[Experiment] Chart fetching strategies (#631)

[Dargon789]

• WIP passkey signer

• cleanup

• Create SECURITY.md

• Create SECURITY.md

• Fix code scanning alert no. 1: Incomplete URL substring sanitization

• [Experiment] Chart fetching strategies

• Create codeql.yml

• update dependencies

• feat: upgrade nextjs-toploader from 1.6.12 to 3.8.16 ([Snyk] Upgrade nextjs-toploader from 1.6.12 to 3.8.16 #135)

Snyk has created this PR to upgrade nextjs-toploader from 1.6.12 to 3.8.16.

See this package in npm:
nextjs-toploader

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• feat: upgrade shiki from 1.27.0 to 3.2.1 ([Snyk] Upgrade shiki from 1.27.0 to 3.2.1 #133)

Snyk has created this PR to upgrade shiki from 1.27.0 to 3.2.1.

See this package in npm:
shiki

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade flexsearch from 0.7.43 to 0.8.143 ([Snyk] Upgrade flexsearch from 0.7.43 to 0.8.143 #134)

Snyk has created this PR to upgrade flexsearch from 0.7.43 to 0.8.143.

See this package in npm:
flexsearch

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @walletconnect/sign-client from 2.19.1 to 2.19.2 ([Snyk] Upgrade @walletconnect/sign-client from 2.19.1 to 2.19.2 #136)

Snyk has created this PR to upgrade @walletconnect/sign-client from 2.19.1 to 2.19.2.

See this package in npm:
@walletconnect/sign-client

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @coinbase/wallet-sdk from 4.3.0 to 4.3.2 ([Snyk] Upgrade @coinbase/wallet-sdk from 4.3.0 to 4.3.2 #138)

Snyk has created this PR to upgrade @coinbase/wallet-sdk from 4.3.0 to 4.3.2.

See this package in npm:
@coinbase/wallet-sdk

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: apps/playground-web/package.json to reduce vulnerabilities ([Snyk] Security upgrade eslint from 8.57.0 to 9.0.0 #148)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

• fix: apps/portal/package.json to reduce vulnerabilities ([Snyk] Security upgrade eslint from 8.57.0 to 9.0.0 #150)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

• fix: apps/wallet-ui/package.json to reduce vulnerabilities ([Snyk] Security upgrade eslint from 8.57.0 to 9.0.0 #149)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

• feat: upgrade @typescript-eslint/parser from 7.14.1 to 8.29.1 ([Snyk] Upgrade @typescript-eslint/parser from 7.14.1 to 8.29.1 #153)

Snyk has created this PR to upgrade @typescript-eslint/parser from 7.14.1 to 8.29.1.

See this package in npm:
@typescript-eslint/parser

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/55409c6b-2ed0-4583-b8cd-a5bcabfd7aaa?utm_source=github&utm_medium=referral&page=upgrade-pr

• feat: upgrade tailwindcss from 3.4.17 to 4.1.3 ([Snyk] Upgrade tailwindcss from 3.4.17 to 4.1.3 #154)

Snyk has created this PR to upgrade tailwindcss from 3.4.17 to 4.1.3.

See this package in npm:
tailwindcss

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/55409c6b-2ed0-4583-b8cd-a5bcabfd7aaa?utm_source=github&utm_medium=referral&page=upgrade-pr

• chore(deps): bump @radix-ui/react-hover-card from 1.1.7 to 1.1.11 (chore(deps): bump @radix-ui/react-hover-card from 1.1.7 to 1.1.11 #145)

Bumps @radix-ui/react-hover-card from 1.1.7 to 1.1.11.

• Changelog
• Commits

---

updated-dependencies:

• dependency-name: "@radix-ui/react-hover-card" dependency-version: 1.1.11 dependency-type: direct:production update-type: version-update:semver-patch ...

• chore(deps-dev): bump @chakra-ui/cli from 2.5.6 to 3.16.1 (chore(deps-dev): bump @chakra-ui/cli from 2.5.6 to 3.16.1 #146)

Bumps @chakra-ui/cli from 2.5.6 to 3.16.1.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: "@chakra-ui/cli" dependency-version: 3.16.1 dependency-type: direct:development update-type: version-update:semver-major ...

• chore(deps-dev): bump vite (chore(deps-dev): bump vite from 6.2.6 to 6.2.7 in /packages/thirdweb in the npm_and_yarn group across 1 directory #155)

Bumps the npm_and_yarn group with 1 update in the /packages/thirdweb directory: vite.

Updates vite from 6.2.6 to 6.2.7

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: vite dependency-version: 6.2.7 dependency-type: direct:development dependency-group: npm_and_yarn ...

