Skip to content

Codesandbox#258

Merged
Dargon789 merged 9 commits intomasterfrom
codesandbox
Jan 31, 2026
Merged

Codesandbox#258
Dargon789 merged 9 commits intomasterfrom
codesandbox

Conversation

@Dargon789
Copy link
Owner

@Dargon789 Dargon789 commented Jan 31, 2026

No description provided.

Dargon789 and others added 8 commits January 31, 2026 07:02
@Dargon789 @ScreamingHawk
@VGabriel45 @tolgahan-arikan @taylanpince @corbanbrook @patrislav @Agusx1211 @marino39 @pkieltyka @xiam @gemini-code-assist @dependabot @sourcery-ai @snyk-io @snyk-bot @github-advanced-security @attente @Shubhaankar-Sharma @vercel
0xsequence 1.9.19 (#253)
6ecbe48 
* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Add feeTokens endpoint to relayer (#885)

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update relayer.gen.ts and TransactionPrecondition interface (#920)

* 3.0.0-beta.1

* identity-instrument: generate nonce from current time (#921)

* Remove publish-dists.yml github action (#923)

* 3.0.0-beta.2

* Clean up changeset config

* Improve test stability by removing race conditions

* Ensure build before test

* Updating happy-dom to 20.0.10 (#926)

* Add support for custom auth providers (authcode & authcode-pkce only) (#894)

* Add support for custom auth providers (authcode & authcode-pkce only)

* fix authcode tests

* Updating Deps November 2025 (#927)

* Updating deps for the workspace root

* Updating deps for wallet/wdk

* Fixing sessions test for latest vitest

* Lets not upgrade to the latest typescript quite yet

* Updating to latest vitest

* Updating deps for wallet/core

* Updating deps for wallet/primitives-cli

* Updating deps for wallet/dapp-client

* Adding syncpack to check for dep version inconsistencies

* Setup syncpack versionGroups for pnpm workspace:^

* Fixing dep versions mismatches

* Fixing @types/node mismatches

* Adding syncpack to pre commit hook

* Remove the syncpack format script.

* Update ox to v9.17.0 (#928)

* Upgrading ox to 9.17.0

* WrappedSignature renamed to SignatureErc6492

* Fixing PasskeySignatureValidator interface

* Lock ox lib dep to use the same version with pnpm overrides and update viem to latest

* Fix explicitSessionRequested check in dapp client

* Typescript 5.9.3 (#930)

* Upgrading to typescript v5.9.3

* Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings.

* Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931)

* Update pnpm

* Mark @0xsequence/wallet-primitives-cli as private

* 3.0.0-beta.3

* changeset cleanup

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* [AUTOMATED] Update: proto/clients/indexer*.gen.ts

* Fix rc4 4337 factory (#933)

* Add rc5 and set it as default (#934)

* 3.0.0-beta.4

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Bump next from 15.5.5 to 15.5.7 (#936)

Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add userdata service client (#940)

* Skip LocalDevice identity signers not on current device (#942)

* Skip LocalDevice identity signers not on current device

* Update log

* 3.0.0-beta.5

* Update config.yml (#102)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Update config.yml (#103)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#101)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#100)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities (#104)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697
- https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745
- https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729
- https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'"

This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing
changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4.

* fix: extras/web/package.json to reduce vulnerabilities (#109)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#106)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump next in the npm_and_yarn group across 1 directory (#110)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.7 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Delete .github/workflows/fortify.yml (#111)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#107)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump the npm_and_yarn group across 1 directory with 3 updates (#115)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.5 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9)

Updates `happy-dom` from 17.6.3 to 20.0.11
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11)

Updates `vite` from 7.1.10 to 7.2.7
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.11
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.2.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump next from 15.5.7 to 15.5.9 (#944)

Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Pin foundry to v1.5.0 instead of nightly (#947)

* Include repo and extras in syncpack config to ensure deps are synced (#945)

* Include repo and extras in syncpack config to ensure deps are synced across all

* Updating support deps

* Updating deps

* Updating pnpm lock

* Fixing type errors within wdk tests

* Short circuit 404s (#949)

* skip witness on signers that don't support it

* add passkey to test

* 3.0.0-beta.6

* Update tests.yml (#119)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update config.yml (#120)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/services/identity-instrument/src/index.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126)

Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0.

See this package in npm:
@wagmi/cli

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Potential fix for code scanning alert no. 82: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 62: Information exposure through a stack trace

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125)

* fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11

Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* feat: upgrade vite from 5.4.21 to 7.2.4 (#124)

Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4.

See this package in npm:
vite

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123)

Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2.

See this package in npm:
wagmi

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122)

Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0.

See this package in npm:
react-dom

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#136)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127)

* feat: upgrade @types/react from 18.3.27 to 19.2.7

Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7.

See this package in npm:
@types/react

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Master ceb95d4 (#129)

* Update issue templates (#128)

* Bump the npm_and_yarn group across 1 directory with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express).


Updates `express` from 4.18.2 to 4.19.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>

* Create SECURITY.md

* Set up CI with Azure Pipelines

[skip ci]

* Create CNAME

* Create fortify.yml

* Update issue templates

* Update CNAME

* fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2

Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Create config.yml (#46)

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Update fortify.yml

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Add session signature decoding

* Add feeTokens endpoint to relayer (#885)

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Update package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create FUNDING.json (#90)

Enhancements:
Include FUNDING.json to display GitHub sponsorship options in the repository
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create config.yml (#91)

Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow.

