b-20240812 - 2024-08-12
19.0.0-rc-67fee58b-20240926 - 2024-09-26
19.0.0-rc-66855b96-20241106 - 2024-11-06
19.0.0-rc-65e06cb7-20241218 - 2024-12-19
19.0.0-rc-65a56d0e-20241020 - 2024-10-20
19.0.0-rc-65903583-20240805 - 2024-08-05
19.0.0-rc-64f89510-20241119 - 2024-11-20
19.0.0-rc-6230622a1a-20240610 - 2024-06-10
19.0.0-rc-603e6108-20241029 - 2024-10-30
19.0.0-rc-5dcb0097-20240918 - 2024-09-18
19.0.0-rc-5d19e1c8-20240923 - 2024-09-23
19.0.0-rc-5c56b873-20241107 - 2024-11-07
19.0.0-rc-5b0ef217-20241202 - 2024-12-02
19.0.0-rc-58af67a8f8-20240628 - 2024-06-28
19.0.0-rc-57fbe3ba37-20240520 - 2024-05-20
19.0.0-rc-512b09b2-20240718 - 2024-07-18
19.0.0-rc-4f604941-20240830 - 2024-09-02
19.0.0-rc-4d577fd2-20241104 - 2024-11-04
19.0.0-rc-4c58fce7-20240904 - 2024-09-05
19.0.0-rc-4c2e457c7c-20240522 - 2024-05-23
19.0.0-rc-4beb1fd8-20241118 - 2024-11-18
19.0.0-rc-4b7d4530-20241218 - 2024-12-18
19.0.0-rc-49496d49-20240814 - 2024-08-14
19.0.0-rc-47352209-20240912 - 2024-09-12
19.0.0-rc-459fd418-20241001 - 2024-10-02
19.0.0-rc-45804af1-20241021 - 2024-10-22
19.0.0-rc-3f1436cca1-20240516 - 2024-05-17
19.0.0-rc-3edc000d-20240926 - 2024-09-27
19.0.0-rc-3dfd5d9e-20240910 - 2024-09-10
19.0.0-rc-3da26163a3-20240704 - 2024-07-04
19.0.0-rc-3ac551e855-20240522 - 2024-05-22
19.0.0-rc-38e3b23483-20240529 - 2024-05-29
19.0.0-rc-38af456a-20241010 - 2024-10-10
19.0.0-rc-380f5d67-20241113 - 2024-11-14
19.0.0-rc-378b305958-20240710 - 2024-07-10
19.0.0-rc-372ec00c-20241209 - 2024-12-10
19.0.0-rc-3563387fe3-20240621 - 2024-06-21
19.0.0-rc-34d0c5e357-20240607 - 2024-06-10
19.0.0-rc-33c7bd9a-20241104 - 2024-11-05
19.0.0-rc-3208e73e-20240730 - 2024-07-30
19.0.0-rc-2ec26bc4-20241111 - 2024-11-12
19.0.0-rc-2d2cc042-20240809 - 2024-08-09
19.0.0-rc-2d16326d-20240930 - 2024-09-30
19.0.0-rc-28668d39-20241023 - 2024-10-23
19.0.0-rc-20b6f4c0e8-20240607 - 2024-06-10
19.0.0-rc-206df66e-20240912 - 2024-09-13
19.0.0-rc-204a551e-20240926 - 2024-09-26
19.0.0-rc-1eaccd82-20240816 - 2024-08-16
19.0.0-rc-1df34bdf62-20240605 - 2024-06-05
19.0.0-rc-1d989965-20240821 - 2024-08-21
19.0.0-rc-1c9b1387-20241204 - 2024-12-05
19.0.0-rc-1b1283ad-20241203 - 2024-12-03
19.0.0-rc-19bd26be-20240815 - 2024-08-15
19.0.0-rc-187dd6a7-20240806 - 2024-08-06
19.0.0-rc-16409d05-20241101 - 2024-11-01
19.0.0-rc-163365a0-20240717 - 2024-07-17
19.0.0-rc-1631855f-20241023 - 2024-10-23
19.0.0-rc-14a4699f-20240725 - 2024-07-25
19.0.0-rc-1460d67c-20241003 - 2024-10-04
19.0.0-rc-1434af3d22-20240618 - 2024-06-18
19.0.0-rc-107a2f8c3e-20240617 - 2024-06-17
19.0.0-rc-100dfd7dab-20240701 - 2024-07-01
19.0.0-rc-0bc30748-20241028 - 2024-10-29
19.0.0-rc-09111202-20241011 - 2024-10-11
19.0.0-rc-0751fac7-20241002 - 2024-10-03
19.0.0-rc-06d0b89e-20240801 - 2024-08-01
19.0.0-rc-04bd67a4-20240924 - 2024-09-24
19.0.0-rc-02c0e824-20241028 - 2024-10-28
19.0.0-rc-01172397-20240716 - 2024-07-16
19.0.0-rc.1 - 2024-11-14
19.0.0-rc.0 - 2024-06-03
19.0.0-canary-fd0da3eef-20240404 - 2024-04-04
19.0.0-canary-e3ebcd54b-20240405 - 2024-04-05
19.0.0-canary-db913d8e17-20240422 - 2024-04-22
19.0.0-canary-cf5ab8b8b2-20240425 - 2024-04-25
19.0.0-canary-cb151849e1-20240424 - 2024-04-24
19.0.0-canary-adb717393-20240411 - 2024-04-11
19.0.0-canary-a73c3450e-20240329 - 2024-03-29
19.0.0-canary-96c584661-20240412 - 2024-04-12
19.0.0-canary-95e6f032c-20240401 - 2024-04-01
19.0.0-canary-8afa144bd-20240416 - 2024-04-16
19.0.0-canary-7a2609eed-20240403 - 2024-04-03
19.0.0-canary-657428a9e-20240416 - 2024-04-17
19.0.0-canary-4c12339ce-20240408 - 2024-04-08
19.0.0-canary-48ec17b86-20240402 - 2024-04-02
19.0.0-canary-36e62c603-20240418 - 2024-04-18
19.0.0-canary-33a32441e9-20240418 - 2024-04-19
19.0.0-canary-2b036d3f1-20240327 - 2024-03-27
19.0.0-canary-05797cceb-20240328 - 2024-03-28
19.0.0-beta-e7d213dfb0-20240507 - 2024-05-07
19.0.0-beta-b498834eab-20240506 - 2024-05-06
19.0.0-beta-9d76c954cf-20240510 - 2024-05-13
19.0.0-beta-94eed63c49-20240425 - 2024-04-25
19.0.0-beta-73bcdfbae5-20240502 - 2024-05-02
19.0.0-beta-6946ebe620-20240508 - 2024-05-08
19.0.0-beta-5d29478716-20240506 - 2024-05-06
19.0.0-beta-4508873393-20240430 - 2024-04-30
19.0.0-beta-26f2496093-20240514 - 2024-05-14
19.0.0-beta-1beb73de0f-20240503 - 2024-05-03
19.0.0-beta-04b058868c-20240508 - 2024-05-09
18.3.1 - 2024-04-26