• Create nextjs.yml (Create nextjs.yml #160)

• Create fluffy-rats-jog.md

• Create static.yml

• Create seven-goats-move.md (Create seven-goats-move.md #164)

• Create jekyll-gh-pages.yml (Create jekyll-gh-pages.yml #166)

• chore(deps-dev): bump vite from 6.3.2 to 6.3.4 in the npm_and_yarn group

Bumps the npm_and_yarn group with 1 update: vite.

Updates vite from 6.3.2 to 6.3.4

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: vite dependency-version: 6.3.4 dependency-type: direct:development dependency-group: npm_and_yarn ...

• Patch 1 (Patch 1 #165)

• [NEB-69] Nebula: Add UI for Swap and Approve transactions

• Create happy-dodos-reflect.md

---

• Create old-ants-melt.md

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.806.0

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.806.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: apps/wallet-ui/package.json to reduce vulnerabilities ([Snyk] Security upgrade eslint from 8.57.0 to 9.0.0 #220)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116

• fix: packages/thirdweb/package.json to reduce vulnerabilities ([Snyk] Security upgrade @aws-sdk/credential-providers from 3.592.0 to 3.606.0 #223)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-7573289

• feat: upgrade tailwindcss from 3.4.17 to 4.1.11 ([Snyk] Upgrade tailwindcss from 3.4.17 to 4.1.11 #239)

Snyk has created this PR to upgrade tailwindcss from 3.4.17 to 4.1.11.

See this package in npm:
tailwindcss

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/0cb37033-dec9-46d7-ae3a-94e1b0ed5ca6?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: apps/wallet-ui/package.json to reduce vulnerabilities ([Snyk] Security upgrade next from 15.3.5 to 15.4.2 #307)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-NEXT-12299318
• https://snyk.io/vuln/SNYK-JS-NEXT-12301496
• https://snyk.io/vuln/SNYK-JS-NEXT-12265451

• Playground: Fix build error

• fix: packages/thirdweb/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-HAPPYDOM-13559227

• fix: packages/thirdweb/package.json to reduce vulnerabilities ([Snyk] Security upgrade happy-dom from 17.4.4 to 20.0.0 #367)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-HAPPYDOM-13535083

• fix: upgrade @aws-sdk/credential-providers from 3.606.0 to 3.908.0 ([Snyk] Upgrade @aws-sdk/credential-providers from 3.606.0 to 3.908.0 #396)

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.606.0 to 3.908.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: apps/wallet-ui/package.json to reduce vulnerabilities ([Snyk] Security upgrade next from 15.4.2 to 15.4.8 #436)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-NEXT-14173355

• fix: apps/portal/package.json to reduce vulnerabilities ([Snyk] Security upgrade next from 15.3.5 to 15.3.8 #453)

The following vulnerabilities are fixed with an upgrade:

• https://snyk.io/vuln/SNYK-JS-NEXT-14400636
• https://snyk.io/vuln/SNYK-JS-NEXT-14400644

• Version Packages

• Bump tailwind-merge from 2.6.0 to 3.4.0 (Bump tailwind-merge from 2.6.0 to 3.4.0 #475)

Bumps tailwind-merge from 2.6.0 to 3.4.0.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: tailwind-merge dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-major ...

• Dargon789 patch 1 (Dargon789 patch 1 #477)

• Create SECURITY.md

• Create SECURITY.md

• Fix code scanning alert no. 1: Incomplete URL substring sanitization

• Create nextjs.yml

• Circleci project setup (Circleci project setup #121)

• Add .circleci/config.yml

• Add .circleci/config.yml

• Create tender-tigers-smash.md (Create tender-tigers-smash.md #157)

• Update SECURITY.md

• Update .changeset/tender-tigers-smash.md

---

• Demo test app (Demo test app #478)

• Expand FAQ with Dedicated Relayer FAQs

Added information about gas sponsorship and dedicated relayer features.

• Update apps/portal/src/app/wallets/faq/page.mdx

---

• Alert autofix 3 (Alert autofix 3 #479)

• Create SECURITY.md

• Create SECURITY.md

• Fix code scanning alert no. 1: Incomplete URL substring sanitization

• Potential fix for code scanning alert no. 3: Insecure randomness

• Potential fix for code scanning alert no. 63: Creating biased random numbers from a cryptographically secure source

---

• Bump the npm_and_yarn group across 1 directory with 3 updates (Bump the npm_and_yarn group across 1 directory with 3 updates #468)

Bumps the npm_and_yarn group with 3 updates in the / directory: happy-dom, vite and next.

Updates happy-dom from 17.4.4 to 20.0.2

• Release notes
• Commits

Updates vite from 7.1.7 to 7.1.11

• Release notes
• Changelog
• Commits

Updates next from 15.3.8 to 15.4.10

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: vite dependency-version: 7.1.11 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: next dependency-version: 15.4.10 dependency-type: direct:production dependency-group: npm_and_yarn ...