Build:

Add .circleci/config.yml with version 2.1 specification and custom Docker executor.
CI:

Define web3-defi-game-project job with checkout step.
Set up my-custom-workflow to run the job.
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* SSR safety test

* Fix CI job

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update api.gen.ts

* Update metadata.gen.ts

* Update marketplace.gen.ts

* Update guard.gen.ts

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Add feeTokens endpoint to relayer (#885)

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update relayer.gen.ts and TransactionPrecondition interface (#920)

* 3.0.0-beta.1

* identity-instrument: generate nonce from current time (#921)

* Remove publish-dists.yml github action (#923)

* 3.0.0-beta.2

* Clean up changeset config

* Improve test stability by removing race conditions

* Ensure build before test

* Updating happy-dom to 20.0.10 (#926)

* Add support for custom auth providers (authcode & authcode-pkce only) (#894)

* Add support for custom auth providers (authcode & authcode-pkce only)

* fix authcode tests

* Updating Deps November 2025 (#927)

* Updating deps for the workspace root

* Updating deps for wallet/wdk

* Fixing sessions test for latest vitest

* Lets not upgrade to the latest typescript quite yet

* Updating to latest vitest

* Updating deps for wallet/core

* Updating deps for wallet/primitives-cli

* Updating deps for wallet/dapp-client

* Adding syncpack to check for dep version inconsistencies

* Setup syncpack versionGroups for pnpm workspace:^

* Fixing dep versions mismatches

* Fixing @types/node mismatches

* Adding syncpack to pre commit hook

* Remove the syncpack format script.

* Update ox to v9.17.0 (#928)

* Upgrading ox to 9.17.0

* WrappedSignature renamed to SignatureErc6492

* Fixing PasskeySignatureValidator interface

* Lock ox lib dep to use the same version with pnpm overrides and update viem to latest

* Fix explicitSessionRequested check in dapp client

* Typescript 5.9.3 (#930)

* Upgrading to typescript v5.9.3

* Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings.

* Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931)

* Update pnpm

* Mark @0xsequence/wallet-primitives-cli as private

* 3.0.0-beta.3

* changeset cleanup

* Fix rc4 4337 factory (#933)

* Add rc5 and set it as default (#934)

* 3.0.0-beta.4

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Bump next from 15.5.5 to 15.5.7 (#936)

Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add userdata service client (#940)

* Skip LocalDevice identity signers not on current device (#942)

* Skip LocalDevice identity signers not on current device

* Update log

* 3.0.0-beta.5

* Update config.yml (#102)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Update config.yml (#103)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#101)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#100)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities (#104)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697
- https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745
- https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729
- https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'"

This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing
changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4.

* fix: extras/web/package.json to reduce vulnerabilities (#109)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#106)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump next in the npm_and_yarn group across 1 directory (#110)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.7 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Delete .github/workflows/fortify.yml (#111)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#107)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump the npm_and_yarn group across 1 directory with 3 updates (#115)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.5 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9)

Updates `happy-dom` from 17.6.3 to 20.0.11
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11)

Updates `vite` from 7.1.10 to 7.2.7
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.11
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.2.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump next from 15.5.7 to 15.5.9 (#944)

Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Pin foundry to v1.5.0 instead of nightly (#947)

* Include repo and extras in syncpack config to ensure deps are synced (#945)

* Include repo and extras in syncpack config to ensure deps are synced across all

* Updating support deps

* Updating deps

* Updating pnpm lock

* Fixing type errors within wdk tests

* Short circuit 404s (#949)

* skip witness on signers that don't support it

* add passkey to test

* 3.0.0-beta.6

* Update tests.yml (#119)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update config.yml (#120)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/services/identity-instrument/src/index.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Michael Standen <mstan@horizon.io>
Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com>
Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>
Co-authored-by: Taylan Pince <taylanpince@gmail.com>
Co-authored-by: Corban Brook <corbanbrook@gmail.com>
Co-authored-by: Patryk Kalinowski <pkal@horizon.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Agusx1211 <agusgit@pm.me>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Update wagmi-project/src/main.tsx

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#116)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>
Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Michael Standen <mstan@horizon.io>
Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com>
Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>
Co-authored-by: Taylan Pince <taylanpince@gmail.com>
Co-authored-by: Corban Brook <corbanbrook@gmail.com>
Co-authored-by: Patryk Kalinowski <pkal@horizon.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Agusx1211 <agusgit@pm.me>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* 2.3.7 (#131) (#132)

* 2.3.7 (#131)

* fix broken guard private key

* Expose access to passkey credential list

* Dapp client direct txn request (#856)

* Signature request refactor

* WIP

* Refactor

* Update dapp-client exports (#858)

* Add hasPermission method to DappClient (#859)

* Save discovered passkey credentials upon login

* Expose name property in PasskeySignupArgs

* Fix blacklist sort

* Add multi server script

* relayer: /SimulateV3 (#857)