from react-dom GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

codesandbox · 2025-12-20T22:00:51Z

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

bolt-new-by-stackblitz · 2025-12-20T22:00:51Z

Run & review this pull request in StackBlitz Codeflow.

vercel · 2025-12-20T22:00:53Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
sequence-js-docs	Ready	Preview, Comment	Dec 20, 2025 10:01pm
sequence-js-web	Ready	Preview, Comment	Dec 20, 2025 10:01pm
sequence.js	Ready	Preview, Comment	Dec 20, 2025 10:01pm

snyk-io · 2025-12-20T22:00:56Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

gemini-code-assist · 2025-12-20T22:01:04Z

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the react-dom dependency to its latest major version, 19.2.0. This upgrade brings a host of new features and improvements to React's core and DOM rendering capabilities, particularly around server-side rendering, suspense, and performance tooling. It also updates the associated ESLint plugin for React Hooks, which introduces breaking changes related to Node.js version requirements and configuration. This is a substantial update that may require careful review and potential code adjustments.

Highlights

Major Version Upgrade: The react-dom package has been upgraded from version 18.3.1 to 19.2.0, representing a significant major version bump that may introduce breaking changes.
New React Features: React 19.2.0 introduces new core features including the <Activity> component for UI hiding/restoring, the useEffectEvent hook for non-reactive logic in Effects, and cacheSignal for React Server Components (RSCs) to manage cache lifetime.
Enhanced React DOM Capabilities: React DOM now includes new resume APIs for partial pre-rendering with both Web Streams (resume, resumeAndPrerender) and Node Streams (resumeToPipeableStream, resumeAndPrerenderToNodeStream), alongside updates to existing prerender APIs.
ESLint Plugin Update: The eslint-plugin-react-hooks has been updated to 6.1.0, which includes breaking changes such as requiring Node.js 18 or newer and switching to flat config as the default recommended preset.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

gemini-code-assist

Code Review

This pull request upgrades react-dom to version 19, a major update. However, it critically fails to also upgrade the react package. react and react-dom must be kept at the same version to prevent runtime errors. I've suggested updating react to match react-dom. I also noted that with React 19, the @types/react and @types/react-dom packages are no longer necessary and should be removed from devDependencies.

gemini-code-assist · 2025-12-20T22:02:09Z

wagmi-project/package.json

    "react": "^18.3.1",
-    "react-dom": "^18.3.1",
+    "react-dom": "^19.2.0",


Upgrading react-dom to a new major version (19.x) requires upgrading the react package to the same major version. The react package is still on version ^18.3.1, which is incompatible with react-dom@19.2.0. This mismatch will cause runtime errors.

Please upgrade react to ^19.2.0 as well.

Additionally, React 19 includes built-in TypeScript definitions. You should remove the following packages from your devDependencies as they are no longer needed and may cause conflicts:

@types/react

@types/react-dom

Suggested change

"react": "^18.3.1",

"react-dom": "^18.3.1",

"react-dom": "^19.2.0",

"react": "^19.2.0",

"react-dom": "^19.2.0",

* 0xsequence/master (#79) * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/feature_request.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update tests.yml (#82) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update App.tsx (#92) Summary by Sourcery Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing New Features: Replace wagmi-based hooks with @0xsequence wallet initialization and integration Add environment selection and dynamic wallet URLs via query parameters Implement connect, disconnect, open/close wallet and customizable connection settings Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending Introduce a console component and logging for viewing function outputs Add email-based auto-login via modal with validation Enhancements: Refactor UI to use design-system components and group actions thematically Initialize logger and configure default chain/network Memoize and listen to wallet events such as chain changes Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: Patryk Kalinowski <patryk@kalinowski.dev> Co-authored-by: Corban Riley <corbanbrook@gmail.com> Co-authored-by: tolgahan-arikan <tolgahan.arikan@gmail.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: Michael Standen <screaminghawk@gmail.com> Co-authored-by: William Hua <william@attente.ca> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: gemini-code…

* Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * 0xsequence/master (#79) * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/feature_request.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update tests.yml (#82) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update App.tsx (#92) Summary by Sourcery Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing New Features: Replace wagmi-based hooks with @0xsequence wallet initialization and integration Add environment selection and dynamic wallet URLs via query parameters Implement connect, disconnect, open/close wallet and customizable connection settings Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending Introduce a console component and logging for viewing function outputs Add email-based auto-login via modal with validation Enhancements: Refactor UI to use design-system components and group actions thematically Initialize logger and configure default chain/network Memoize and listen to wallet events such as chain changes Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of c…

* Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * 0xsequence/master (#79) * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/feature_request.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update tests.yml (#82) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update App.tsx (#92) Summary by Sourcery Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing New Features: Replace wagmi-based hooks with @0xsequence wallet initialization and integration Add environment selection and dynamic wallet URLs via query parameters Implement connect, disconnect, open/close wallet and customizable connection settings Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending Introduce a console component and logging for viewing function outputs Add email-based auto-login via modal with validation Enhancements: Refactor UI to use design-system components and group actions thematically Initialize logger and configure default chain/network Memoize and listen to wallet events such as chain changes Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name…

* Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * 0xsequence/master (#79) * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/feature_request.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update tests.yml (#82) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update App.tsx (#92) Summary by Sourcery Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing New Features: Replace wagmi-based hooks with @0xsequence wallet initialization and integration Add environment selection and dynamic wallet URLs via query parameters Implement connect, disconnect, open/close wallet and customizable connection settings Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending Introduce a console component and logging for viewing function outputs Add email-based auto-login via modal with validation Enhancements: Refactor UI to use design-system components and group actions thematically Initialize logger and configure default chain/network Memoize and listen to wallet events such as chain changes Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: d…

* Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanu…

* Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * 0xsequence/master (#79) * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/bug_report.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .github/ISSUE_TEMPLATE/feature_request.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update tests.yml (#82) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update App.tsx (#92) Summary by Sourcery Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing New Features: Replace wagmi-based hooks with @0xsequence wallet initialization and integration Add environment selection and dynamic wallet URLs via query parameters Implement connect, disconnect, open/close wallet and customizable connection settings Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending Introduce a console component and logging for viewing function outputs Add email-based auto-login via modal with validation Enhancements: Refactor UI to use design-system components and group actions thematically Initialize logger and configure default chain/network Memoize and listen to wallet events such as chain changes Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0…