• fix: upgrade posthog-js from 1.256.1 to 1.301.0

Snyk has created this PR to upgrade posthog-js from 1.256.1 to 1.301.0.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/9e426fda-67e3-407b-97c7-31a7f23d354f?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• Alert autofix 3 (Alert autofix 3 #495)

• Create SECURITY.md

• Create SECURITY.md

• Fix code scanning alert no. 1: Incomplete URL substring sanitization

• Potential fix for code scanning alert no. 3: Insecure randomness

• Potential fix for code scanning alert no. 63: Creating biased random numbers from a cryptographically secure source

• Update apps/nebula/src/app/(app)/chat/history/ChatHistoryPage.stories.tsx

---

• fix: upgrade @aws-sdk/client-lambda from 3.592.0 to 3.945.0

Snyk has created this PR to upgrade @aws-sdk/client-lambda from 3.592.0 to 3.945.0.

See this package in npm:
@aws-sdk/client-lambda

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/43dedf32-8474-4b27-9807-1476b30ddc33?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• 2025 wrapped

• coderabbit fix + lint fix

• feat: upgrade @next/mdx from 15.3.8 to 16.0.9 ([Snyk] Upgrade @next/mdx from 15.3.8 to 16.0.9 #529)

Snyk has created this PR to upgrade @next/mdx from 15.3.8 to 16.0.9.

See this package in npm:
@next/mdx

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/8e2d836e-87a2-45e4-84cc-3e8e3d441352?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• feat: upgrade @next/eslint-plugin-next from 15.3.8 to 16.0.9 ([Snyk] Upgrade @next/eslint-plugin-next from 15.3.8 to 16.0.9 #528)

Snyk has created this PR to upgrade @next/eslint-plugin-next from 15.3.8 to 16.0.9.

See this package in npm:
@next/eslint-plugin-next

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/8e2d836e-87a2-45e4-84cc-3e8e3d441352?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• fix: upgrade typescript from 5.8.3 to 5.9.3 ([Snyk] Upgrade typescript from 5.8.3 to 5.9.3 #501)

Snyk has created this PR to upgrade typescript from 5.8.3 to 5.9.3.

See this package in npm:
typescript

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/8e2d836e-87a2-45e4-84cc-3e8e3d441352?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• [Snyk] Upgrade ox from 0.4.2 to 0.6.9 ([Snyk] Upgrade ox from 0.4.2 to 0.6.9 #31)

• update

• build(deps): bump shiki from 1.27.0 to 2.3.2

Bumps shiki from 1.27.0 to 2.3.2.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: shiki dependency-type: direct:production update-type: version-update:semver-major ...

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/client-kms

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade posthog-js from 1.67.1 to 1.210.2

Snyk has created this PR to upgrade posthog-js from 1.67.1 to 1.210.2.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade ox from 0.4.2 to 0.6.9

Snyk has created this PR to upgrade ox from 0.4.2 to 0.6.9.

See this package in npm:
ox

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

---

• Snyk upgrade 17006d71110c1034fc178f5d18144bc8 (Snyk upgrade 17006d71110c1034fc178f5d18144bc8 #533)

• update

• build(deps): bump shiki from 1.27.0 to 2.3.2

Bumps shiki from 1.27.0 to 2.3.2.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: shiki dependency-type: direct:production update-type: version-update:semver-major ...

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/client-kms

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade posthog-js from 1.67.1 to 1.210.2

Snyk has created this PR to upgrade posthog-js from 1.67.1 to 1.210.2.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade viem from 2.21.55 to 2.22.15

Snyk has created this PR to upgrade viem from 2.21.55 to 2.22.15.

See this package in npm:
viem

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

---

• feat: upgrade @types/node from 22.14.1 to 24.3.0 (feat: upgrade @types/node from 22.14.1 to 24.3.0 #534)

• feat: upgrade @types/node from 22.14.1 to 24.3.0

Snyk has created this PR to upgrade @types/node from 22.14.1 to 24.3.0.

See this package in npm:
@types/node

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/9a56ac76-05fd-4540-8761-ad10dfd5dfdf?utm_source=github&utm_medium=referral&page=upgrade-pr

• Update package.json

---

• Potential fix for code scanning alert no. 60: Server-side request forgery

• Potential fix for code scanning alert no. 46: Server-side request forgery

• Potential fix for code scanning alert no. 56: Server-side request forgery

• Potential fix for code scanning alert no. 61: Server-side request forgery

• Potential fix for code scanning alert no. 54: Server-side request forgery

• Potential fix for code scanning alert no. 53: Server-side request forgery

• Update apps/dashboard/src/@/actions/auth-actions.ts

• Potential fix for code scanning alert no. 64: Server-side request forgery

• Potential fix for code scanning alert no. 55: Server-side request forgery

• Snyk upgrade 17006d71110c1034fc178f5d18144bc8 (Snyk upgrade 17006d71110c1034fc178f5d18144bc8 #536)

• update

• build(deps): bump shiki from 1.27.0 to 2.3.2

Bumps shiki from 1.27.0 to 2.3.2.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: shiki dependency-type: direct:production update-type: version-update:semver-major ...