* Add await for handleOpenDB scheduleExpiration

* Update increment to always include native once used

* Fix session tests

* Adding lastLoginAt to PasskeyCredential

* LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use

* Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled

* When a login is cancelled we can remove the wallet which is logging-in

* Add RC3 contracts

* Sessions space restriction

* Dedupe signers for encoding

* Support RC3 sessions

* Tightly increment call validation

* CLI defaults to RC3 wallet code

* Rc3 address test

* Fix hashing tests

* Add deprecated encoding test

* wdk: throw errors from otp respond callback (#864)

* wdk: throw errors from otp respond callback

* wdk: otp auth error and handler refactor

* Handle guard 2FA (#861)

* guard: return a specific error when auth required

* core: pass guard token to the service

* wdk: handle prompting for guard 2FA code

* dapp-client: handle prompting for guard 2FA code

* guard 2fa tests

* wdk: separate wallet and sessions guards

* dapp-client: remove guard 2fa

* dapp-client: fix imports

* fix guard tests

* wdk: remove unneeded promise resolve

* Update relayer and api gen.ts, force public packages

* Add standalone fetch queued payloads

* Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address>

* Fallback to chain for non-logged in recovery

* Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873)

* Update a few remaining dev1 contract addresses to rc3 (#874)

* Remove unnecessary console.error where we already throw error

* Improve DappClient hasPermission method

* Wallet db try checksum and lowercase

* Update dapp client json utils to include Map reviver and replacer

* Bump next in the npm_and_yarn group across 1 directory

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.4.2 to 15.4.7
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.4.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update type name, update exports for dapp client

* Expired explicit sessions can't sign

* Improve session validity test

* session isValid returns invalid reason

* InvalidReason is typed

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Update issue templates

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* Add feeTokens endpoint to relayer (#885)

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Potential fix for code scanning alert no. 84: Insecure randomness

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump happy-dom in the npm_and_yarn group across 1 directory (#69)

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 20.0.0 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Create SECURITY.md for security policy (#70)

* Create SECURITY.md for security policy

Add a security policy document outlining supported versions and vulnerability reporting.

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Update SECURITY.md

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/wallet/dapp-client/src/DappTransport.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create FUNDING.json (#90)

Enhancements:
Include FUNDING.json to display GitHub sponsorship options in the repository
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create config.yml (#91)

Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow.

Build:

Add .circleci/config.yml with version 2.1 specification and custom Docker executor.
CI:

Define web3-defi-game-project job with checkout step.
Set up my-custom-workflow to run the job.
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* SSR safety test

* Fix CI job

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update api.gen.ts

* Update metadata.gen.ts

* Update marketplace.gen.ts

* Update guard.gen.ts

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Add feeTokens endpoint to relayer (#885)

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update relayer.gen.ts and TransactionPrecondition interface (#920)

* 3.0.0-beta.1

* identity-instrument: generate nonce from current time (#921)

* Remove publish-dists.yml github action (#923)

* 3.0.0-beta.2

* Clean up changeset config

* Improve test stability by removing race conditions

* Ensure build before test

* Updating happy-dom to 20.0.10 (#926)

* Add support for custom auth providers (authcode & authcode-pkce only) (#894)

* Add support for custom auth providers (authcode & authcode-pkce only)

* fix authcode tests

* Updating Deps November 2025 (#927)

* Updating deps for the workspace root

* Updating deps for wallet/wdk

* Fixing sessions test for latest vitest

* Lets not upgrade to the latest typescript quite yet

* Updating to latest vitest

* Updating deps for wallet/core

* Updating deps for wallet/primitives-cli

* Updating deps for wallet/dapp-client

* Adding syncpack to check for dep version inconsistencies

* Setup syncpack versionGroups for pnpm workspace:^

* Fixing dep versions mismatches

* Fixing @types/node mismatches

* Adding syncpack to pre commit hook

* Remove the syncpack format script.

* Update ox to v9.17.0 (#928)

* Upgrading ox to 9.17.0

* WrappedSignature renamed to SignatureErc6492

* Fixing PasskeySignatureValidator interface

* Lock ox lib dep to use the same version with pnpm overrides and update viem to latest

* Fix explicitSessionRequested check in dapp client

* Typescript 5.9.3 (#930)

* Upgrading to typescript v5.9.3

* Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings.

* Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931)

* Update pnpm

* Mark @0xsequence/wallet-primitives-cli as private

* 3.0.0-beta.3

* changeset cleanu…
@Dargon789 @ScreamingHawk
@VGabriel45 @tolgahan-arikan @taylanpince @github-advanced-security @dependabot @gemini-code-assist @snyk-bot @corbanbrook @patrislav @sourcery-ai @Agusx1211 @snyk-io @attente @marino39 @pkieltyka @xiam @Shubhaankar-Sharma @vercel
Vercel/react server components CVE vu qan1bu (#256)
4a6ac5d 
* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Update fortify.yml

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Add session signature decoding

* Add feeTokens endpoint to relayer (#885)

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Potential fix for code scanning alert no. 84: Insecure randomness

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump happy-dom in the npm_and_yarn group across 1 directory (#69)

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 20.0.0 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v20.0.0...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Create SECURITY.md for security policy (#70)

* Create SECURITY.md for security policy

Add a security policy document outlining supported versions and vulnerability reporting.