* 0xsequence 1.9.19 (#253) * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * [AUTOMATED] Update: proto/clients/indexer*.gen.ts * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126) Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0. See this package in npm: @wagmi/cli See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Potential fix for code scanning alert no. 82: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Potential fix for code scanning alert no. 62: Information exposure through a stack trace Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125) * fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11 Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * feat: upgrade vite from 5.4.21 to 7.2.4 (#124) Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4. See this package in npm: vite See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123) Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2. See this package in npm: wagmi See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122) Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0. See this package in npm: react-dom See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#136) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127) * feat: upgrade @types/react from 18.3.27 to 19.2.7 Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7. See this package in npm: @types/react See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Master ceb95d4 (#129) * Update issue templates (#128) * Bump the npm_and_yarn group across 1 directory with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express). Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com> * Create SECURITY.md * Set up CI with Azure Pipelines [skip ci] * Create CNAME * Create fortify.yml * Update issue templates * Update CNAME * fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2 Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2. See this package in npm: @tanstack/react-query See this project in Snyk: https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr * Create config.yml (#46) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Update fortify.yml Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta.3 * changeset cleanup * Fix rc4 4337 factory (#933) * Add rc5 and set it as default (#934) * 3.0.0-beta.4 * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Bump next from 15.5.5 to 15.5.7 (#936) Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add userdata service client (#940) * Skip LocalDevice identity signers not on current device (#942) * Skip LocalDevice identity signers not on current device * Update log * 3.0.0-beta.5 * Update config.yml (#102) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Update config.yml (#103) * Update config.yml Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update .circleci/config.yml Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#101) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#100) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * fix: package.json to reduce vulnerabilities (#104) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697 - https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504 - https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073 - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303 - https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086 - https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164 - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097 - https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745 - https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729 - https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097 - https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 - https://snyk.io/vuln/SNYK-JS-SHAJS-12089400 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'" This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4. * fix: extras/web/package.json to reduce vulnerabilities (#109) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14173355 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * fix: extras/docs/package.json to reduce vulnerabilities (#106) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump next in the npm_and_yarn group across 1 directory (#110) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.7 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Delete .github/workflows/fortify.yml (#111) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/web/package.json to reduce vulnerabilities (#107) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump the npm_and_yarn group across 1 directory with 3 updates (#115) Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.5.5 to 15.5.9 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9) Updates `happy-dom` from 17.6.3 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11) Updates `vite` from 7.1.10 to 7.2.7 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.2.7 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump next from 15.5.7 to 15.5.9 (#944) Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9) --- updated-dependencies: - dependency-name: next dependency-version: 15.5.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pin foundry to v1.5.0 instead of nightly (#947) * Include repo and extras in syncpack config to ensure deps are synced (#945) * Include repo and extras in syncpack config to ensure deps are synced across all * Updating support deps * Updating deps * Updating pnpm lock * Fixing type errors within wdk tests * Short circuit 404s (#949) * skip witness on signers that don't support it * add passkey to test * 3.0.0-beta.6 * Update tests.yml (#119) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update config.yml (#120) Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/services/identity-instrument/src/index.