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/client-kms

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade posthog-js from 1.67.1 to 1.210.2

Snyk has created this PR to upgrade posthog-js from 1.67.1 to 1.210.2.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade viem from 2.21.55 to 2.22.15

Snyk has created this PR to upgrade viem from 2.21.55 to 2.22.15.

See this package in npm:
viem

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

---

• feat: upgrade @wagmi/core from 2.21.2 to 3.0.0 ([Snyk] Upgrade @wagmi/core from 2.21.2 to 3.0.0 #482)

Snyk has created this PR to upgrade @wagmi/core from 2.21.2 to 3.0.0.

See this package in npm:
@wagmi/core

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/876361dc-4d03-4b90-aa57-cef3ee7c9ef8?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• Fix: useWalletBalance and the useActiveAccount to work with (Use account params #541)

0x{string} addresses instead of strings.

• Snyk upgrade 17006d71110c1034fc178f5d18144bc8 (Snyk upgrade 17006d71110c1034fc178f5d18144bc8 #547)

• update

• build(deps): bump shiki from 1.27.0 to 2.3.2

Bumps shiki from 1.27.0 to 2.3.2.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: shiki dependency-type: direct:production update-type: version-update:semver-major ...

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0

Snyk has created this PR to upgrade @aws-sdk/client-kms from 3.592.0 to 3.734.0.

See this package in npm:
@aws-sdk/client-kms

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/e7fa878f-9d48-45bd-a72d-921183752fef?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade posthog-js from 1.67.1 to 1.210.2

Snyk has created this PR to upgrade posthog-js from 1.67.1 to 1.210.2.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• fix: upgrade viem from 2.21.55 to 2.22.15

Snyk has created this PR to upgrade viem from 2.21.55 to 2.22.15.

See this package in npm:
viem

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/b2aa4281-7627-443a-bbf2-b110a878f4b9?utm_source=github&utm_medium=referral&page=upgrade-pr

---

• Bump the npm_and_yarn group across 4 directories with 2 updates (Bump the npm_and_yarn group across 4 directories with 2 updates #532)

Bumps the npm_and_yarn group with 2 updates in the /apps/dashboard directory: next and storybook.
Bumps the npm_and_yarn group with 1 update in the /apps/nebula directory: storybook.
Bumps the npm_and_yarn group with 1 update in the /packages/thirdweb directory: storybook.
Bumps the npm_and_yarn group with 1 update in the /packages/ui directory: storybook.

Updates next from 15.2.0 to 15.4.10

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates next from 15.2.0 to 15.4.10

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates next from 15.2.0 to 15.4.10

• Release notes
• Changelog
• Commits

Updates next from 15.2.0 to 15.4.10

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 8.6.2 to 8.6.15

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

Updates storybook from 9.0.15 to 9.1.17

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: next dependency-version: 15.4.10 dependency-type: direct:production dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: next dependency-version: 15.4.10 dependency-type: direct:production dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: next dependency-version: 15.4.10 dependency-type: direct:production dependency-group: npm_and_yarn
• dependency-name: next dependency-version: 15.4.10 dependency-type: direct:production dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 8.6.15 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn
• dependency-name: storybook dependency-version: 9.1.17 dependency-type: direct:development dependency-group: npm_and_yarn ...

• feat: upgrade @next/eslint-plugin-next from 15.2.0 to 16.0.10 ([Snyk] Upgrade @next/eslint-plugin-next from 15.2.0 to 16.0.10 #546)

Snyk has created this PR to upgrade @next/eslint-plugin-next from 15.2.0 to 16.0.10.

See this package in npm:
@next/eslint-plugin-next

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/4d6acffe-6303-4c14-bc35-3a7b6f6e9d17?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/credential-providers from 3.592.0 to 3.948.0 ([Snyk] Upgrade @aws-sdk/credential-providers from 3.592.0 to 3.948.0 #524)

Snyk has created this PR to upgrade @aws-sdk/credential-providers from 3.592.0 to 3.948.0.

See this package in npm:
@aws-sdk/credential-providers

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/43dedf32-8474-4b27-9807-1476b30ddc33?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• fix: upgrade posthog-js from 1.67.1 to 1.306.1 ([Snyk] Upgrade posthog-js from 1.67.1 to 1.306.1 #544)

Snyk has created this PR to upgrade posthog-js from 1.67.1 to 1.306.1.