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* 0xsequence/master (#79)

* Create fortify.yml

* Update issue templates

* Update CNAME

* fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2

Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Create config.yml (#46)

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update fortify.yml

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Update .github/ISSUE_TEMPLATE/bug_report.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .github/ISSUE_TEMPLATE/feature_request.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Update tests.yml (#82)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/wallet/dapp-client/src/DappTransport.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create FUNDING.json (#90)

Enhancements:
Include FUNDING.json to display GitHub sponsorship options in the repository
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create config.yml (#91)

Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow.

Build:

Add .circleci/config.yml with version 2.1 specification and custom Docker executor.
CI:

Define web3-defi-game-project job with checkout step.
Set up my-custom-workflow to run the job.
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update App.tsx (#92)

Summary by Sourcery
Overhaul App.tsx to build a comprehensive Sequence Wallet demo application, replacing wagmi with Sequence SDK integration, adding environment/configuration management, rich wallet operations, and a structured UI with console output for interactive testing

New Features:

Replace wagmi-based hooks with @0xsequence wallet initialization and integration
Add environment selection and dynamic wallet URLs via query parameters
Implement connect, disconnect, open/close wallet and customizable connection settings
Provide extensive demo actions including chain/network switching, account/balance queries, message signing, typed data signing, and transaction sending
Introduce a console component and logging for viewing function outputs
Add email-based auto-login via modal with validation
Enhancements:

Refactor UI to use design-system components and group actions thematically
Initialize logger and configure default chain/network
Memoize and listen to wallet events such as chain changes
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* SSR safety test

* Fix CI job

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update api.gen.ts

* Update metadata.gen.ts

* Update marketplace.gen.ts

* Update guard.gen.ts

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Add feeTokens endpoint to relayer (#885)

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update relayer.gen.ts and TransactionPrecondition interface (#920)

* 3.0.0-beta.1

* identity-instrument: generate nonce from current time (#921)

* Remove publish-dists.yml github action (#923)

* 3.0.0-beta.2

* Clean up changeset config

* Improve test stability by removing race conditions

* Ensure build before test

* Updating happy-dom to 20.0.10 (#926)

* Add support for custom auth providers (authcode & authcode-pkce only) (#894)

* Add support for custom auth providers (authcode & authcode-pkce only)

* fix authcode tests

* Updating Deps November 2025 (#927)

* Updating deps for the workspace root

* Updating deps for wallet/wdk

* Fixing sessions test for latest vitest

* Lets not upgrade to the latest typescript quite yet

* Updating to latest vitest

* Updating deps for wallet/core

* Updating deps for wallet/primitives-cli

* Updating deps for wallet/dapp-client

* Adding syncpack to check for dep version inconsistencies

* Setup syncpack versionGroups for pnpm workspace:^

* Fixing dep versions mismatches

* Fixing @types/node mismatches

* Adding syncpack to pre commit hook

* Remove the syncpack format script.

* Update ox to v9.17.0 (#928)

* Upgrading ox to 9.17.0

* WrappedSignature renamed to SignatureErc6492

* Fixing PasskeySignatureValidator interface

* Lock ox lib dep to use the same version with pnpm overrides and update viem to latest

* Fix explicitSessionRequested check in dapp client

* Typescript 5.9.3 (#930)

* Upgrading to typescript v5.9.3

* Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings.

* Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931)

* Update pnpm

* Mark @0xsequence/wallet-primitives-cli as private

* 3.0.0-beta.3

* changeset cleanup

* Fix rc4 4337 factory (#933)

* Add rc5 and set it as default (#934)

* 3.0.0-beta.4

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Bump next from 15.5.5 to 15.5.7 (#936)

Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add userdata service client (#940)

* Skip LocalDevice identity signers not on current device (#942)

* Skip LocalDevice identity signers not on current device

* Update log

* 3.0.0-beta.5

* Update config.yml (#102)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Update config.yml (#103)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#101)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#100)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities (#104)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697
- https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745
- https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729
- https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'"

This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing
changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4.

* fix: extras/web/package.json to reduce vulnerabilities (#109)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#106)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump next in the npm_and_yarn group across 1 directory (#110)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.7 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Delete .github/workflows/fortify.yml (#111)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#107)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump the npm_and_yarn group across 1 directory with 3 updates (#115)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.5 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9)

Updates `happy-dom` from 17.6.3 to 20.0.11
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11)

Updates `vite` from 7.1.10 to 7.2.7
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.11
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.2.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump next from 15.5.7 to 15.5.9 (#944)

Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Pin foundry to v1.5.0 instead of nightly (#947)

* Include repo and extras in syncpack config to ensure deps are synced (#945)

* Include repo and extras in syncpack config to ensure deps are synced across all

* Updating support deps

* Updating deps

* Updating pnpm lock

* Fixing type errors within wdk tests

* Short circuit 404s (#949)

* skip witness on signers that don't support it

* add passkey to test

* 3.0.0-beta.6

* Update tests.yml (#119)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update config.yml (#120)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/services/identity-instrument/src/index.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* feat: upgrade @wagmi/cli from 0.1.15 to 2.8.0 (#126)

Snyk has created this PR to upgrade @wagmi/cli from 0.1.15 to 2.8.0.