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/main.tsx Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * fix: extras/docs/package.json to reduce vulnerabilities (#116) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NEXT-14400636 - https://snyk.io/vuln/SNYK-JS-NEXT-14400644 Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Michael Standen <mstan@horizon.io> Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com> Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> Co-authored-by: Taylan Pince <taylanpince@gmail.com> Co-authored-by: Corban Brook <corbanbrook@gmail.com> Co-authored-by: Patryk Kalinowski <pkal@horizon.io> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Agusx1211 <agusgit@pm.me> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * 2.3.7 (#131) (#132) * 2.3.7 (#131) * fix broken guard private key * Expose access to passkey credential list * Dapp client direct txn request (#856) * Signature request refactor * WIP * Refactor * Update dapp-client exports (#858) * Add hasPermission method to DappClient (#859) * Save discovered passkey credentials upon login * Expose name property in PasskeySignupArgs * Fix blacklist sort * Add multi server script * relayer: /SimulateV3 (#857) * Add await for handleOpenDB scheduleExpiration * Update increment to always include native once used * Fix session tests * Adding lastLoginAt to PasskeyCredential * LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use * Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled * When a login is cancelled we can remove the wallet which is logging-in * Add RC3 contracts * Sessions space restriction * Dedupe signers for encoding * Support RC3 sessions * Tightly increment call validation * CLI defaults to RC3 wallet code * Rc3 address test * Fix hashing tests * Add deprecated encoding test * wdk: throw errors from otp respond callback (#864) * wdk: throw errors from otp respond callback * wdk: otp auth error and handler refactor * Handle guard 2FA (#861) * guard: return a specific error when auth required * core: pass guard token to the service * wdk: handle prompting for guard 2FA code * dapp-client: handle prompting for guard 2FA code * guard 2fa tests * wdk: separate wallet and sessions guards * dapp-client: remove guard 2fa * dapp-client: fix imports * fix guard tests * wdk: remove unneeded promise resolve * Update relayer and api gen.ts, force public packages * Add standalone fetch queued payloads * Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address> * Fallback to chain for non-logged in recovery * Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873) * Update a few remaining dev1 contract addresses to rc3 (#874) * Remove unnecessary console.error where we already throw error * Improve DappClient hasPermission method * Wallet db try checksum and lowercase * Update dapp client json utils to include Map reviver and replacer * Bump next in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 15.4.2 to 15.4.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7) --- updated-dependencies: - dependency-name: next dependency-version: 15.4.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Update type name, update exports for dapp client * Expired explicit sessions can't sign * Improve session validity test * session isValid returns invalid reason * InvalidReason is typed * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Update issue templates * Provider sent to prepareBlankEnvelope * Add session signature decoding * Add feeTokens endpoint to relayer (#885) * const for node length * Clearer blacklist size encoding * identity signer node length * Potential fix for code scanning alert no. 84: Insecure randomness Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) Updates `happy-dom` from 17.6.3 to 20.0.0 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Bump happy-dom in the npm_and_yarn group across 1 directory (#69) Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 20.0.0 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Create SECURITY.md for security policy (#70) * Create SECURITY.md for security policy Add a security policy document outlining supported versions and vulnerability reporting. Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --------- Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Bump the npm_and_yarn group across 3 directories with 1 update Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom). Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) Updates `happy-dom` from 17.6.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2) --- updated-dependencies: - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com> * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Update SECURITY.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update packages/wallet/dapp-client/src/DappTransport.ts Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update SECURITY.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/package.json Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Update wagmi-project/src/App.tsx Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create FUNDING.json (#90) Enhancements: Include FUNDING.json to display GitHub sponsorship options in the repository Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Create config.yml (#91) Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow. Build: Add .circleci/config.yml with version 2.1 specification and custom Docker executor. CI: Define web3-defi-game-project job with checkout step. Set up my-custom-workflow to run the job. Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com> * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * SSR safety test * Fix CI job * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update api.gen.ts * Update metadata.gen.ts * Update marketplace.gen.ts * Update guard.gen.ts * Support multiple identity signers in sessions configuration * Device signers can approve implicit sessions * Remove invalid test * Fix recursion * Fix comment * Improve test stability by reducing race conditions * Do not set passkey signer as identity signer * Use length checks * Throw on missing identity signer * Encoding requires identity signer to encode * Fix test * Refactor/types namings tsdoc redundant code (#880) * refactor types, namings, ts doc * fix session response payload * change parameter name * change parameter name * change type in tests * improve types and dapp client methods * fix session test to use new types * refactor * refactor implicit sessions array in chain session manager * remove unused types * remove unused types and add ConnectionError * update pnpm lock * move reusable session types to wallet-core * Update some imports and update some response type names --------- Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com> * Fix check for explicit session for the updated type in dapp-client * Update api.gen.ts and relayer.gen.ts * Add missing chainId for dapp client event * Fix initializing new chain session manager on redirect * Add support for non-viem, custom Sequence chains (#882) * Provider sent to prepareBlankEnvelope * Add session signature decoding * const for node length * Clearer blacklist size encoding * identity signer node length * Add feeTokens endpoint to relayer (#885) * add getFeeTokens to dapp client (#889) * add getFeeTokens to dapp client * fix typo * make getFeeTokens independent of chain session manager and initialize state (#890) * make getFeeTokens independent of chain session manager and initialized state * remove getFeeTokens from chain session manager * Throw specific error when trying to sign with an expired session (#887) * Throw when supported session signer is expired * Fix tests * Make dapp-client implicit sessions chain agnostic (#893) * Add Monad, remove LAOS and Root Network * Add support for sessionless dapp connection (#896) * Refactor relayer package & update dependant packages (#891) * refactor exports for relayer (#900) * Add Arc Testnet * Fix changelog config * Sessionless connection upgrade and error handling in DappClient (#902) * dapp-client: add sessionless snapshot restore flow * Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906) * Pass request to PromptCodeHandler in guard registerUI (#909) * Pass request to PromptCodeHandler in guard registerUI * Fixing guard registerUI test * guard: allow using recovery code as 2FA token (#910) * guard: allow using recovery code as 2FA token * Cleanup types of ResponseFn --------- Co-authored-by: Corban Riley <corbanbrook@gmail.com> * Add a way to reset 2fa when using a backup code (#911) * Add a way to reset 2fa when using a backup code * use the GuardToken type instead of breaking out the props * Add rc4 contracts * Set rc4 as default and add it to lists * Session enhanced replay protection * New sessions replay protection hashes payload * Use the 4337 factory wrapper * Update keymachine url in dapp-client constants * Update keymachine url in Provider constructor * SSR safety (#915) * Guard dapp-client for SSR (lazy transport, browser checks, gated storage) * Fix guard topology (#918) * Use proper guard topology * Test and fixes * login and setup tests * Switch prod manager settings (#917) * Add prod guard and identity instrument info * Remove completed TODOs * Small JS tweaks (#919) * Fix type exports to built declarations * Update repository links to current package paths * Improve Next app tooling and React typings * Expose primitives CLI bin and use base lint config * Update relayer.gen.ts and TransactionPrecondition interface * Update relayer.gen.ts and TransactionPrecondition interface (#920) * 3.0.0-beta.1 * identity-instrument: generate nonce from current time (#921) * Remove publish-dists.yml github action (#923) * 3.0.0-beta.2 * Clean up changeset config * Improve test stability by removing race conditions * Ensure build before test * Updating happy-dom to 20.0.10 (#926) * Add support for custom auth providers (authcode & authcode-pkce only) (#894) * Add support for custom auth providers (authcode & authcode-pkce only) * fix authcode tests * Updating Deps November 2025 (#927) * Updating deps for the workspace root * Updating deps for wallet/wdk * Fixing sessions test for latest vitest * Lets not upgrade to the latest typescript quite yet * Updating to latest vitest * Updating deps for wallet/core * Updating deps for wallet/primitives-cli * Updating deps for wallet/dapp-client * Adding syncpack to check for dep version inconsistencies * Setup syncpack versionGroups for pnpm workspace:^ * Fixing dep versions mismatches * Fixing @types/node mismatches * Adding syncpack to pre commit hook * Remove the syncpack format script. * Update ox to v9.17.0 (#928) * Upgrading ox to 9.17.0 * WrappedSignature renamed to SignatureErc6492 * Fixing PasskeySignatureValidator interface * Lock ox lib dep to use the same version with pnpm overrides and update viem to latest * Fix explicitSessionRequested check in dapp client * Typescript 5.9.3 (#930) * Upgrading to typescript v5.9.3 * Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings. * Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931) * Update pnpm * Mark @0xsequence/wallet-primitives-cli as private * 3.0.0-beta…