See this package in npm:
posthog-js

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/4d6acffe-6303-4c14-bc35-3a7b6f6e9d17?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• feat: upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0 ([Snyk] Upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0 #543)

Snyk has created this PR to upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0.

See this package in npm:
@typescript-eslint/parser

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/4d6acffe-6303-4c14-bc35-3a7b6f6e9d17?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• feat: upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0 ([Snyk] Upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0 #527)

Snyk has created this PR to upgrade @typescript-eslint/parser from 7.14.1 to 8.49.0.

See this package in npm:
@typescript-eslint/parser

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/8e2d836e-87a2-45e4-84cc-3e8e3d441352?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• fix: upgrade @aws-sdk/client-kms from 3.592.0 to 3.948.0 ([Snyk] Upgrade @aws-sdk/client-kms from 3.592.0 to 3.948.0 #525)

Snyk has created this PR to upgrade @aws-sdk/client-kms from 3.592.0 to 3.948.0.

See this package in npm:
@aws-sdk/client-kms

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/43dedf32-8474-4b27-9807-1476b30ddc33?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• Bump @storybook/react from 8.5.0 to 10.1.11 (Bump @storybook/react from 8.5.0 to 10.1.11 #514)

Bumps @storybook/react from 8.5.0 to 10.1.11.

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: "@storybook/react" dependency-version: 10.1.11 dependency-type: direct:development update-type: version-update:semver-major ...

• feat: upgrade @types/node from 22.14.1 to 24.0.15 (feat: upgrade @types/node from 22.14.1 to 24.0.15 #550)

Snyk has created this PR to upgrade @types/node from 22.14.1 to 24.0.15.

See this package in npm:
@types/node

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/a19f499f-38be-44a8-b151-119edbfc95d2?utm_source=github&utm_medium=referral&page=upgrade-pr

• Bump toshimaru/auto-author-assign from 2.1.1 to 3.0.1 (Bump toshimaru/auto-author-assign from 2.1.1 to 3.0.1 #513)

Bumps toshimaru/auto-author-assign from 2.1.1 to 3.0.1.

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: toshimaru/auto-author-assign dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major ...

• Bump actions/upload-pages-artifact from 3 to 4 (Bump actions/upload-pages-artifact from 3 to 4 #512)

Bumps actions/upload-pages-artifact from 3 to 4.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: actions/upload-pages-artifact dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ...

• Bump actions/checkout from 4 to 6 (Bump actions/checkout from 4 to 6 #511)

Bumps actions/checkout from 4 to 6.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ...

• chore(deps): bump @hey-api/client-fetch from 0.10.0 to 0.13.1 (chore(deps): bump @hey-api/client-fetch from 0.10.0 to 0.13.1 #460)

Bumps @hey-api/client-fetch from 0.10.0 to 0.13.1.

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: "@hey-api/client-fetch" dependency-version: 0.13.1 dependency-type: direct:production update-type: version-update:semver-minor ...

• Bump knip from 5.60.2 to 5.76.3 (Bump knip from 5.60.2 to 5.76.3 #473)

Bumps knip from 5.60.2 to 5.76.3.

• Release notes
• Commits

---

updated-dependencies:

• dependency-name: knip dependency-version: 5.76.3 dependency-type: direct:development update-type: version-update:semver-minor ...

• Bump @radix-ui/react-checkbox from 1.3.2 to 1.3.3 (Bump @radix-ui/react-checkbox from 1.3.2 to 1.3.3 #474)

• Bump @radix-ui/react-checkbox from 1.3.2 to 1.3.3

Bumps @radix-ui/react-checkbox from 1.3.2 to 1.3.3.

• Changelog
• Commits

---

updated-dependencies:

• dependency-name: "@radix-ui/react-checkbox" dependency-version: 1.3.3 dependency-type: direct:production update-type: version-update:semver-patch ...

• Bump @radix-ui/react-checkbox from 1.3.2 to 1.3.3

Bumps @radix-ui/react-checkbox from 1.3.2 to 1.3.3.

• Changelog
• Commits

---

updated-dependencies:

• dependency-name: "@radix-ui/react-checkbox" dependency-version: 1.3.3 dependency-type: direct:production update-type: version-update:semver-patch ...

---

• feat: upgrade @next/bundle-analyzer from 15.2.0 to 16.0.10 ([Snyk] Upgrade @next/bundle-analyzer from 15.2.0 to 16.0.10 #545)

Snyk has created this PR to upgrade @next/bundle-analyzer from 15.2.0 to 16.0.10.