See this package in npm:
@wagmi/cli

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Potential fix for code scanning alert no. 82: Workflow does not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Potential fix for code scanning alert no. 62: Information exposure through a stack trace

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* [Snyk] Upgrade @tanstack/react-query from 5.64.2 to 5.90.11 (#125)

* fix: upgrade @tanstack/react-query from 5.64.2 to 5.90.11

Snyk has created this PR to upgrade @tanstack/react-query from 5.64.2 to 5.90.11.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* feat: upgrade vite from 5.4.21 to 7.2.4 (#124)

Snyk has created this PR to upgrade vite from 5.4.21 to 7.2.4.

See this package in npm:
vite

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* feat: upgrade wagmi from 0.12.19 to 3.0.2 (#123)

Snyk has created this PR to upgrade wagmi from 0.12.19 to 3.0.2.

See this package in npm:
wagmi

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* feat: upgrade react-dom from 18.3.1 to 19.2.0 (#122)

Snyk has created this PR to upgrade react-dom from 18.3.1 to 19.2.0.

See this package in npm:
react-dom

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#136)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* [Snyk] Upgrade @types/react from 18.3.27 to 19.2.7 (#127)

* feat: upgrade @types/react from 18.3.27 to 19.2.7

Snyk has created this PR to upgrade @types/react from 18.3.27 to 19.2.7.

See this package in npm:
@types/react

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Master ceb95d4 (#129)

* Update issue templates (#128)

* Bump the npm_and_yarn group across 1 directory with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [express](https://github.com/expressjs/express).


Updates `express` from 4.18.2 to 4.19.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>

* Create SECURITY.md

* Set up CI with Azure Pipelines

[skip ci]

* Create CNAME

* Create fortify.yml

* Update issue templates

* Update CNAME

* fix: upgrade @tanstack/react-query from 5.45.1 to 5.64.2

Snyk has created this PR to upgrade @tanstack/react-query from 5.45.1 to 5.64.2.

See this package in npm:
@tanstack/react-query

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/bb845543-cbee-4e11-8cf9-8bfdf9205bf1?utm_source=github&utm_medium=referral&page=upgrade-pr

* Create config.yml (#46)

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Update fortify.yml

Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* Add session signature decoding

* Add feeTokens endpoint to relayer (#885)

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

Updates `happy-dom` from 17.6.3 to 20.0.2
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Update package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create FUNDING.json (#90)

Enhancements:
Include FUNDING.json to display GitHub sponsorship options in the repository
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Create config.yml (#91)

Add initial CircleCI configuration to enable automated builds using a custom Docker executor and a defined workflow.

Build:

Add .circleci/config.yml with version 2.1 specification and custom Docker executor.
CI:

Define web3-defi-game-project job with checkout step.
Set up my-custom-workflow to run the job.
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* SSR safety test

* Fix CI job

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update api.gen.ts

* Update metadata.gen.ts

* Update marketplace.gen.ts

* Update guard.gen.ts

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Add feeTokens endpoint to relayer (#885)

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Add support for sessionless dapp connection (#896)

* Refactor relayer package & update dependant packages  (#891)

* refactor exports for relayer (#900)

* Add Arc Testnet

* Fix changelog config

* Sessionless connection upgrade and error handling in DappClient (#902)

* dapp-client: add sessionless snapshot restore flow

* Allow to logout a wallet with skipRemoveDevice even if the wallet is not in a ready state to allow force removing of wallets (#906)

* Pass request to PromptCodeHandler in guard registerUI (#909)

* Pass request to PromptCodeHandler in guard registerUI

* Fixing guard registerUI test

* guard: allow using recovery code as 2FA token (#910)

* guard: allow using recovery code as 2FA token

* Cleanup types of ResponseFn

---------

Co-authored-by: Corban Riley <corbanbrook@gmail.com>

* Add a way to reset 2fa when using a backup code (#911)

* Add a way to reset 2fa when using a backup code

* use the GuardToken type instead of breaking out the props

* Add rc4 contracts

* Set rc4 as default and add it to lists

* Session enhanced replay protection

* New sessions replay protection hashes payload

* Use the 4337 factory wrapper

* Update keymachine url in dapp-client constants

* Update keymachine url in Provider constructor

* SSR safety (#915)

* Guard dapp-client for SSR (lazy transport, browser checks, gated storage)

* Fix guard topology (#918)

* Use proper guard topology

* Test and fixes

* login and setup tests

* Switch prod manager settings (#917)

* Add prod guard and identity instrument info

* Remove completed TODOs

* Small JS tweaks (#919)

* Fix type exports to built declarations

* Update repository links to current package paths

* Improve Next app tooling and React typings

* Expose primitives CLI bin and use base lint config

* Update relayer.gen.ts and TransactionPrecondition interface

* Update relayer.gen.ts and TransactionPrecondition interface (#920)

* 3.0.0-beta.1

* identity-instrument: generate nonce from current time (#921)

* Remove publish-dists.yml github action (#923)

* 3.0.0-beta.2

* Clean up changeset config

* Improve test stability by removing race conditions

* Ensure build before test

* Updating happy-dom to 20.0.10 (#926)

* Add support for custom auth providers (authcode & authcode-pkce only) (#894)

* Add support for custom auth providers (authcode & authcode-pkce only)

* fix authcode tests

* Updating Deps November 2025 (#927)

* Updating deps for the workspace root

* Updating deps for wallet/wdk

* Fixing sessions test for latest vitest

* Lets not upgrade to the latest typescript quite yet

* Updating to latest vitest

* Updating deps for wallet/core

* Updating deps for wallet/primitives-cli

* Updating deps for wallet/dapp-client

* Adding syncpack to check for dep version inconsistencies

* Setup syncpack versionGroups for pnpm workspace:^

* Fixing dep versions mismatches

* Fixing @types/node mismatches

* Adding syncpack to pre commit hook

* Remove the syncpack format script.