vercel bot deployed to Preview – sequence.js December 20, 2025 22:01 View deployment

vercel bot deployed to Preview – sequence-js-web December 20, 2025 22:01 View deployment

vercel bot deployed to Preview – sequence-js-docs December 20, 2025 22:01 View deployment

gemini-code-assist bot reviewed Dec 20, 2025

View reviewed changes

Dargon789 merged commit 3c73b56 into master Dec 22, 2025
19 of 21 checks passed

Dargon789 deleted the snyk-upgrade-f984c929e0210a177a7614d1131329c6 branch December 22, 2025 14:38

Dargon789 mentioned this pull request Dec 26, 2025

Revise README structure and add sponsorship details (#146) (#155) #156

Closed

Dargon789 mentioned this pull request Dec 30, 2025

2.3.7 (#168) #169

Closed

Dargon789 mentioned this pull request Jan 18, 2026

Update issue templates (#212) #213

Closed

Dargon789 mentioned this pull request Jan 19, 2026

wagmi #90 #91 (#226) #227

Closed

Conversation

Dargon789 commented Dec 20, 2025

Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0.

New React Features

New React DOM Features

Notable changes

All Changes

React

React DOM

React Server Components

React Reconciler

eslint-plugin-react-hooks@6.1.0

React Server Components

React Server Components

React Server Components

React Server Components

React Server Components

React Server Components

Uh oh!

codesandbox bot commented Dec 20, 2025

Review or Edit in CodeSandbox

Uh oh!

bolt-new-by-stackblitz bot commented Dec 20, 2025

Uh oh!

vercel bot commented Dec 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

snyk-io bot commented Dec 20, 2025

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

gemini-code-assist bot commented Dec 20, 2025

Summary of Changes

Highlights

Footnotes

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

gemini-code-assist bot Dec 20, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

vercel bot commented Dec 20, 2025 •

edited

Loading