See this package in npm:
@next/bundle-analyzer

See this project in Snyk:
https://app.snyk.io/org/dargon789/project/4d6acffe-6303-4c14-bc35-3a7b6f6e9d17?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

• build(deps-dev): bump vite from 6.0.3 to 6.0.10 (build(deps-dev): bump vite from 6.0.3 to 6.0.10 thirdweb-dev/js#6002) (build(deps-dev): bump vite from 6.0.3 to 6.0.10 (thirdweb-dev#6002)  #537)

• build(deps-dev): bump vite from 6.0.3 to 6.0.10 (build(deps-dev): bump vite from 6.0.3 to 6.0.10 thirdweb-dev/js#6002) (build(deps-dev): bump vite from 6.0.3 to 6.0.10 (thirdweb-dev#6002)  #535)

• [MNY-243] Update /pay page to render BuyWidget ([MNY-243] Update /pay page to render BuyWidget thirdweb-dev/js#8297)

• Update airdrop tokens reference link (Update airdrop tokens reference link thirdweb-dev/js#8197)

• [Docs] Add guide for using ConnectButton with wagmi application ([Docs] Add guide for using ConnectButton with wagmi application thirdweb-dev/js#8294)

• [SDK] Add EIP-5792 support for EIP1193.toProvider() ([SDK] Add EIP-5792 support for EIP1193.toProvider() thirdweb-dev/js#8298)

• [SDK] Fix: update React Native Send Funds screen to allow decimal amounts ([SDK] Fix: update React Native Send Funds screen to allow decimal amounts thirdweb-dev/js#8299)

• Version Packages (Version Packages thirdweb-dev/js#8300)

• Update factory (Update factory thirdweb-dev/js#8301)

---

PR-Codex overview

This PR introduces a patch for the thirdweb package, adding a new factory address for the create2 deployment on the Neura testnet.

Detailed summary

• Added a new factory address for 267: 0x4e59b44847b379578588920cA78FbF26c0B4956C to the FACTORIES record in create-2-factory.ts.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features
  • Added support for Neura testnet in Create2 factory deployments.

• [MNY-237] SDK: Update theme colors, minor UI tweaks ([MNY-237] SDK: Update theme colors, minor UI tweaks thirdweb-dev/js#8305)

---

PR-Codex overview

This PR focuses on updating theme colors and making minor UI tweaks across various React components in the thirdweb package.

Detailed summary

• Updated weight from 600 to 500 in multiple components' Text.
• Adjusted border styles in Container components.
• Modified padding and margin in several layout elements.
• Enhanced UI elements with consistent letterSpacing and fontSize.
• Added new theme stories for darkThemeObj and lightThemeObj.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features
  • Added Storybook theme showcase displaying color tokens and design system palette
• Bug Fixes
  • Improved loading skeleton UI with better scrollable layout and visual consistency
• Style
  • Refactored theme system with explicit color objects
  • Updated button styling with adjusted border radius and padding
  • Refined typography (font weights) across UI components
  • Adjusted layout spacing and padding throughout Bridge and wallet components
  • Increased QR code size for improved visibility
• Chores
  • Added changeset documentation for patch release

• Dashboard: Fix horizontal overflow in /bridge page (Dashboard: Fix horizontal overflow in /bridge page thirdweb-dev/js#8302)

---

PR-Codex overview

This PR focuses on enhancing the styling of the bridge-page component by adding an overflow-hidden class to a div, which likely improves the layout and prevents overflow issues.

Detailed summary

• Added overflow-hidden class to the div in the bridge-page component to manage overflow behavior.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Style
  • Updated the bridge page container to refine content display behavior and ensure consistent visual presentation.

• [MNY-289] SDK: Fix token selection UI loading state when wallet is connected to a chain that is not supported by tw bridge ([MNY-289] SDK: Fix token selection UI loading state when wallet is connected to a chain that is not supported by tw bridge thirdweb-dev/js#8304)

---

PR-Codex overview

This PR addresses an issue with the Select Token UI being stuck in a loading state when the wallet is connected to an unsupported chain by the thirdweb Bridge. It modifies the logic for selecting the default chain in various widgets.

Detailed summary

• Updated the function from getDefaultSelectedChain to findChain for clarity.
• Improved logic to handle cases where activeChainId is undefined.
• Adjusted the selection of selectedChain to use the new findChain function, ensuring proper fallback options.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

Bug Fixes

• Fixed Select Token components from remaining in loading state when the connected wallet chain is not supported by thirdweb Bridge. This affects BuyWidget, SwapWidget, and BridgeWidget.