* Update ox to v9.17.0 (#928)

* Upgrading ox to 9.17.0

* WrappedSignature renamed to SignatureErc6492

* Fixing PasskeySignatureValidator interface

* Lock ox lib dep to use the same version with pnpm overrides and update viem to latest

* Fix explicitSessionRequested check in dapp client

* Typescript 5.9.3 (#930)

* Upgrading to typescript v5.9.3

* Fix type errors that arose from typescript upgrade related to Bytes and Buffer source typings.

* Don't catch errors thrown by Guard 2FA or reject early to allow multiple attempts on incorrect TOTP (#931)

* Update pnpm

* Mark @0xsequence/wallet-primitives-cli as private

* 3.0.0-beta.3

* changeset cleanup

* Fix rc4 4337 factory (#933)

* Add rc5 and set it as default (#934)

* 3.0.0-beta.4

* Update SECURITY.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Bump next from 15.5.5 to 15.5.7 (#936)

Bumps [next](https://github.com/vercel/next.js) from 15.5.5 to 15.5.7.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add userdata service client (#940)

* Skip LocalDevice identity signers not on current device (#942)

* Skip LocalDevice identity signers not on current device

* Update log

* 3.0.0-beta.5

* Update config.yml (#102)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Update config.yml (#103)

* Update config.yml

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update .circleci/config.yml

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#101)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#100)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* fix: package.json to reduce vulnerabilities (#104)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELHELPERS-9397697
- https://snyk.io/vuln/SNYK-JS-BABELRUNTIME-10044504
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8187303
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-8720086
- https://snyk.io/vuln/SNYK-JS-IMAGESIZE-9634164
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14114940
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125097
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-14125745
- https://snyk.io/vuln/SNYK-JS-ONHEADERS-10773729
- https://snyk.io/vuln/SNYK-JS-ROLLUP-8073097
- https://snyk.io/vuln/SNYK-JS-SECP256K1-8237220
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
- https://snyk.io/vuln/SNYK-JS-SHAJS-12089400

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Revert "Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm_and_yarn-318c02e2da'"

This reverts commit fd0fdf9ecc6ad9056447e381de7fc5bb19f78e47, reversing
changes made to cba78943db9942a4635bb530b7a43fc5d18b0ab4.

* fix: extras/web/package.json to reduce vulnerabilities (#109)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14173355

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: extras/docs/package.json to reduce vulnerabilities (#106)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump next in the npm_and_yarn group across 1 directory (#110)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.7 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Delete .github/workflows/fortify.yml (#111)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/web/package.json to reduce vulnerabilities (#107)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Bump the npm_and_yarn group across 1 directory with 3 updates (#115)

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.5.5 to 15.5.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.5...v15.5.9)

Updates `happy-dom` from 17.6.3 to 20.0.11
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.11)

Updates `vite` from 7.1.10 to 7.2.7
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.2.7/packages/vite)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: happy-dom
  dependency-version: 20.0.11
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.2.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump next from 15.5.7 to 15.5.9 (#944)

Bumps [next](https://github.com/vercel/next.js) from 15.5.7 to 15.5.9.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.5.7...v15.5.9)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Pin foundry to v1.5.0 instead of nightly (#947)

* Include repo and extras in syncpack config to ensure deps are synced (#945)

* Include repo and extras in syncpack config to ensure deps are synced across all

* Updating support deps

* Updating deps

* Updating pnpm lock

* Fixing type errors within wdk tests

* Short circuit 404s (#949)

* skip witness on signers that don't support it

* add passkey to test

* 3.0.0-beta.6

* Update tests.yml (#119)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update config.yml (#120)

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update packages/services/identity-instrument/src/index.ts

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Michael Standen <mstan@horizon.io>
Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com>
Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>
Co-authored-by: Taylan Pince <taylanpince@gmail.com>
Co-authored-by: Corban Brook <corbanbrook@gmail.com>
Co-authored-by: Patryk Kalinowski <pkal@horizon.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Agusx1211 <agusgit@pm.me>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Update wagmi-project/src/main.tsx

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/package.json

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* fix: extras/docs/package.json to reduce vulnerabilities (#116)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NEXT-14400636
- https://snyk.io/vuln/SNYK-JS-NEXT-14400644

Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>
Co-authored-by: dargon789 <64915515+Dargon789@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Michael Standen <mstan@horizon.io>
Co-authored-by: Gabi <56271768+VGabriel45@users.noreply.github.com>
Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>
Co-authored-by: Taylan Pince <taylanpince@gmail.com>
Co-authored-by: Corban Brook <corbanbrook@gmail.com>
Co-authored-by: Patryk Kalinowski <pkal@horizon.io>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Agusx1211 <agusgit@pm.me>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Co-authored-by: snyk-io[bot] <141718529+snyk-io[bot]@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* Update wagmi-project/src/App.tsx

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>

* 2.3.7 (#131) (#132)

* 2.3.7 (#131)

* fix broken guard private key

* Expose access to passkey credential list

* Dapp client direct txn request (#856)

* Signature request refactor

* WIP

* Refactor

* Update dapp-client exports (#858)

* Add hasPermission method to DappClient (#859)

* Save discovered passkey credentials upon login

* Expose name property in PasskeySignupArgs

* Fix blacklist sort

* Add multi server script

* relayer: /SimulateV3 (#857)

* Add await for handleOpenDB scheduleExpiration

* Update increment to always include native once used

* Fix session tests

* Adding lastLoginAt to PasskeyCredential

* LoginToPasskeyArgs now accept a credentialId which is used to specify which credential to use

* Adding onSignatureRequestStatus function to register single use callbacks for when a request reaches a terminal state of completed or cancelled

* When a login is cancelled we can remove the wallet which is logging-in

* Add RC3 contracts

* Sessions space restriction

* Dedupe signers for encoding

* Support RC3 sessions

* Tightly increment call validation

* CLI defaults to RC3 wallet code

* Rc3 address test

* Fix hashing tests

* Add deprecated encoding test

* wdk: throw errors from otp respond callback (#864)

* wdk: throw errors from otp respond callback

* wdk: otp auth error and handler refactor

* Handle guard 2FA (#861)

* guard: return a specific error when auth required

* core: pass guard token to the service

* wdk: handle prompting for guard 2FA code

* dapp-client: handle prompting for guard 2FA code

* guard 2fa tests

* wdk: separate wallet and sessions guards

* dapp-client: remove guard 2fa

* dapp-client: fix imports

* fix guard tests

* wdk: remove unneeded promise resolve

* Update relayer and api gen.ts, force public packages

* Add standalone fetch queued payloads

* Replacing GuardRole enum with string union type, as well as replacing guardAddresses Map with Record<GuardRole, Address>

* Fallback to chain for non-logged in recovery

* Add Katana, Sandbox Tesnet, Incentiv Testnet v2 (#873)

* Update a few remaining dev1 contract addresses to rc3 (#874)

* Remove unnecessary console.error where we already throw error

* Improve DappClient hasPermission method

* Wallet db try checksum and lowercase

* Update dapp client json utils to include Map reviver and replacer

* Bump next in the npm_and_yarn group across 1 directory

Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).


Updates `next` from 15.4.2 to 15.4.7
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/compare/v15.4.2...v15.4.7)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.4.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update type name, update exports for dapp client

* Expired explicit sessions can't sign

* Improve session validity test

* session isValid returns invalid reason

* InvalidReason is typed

* Support multiple identity signers in sessions configuration

* Device signers can approve implicit sessions

* Remove invalid test

* Fix recursion

* Fix comment

* Improve test stability by reducing race conditions

* Do not set passkey signer as identity signer

* Use length checks

* Throw on missing identity signer

* Encoding requires identity signer to encode

* Fix test

* Refactor/types namings tsdoc redundant code (#880)

* refactor types, namings, ts doc

* fix session response payload

* change parameter name

* change parameter name

* change type in tests

* improve types and dapp client methods

* fix session test to use new types

* refactor

* refactor implicit sessions array in chain session manager

* remove unused types

* remove unused types and add ConnectionError

* update pnpm lock

* move reusable session types to wallet-core

* Update some imports and update some response type names

---------

Co-authored-by: Tolgahan Arikan <tolgahan.arikan@gmail.com>

* Fix check for explicit session for the updated type in dapp-client

* Update api.gen.ts and relayer.gen.ts

* Add missing chainId for dapp client event

* Fix initializing new chain session manager on redirect

* Add support for non-viem, custom Sequence chains (#882)

* Update issue templates

* Provider sent to prepareBlankEnvelope

* Add session signature decoding

* Add feeTokens endpoint to relayer (#885)

* const for node length

* Clearer blacklist size encoding

* identity signer node length

* Potential fix for code scanning alert no. 84: Insecure randomness

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>

* add getFeeTokens to dapp client (#889)

* add getFeeTokens to dapp client

* fix typo

* make getFeeTokens independent of chain session manager and initialize state (#890)

* make getFeeTokens independent of chain session manager and initialized state

* remove getFeeTokens from chain session manager

* Throw specific error when trying to sign with an expired session (#887)

* Throw when supported session signer is expired

* Fix tests

* Make dapp-client implicit sessions chain agnostic (#893)

* Add Monad, remove LAOS and Root Network

* Bump the npm_and_yarn group across 3 directories with 1 update

Bumps the npm_and_yarn group with 1 update in the / directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/dapp-client directory: [happy-dom](https://github.com/capricorn86/happy-dom).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet/wdk directory: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

Updates `happy-dom` from 17.6.3 to 20.0.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v17.6.3...v20.0.0)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0…
@Dargon789 @github-advanced-security
Potential fix for code scanning alert no. 83: Workflow does not conta…
64367c9 
…in permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
@Dargon789 @github-advanced-security
Potential fix for code scanning alert no. 82: Workflow does not conta…
785b063 
…in permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
@Dargon789
extras docs
106b140 
extras\docs\next-env.d.ts
@Dargon789
Merge branch 'codesandbox' into v3
b44a924
@Dargon789
Update publish-dists.yml
966d0ec
@Dargon789
Merge pull request #257 from Dargon789/v3
048f214 
V3
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 31, 2026
View reviewed changes
packages/services/userdata/src/userdata.gen.ts
protected path = '/rpc/UserData/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
@codesandbox
Copy link

codesandbox bot commented Jan 31, 2026

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@bolt-new-by-stackblitz
Copy link

bolt-new-by-stackblitz bot commented Jan 31, 2026

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@vercel

This comment was marked as resolved.