• [Playground] Use production API URL ([Playground] Use production API URL thirdweb-dev/js#8307)

• Filter out null-ish values from ERC721 and ERC1155 getNFTs() arrays (Filter out null-ish values from ERC721 and ERC1155 getNFTs() arrays thirdweb-dev/js#8311)

• Handle null metadata in ERC721 and ERC1155 getNFT functions (Handle null metadata in ERC721 and ERC1155 getNFT functions thirdweb-dev/js#8312)

• [X402] Fix network comparison in decodePaymentRequest ([X402] Fix network comparison in decodePaymentRequest thirdweb-dev/js#8313)

• Version Packages (Version Packages thirdweb-dev/js#8303)

• [SDK] Enhance compatibility with third party x402 libs ([SDK] Enhance compatibility with third party x402 libs thirdweb-dev/js#8314)

• Version Packages (Version Packages thirdweb-dev/js#8315)

• Dashboard: /pay/ page UI improvements, SDK: CheckoutWidget minor UI tweaks (Dashboard: /pay/<id> page UI improvements, SDK: CheckoutWidget minor UI tweaks thirdweb-dev/js#8310)

---

PR-Codex overview

This PR focuses on UI enhancements and minor adjustments in the CheckoutWidget and related components of the payment dashboard, improving styling, layout, and functionality.

Detailed summary

• Minor UI adjustments in CheckoutWidget.
• Updated formatTokenBalance.ts to allow more flexible currency formatting.
• Added trackingTight prop to Text in FiatValue.tsx.
• Enhanced PayPageWidget with new class names for styling.
• Adjusted color values in SDK theme definitions.
• Improved layout and spacing in WithHeader.tsx.
• Modified text properties in DirectPayment.tsx for better readability.
• Created a new PayIdPageHeader component for improved header structure.
• Replaced complex JSX in PayPage with cleaner component structure, including DotsBackgroundPattern.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features

  • Theme toggle added to Pay page headers; streamlined Pay page header and layout with decorative background.

• Style

  • Refined secondary/tertiary button and background colors, typography weights/letter spacing, spacing and divider styles.
  • Adjusted price and label styling, currency formatting precision, and visual spacing around branding.
  • Pay widget now uses a fallback image when no project image is provided.

• Chores

  • Added changelog entry documenting a patch release.

• Update x402 default payment validity window (Update x402 default payment validity window thirdweb-dev/js#8317)

• [SDK] Update x402 dependency and export additional types ([SDK] Update x402 dependency and export additional types thirdweb-dev/js#8319)

• Version Packages (Version Packages thirdweb-dev/js#8318)

• SDK: Fix Safe wallet connection issues with WalletConnect (SDK: Fix Safe wallet connection issues with WalletConnect thirdweb-dev/js#8327)

---

PR-Codex overview

This PR addresses issues with the Safe wallet connection when using WalletConnect, ensuring better handling of account retrieval.

Detailed summary

• Updated the comment for account retrieval to clarify that it grabs the address from mainnet if available.
• Modified the firstAccountOn function to return the first account from the session if no matching account is found.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Bug Fixes
  • Fixed Safe wallet connection issues with WalletConnect

• Dashboard: Update faucet amount for arc testnet (Dashboard: Update faucet amount for arc testnet thirdweb-dev/js#8326)

---

PR-Codex overview

This PR adds a new entry for the Arc testnet in the faucet.ts file, enhancing the functionality to support an additional test network alongside the existing Sophon testnet.

Detailed summary

• Added a comment for Arc testnet.
• Introduced a new entry 5042002: 1 for the Arc testnet.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features
  • Introduced faucet support for the Arc testnet, allowing users connected to this network to claim test funds.
  • The claim amount on Arc is set to 1, ensuring consistent and predictable claims on that network.
  • Existing networks and the default claim behavior remain unchanged, preserving current user flows while expanding testnet coverage.

• Dashboard: Use monotone curve type for AreaChart to avoid clipping (Dashboard: Use monotone curve type for AreaChart to avoid clipping thirdweb-dev/js#8329)

---

PR-Codex overview

This PR focuses on updating the type property for charts from natural to monotone in various components to improve the visual representation of the data.

Detailed summary

• In empty-chart-state.tsx, changed type from natural to monotone.
• In area-chart.tsx, changed type from natural to monotone.
• In ErrorRate.tsx, changed type from natural to monotone.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Style
  • Updated chart line rendering across multiple dashboard components for improved visual consistency. Area and bar charts now use refined curve interpolation for smoother data visualization.

• add arc testnet to chains package (add arc testnet to chains package thirdweb-dev/js#8325)

• [Paywall] Support string price format when tokenAddress is not provided ([Paywall] Support string price format when tokenAddress is not provided thirdweb-dev/js#8330)

• [X402] Simplify FacilitatorNetworkSchema to accept any string ([X402] Simplify FacilitatorNetworkSchema to accept any string thirdweb-dev/js#8331)

• Version Packages (Version Packages thirdweb-dev/js#8328)

• Update implementations (Update implementations thirdweb-dev/js#8334)

---

PR-Codex overview

This PR focuses on updating the MarketplaceV3 contract addresses and the ZKSYNC_WETH token addresses in the implementations.ts file.