Sign in to view
sourcery-ai[bot]
sourcery-ai bot reviewed Jan 31, 2026
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, we are unable to review this pull request

The GitHub API does not allow us to fetch diffs exceeding 300 files, and this pull request has 7020

@snyk-io
Copy link

snyk-io bot commented Jan 31, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@gemini-code-assist
Copy link

gemini-code-assist bot commented Jan 31, 2026

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request comprehensively upgrades the project's development and operational infrastructure. It establishes a more versatile development environment through CodeSandbox integration and fortifies CI/CD pipelines across multiple platforms. A major focus is on advancing the project's blockchain capabilities by integrating the Foundry Standard Library, Sequence v3 wallet contracts, and ERC-4337 account abstraction, laying the groundwork for sophisticated smart contract interactions. Additionally, it enhances web application monitoring with Vercel Analytics and formalizes project metadata.

Highlights

  • Enhanced Development Environment: Integrated CodeSandbox with pnpm tasks for streamlined cloud-based development workflows, covering build, test, lint, and release processes.
  • Expanded CI/CD Infrastructure: Introduced new CircleCI and Azure Pipelines configurations, alongside updates to GitHub Actions for improved automation, dependency management, and testing across various environments.
  • Core Blockchain Infrastructure Upgrade: Incorporated signals-implicit-mode, forge-std (Foundry Standard Library), and sequence-v3 (Sequence wallet contracts with ERC-4337 account abstraction) as new submodules, significantly enhancing smart contract development and wallet capabilities.
  • Web Application & Analytics Integration: Updated Next.js applications (extras/docs and extras/web) to integrate Vercel Analytics for better performance monitoring and user insights, along with Next.js version updates.
  • Refined Project Metadata and Governance: Added CNAME, FUNDING.json, and SECURITY.md files to improve project discoverability, formalize funding mechanisms, and outline a clear security policy and vulnerability reporting process.
Ignored Files
  • Ignored by pattern: .github/workflows/** (7)
    • .github/workflows/Publish-Dists.yml
    • .github/workflows/fortify.yml
    • .github/workflows/nextjs.yml
    • .github/workflows/on_pr_pnpm-format-label.yml
    • .github/workflows/publish-dists.yml
    • .github/workflows/tests.yml
    • .github/workflows/web-sdk.yml
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jan 31, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a large number of configuration files and dependencies to set up the project for development in various environments, including CodeSandbox, CircleCI, Azure Pipelines, and GitHub Actions. It also adds issue templates, security policies, and funding information. The changes are mostly related to project setup and configuration. I've identified a few potential issues in the CI/CD and git hook configurations that should be addressed to ensure they function correctly and securely.

@Dargon789 Dargon789 enabled auto-merge January 31, 2026 11:04
@vercel
Copy link

vercel bot commented Jan 31, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
sequence-js-docs Ready Ready Preview, Comment Jan 31, 2026 11:08am
sequence-js-web Ready Ready Preview, Comment Jan 31, 2026 11:08am

@vercel

This comment was marked as outdated.

Sign in to view
@Dargon789 Dargon789 disabled auto-merge January 31, 2026 11:08
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 31, 2026
View reviewed changes
wagmi-project/packages/sequence-core-1.0.0/packages/services/builder/src/builder.gen.ts
protected path = '/rpc/Builder/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High library

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
...ges/sequence-core-1.0.0/packages/services/identity-instrument/src/identity-instrument.gen.ts
protected path = '/rpc/IdentityInstrument/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High library

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
wagmi-project/packages/sequence-core-1.0.0/packages/services/indexer/src/indexer.gen.ts
protected path = '/rpc/Indexer/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High library

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
wagmi-project/packages/sequence-core-1.0.0/packages/services/indexer/src/indexergw.gen.ts
protected path = '/rpc/IndexerGateway/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High library

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
...roject/packages/sequence-core-1.0.0/packages/services/relayer/src/rpc-relayer/relayer.gen.ts
protected path = '/rpc/Relayer/'

constructor(hostname: string, fetch: Fetch) {
this.hostname = hostname.replace(/\/*$/, '')

Check failure

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High library

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '/'.
@Dargon789 Dargon789 merged commit 35024c1 into master Jan 31, 2026
9 of 14 checks passed
@Dargon789 Dargon789 deleted the codesandbox branch January 31, 2026 11:37
@Dargon789 Dargon789 restored the codesandbox branch January 31, 2026 11:56
@vercel vercel bot temporarily deployed to Preview – sequence.js January 31, 2026 12:56 Inactive
@Dargon789 Dargon789 deleted the codesandbox branch January 31, 2026 15:51
@Dargon789 Dargon789 linked an issue Feb 3, 2026 that may be closed by this pull request
[vc]: #clean-circleci-directory-#267 #268
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[vc]: #clean-circleci-directory-#267

1 participant

@Dargon789