Detailed summary

• Updated MarketplaceV3 address for network 232 from 0x9742f5ac11958cFAd151eBF0Fc31302fA409036E to 0xB7387cF425eC8Da1b04b8E34De86245cb32bCA6D.
• Updated MarketplaceV3 address for network 37111 from 0x56Abb6a3f25DCcdaDa106191053b1CC54C196DEE to 0xF8fd1016420c2B7832714241d36Efe55D41df126.
• Updated ZKSYNC_WETH address for network 232 from 0xE5ecd226b3032910CEaa43ba92EE8232f8237553 to 0x6bDc36E20D267Ff0dd6097799f82e78907105e2F.
• Updated ZKSYNC_WETH address for network 37111 from 0xaA91D645D7a6C1aeaa5988e0547267B77d33fe16 to 0xeee5a340Cdc9c179Db25dea45AcfD5FE8d4d3eB8.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Chores
  • Updated contract addresses for zkSync networks: MarketplaceV3 and WETH addresses replaced for chain 232 and chain 37111.
  • Added a changeset marking a patch release (release metadata).
  • No public A…

[sourcery-ai]

Sorry @Dargon789, your pull request is larger than the review limit of 150000 diff characters

[gemini-code-assist]

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly updates the project by introducing a new 'Year in Review' feature, bolstering security through comprehensive input validation and URL sanitization, and performing a wide array of dependency upgrades. It also refines the Nebula chat interface with new transaction components and explores various chart data fetching strategies to optimize performance. Additionally, wallet SDK functionalities have been improved, and initial CI/CD infrastructure has been set up.

Highlights

• New 'Year in Review' Feature: Introduced a 'Rewind' feature with a dedicated modal and badge in the dashboard, allowing users to view their yearly statistics on RPC requests, wallet connections, and sponsored transactions. This feature is designed to appear in December or January and reports analytics upon viewing.
• Enhanced Security Measures: Addressed several code scanning alerts by implementing robust input validation and URL sanitization across various API endpoints and internal functions. This includes preventing path traversal, insecure randomness, and server-side request forgery vulnerabilities.
• Extensive Dependency Upgrades: Performed numerous package upgrades across the monorepo, including critical updates for Next.js (to v16.1.5), Tailwind CSS (to v4.1.11), TypeScript (to v5.9.3), React (to v19.x), and various @radix-ui, @aws-sdk, @typescript-eslint, and Storybook packages, ensuring improved performance, stability, and security.
• Nebula Chat UI Improvements: Enhanced the Nebula chat interface with new components for executing and approving transactions (Swap and Approve Transaction Cards), providing a more interactive and functional user experience within the AI assistant.
• Chart Data Fetching Strategies Experiment: Added experimental pages to test different chart data fetching strategies: Client-side, Server Components (RSC), a hybrid RSC + Client approach, Client-side with IndexedDB persistence, and Responsive RSC. This aims to evaluate and optimize data loading performance.
• Wallet SDK Refinements: Implemented fixes for Safe wallet connection issues with WalletConnect, ensured useWalletBalance and useActiveAccount correctly handle 0x{string} addresses, and enhanced compatibility with third-party x402 libraries.
• Infrastructure and CI/CD Setup: Added initial CircleCI configuration and a SECURITY.md file to establish continuous integration practices and a clear security policy for the project.

Ignored Files

• Ignored by pattern: .github/workflows/** (6)
  • .github/workflows/CI.yml
  • .github/workflows/codeql-analysis.yml
  • .github/workflows/codeql.yml
  • .github/workflows/nextjs.yml
  • .github/workflows/release.yml
  • .github/workflows/static.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new 'Year in Review' (Rewind) feature to the dashboard, including a dedicated page, a badge in the header, and a modal to display aggregated user statistics (RPC requests, wallet connections, sponsored transactions) for 2025. It also adds initial CircleCI configuration and a SECURITY.md file. Significant dependency updates were performed across multiple packages, including Next.js and React. Crucially, several security enhancements were implemented, such as input validation and sanitization for team IDs, project slugs, and API endpoints to prevent path traversal and injection vulnerabilities. Additionally, the httpOnly flag for the COOKIE_ACTIVE_ACCOUNT cookie was changed from true to false, which a reviewer noted could expose the cookie to Cross-Site Scripting (XSS) attacks and recommended reverting if client-side access is not strictly necessary. The Nebula app received UI components for Swap and Approve transactions, and various internal thirdweb package updates were made, including fixes for p-limit error handling, marketplace test improvements, and smart wallet logic adjustments.