Migration of hardhat-upgrade to plugin to use hardhat v3

[afa7789]

⚠️ Changeset and versioning must be reviewed so we don't break versioning for users of previous version too ( hh2). ⚠️

Migration to Hardhat 3: ESM & Plugin Hooks

This PR migrates @openzeppelin/hardhat-upgrades to Hardhat 3, converting the package to ESM and adopting the new plugin hooks architecture. This is a major breaking change that replaces the legacy extendEnvironment pattern with HardhatPlugin hook handlers for config and Solidity initialization. Users must now utilize explicit async factory functions—await upgrades(hre, connection) and defender()—and manage network connectivity via await hre.network.connect(), as ethers is now obtained through the connection rather than the HRE.

• Technical Implementation & Compatibility

The package has been fully converted to ESM (type: module) using Node16 resolution. To ensure compatibility with Babel and NYC coverage, import...with { type: 'json' } statements were replaced with createRequire() across 15 files. Dependencies are updated to hardhat@^3.0.16, ethers v6, and the latest @nomicfoundation plugins.

Testing infrastructure now includes Solidity test support via the foundry-upgrades repository. To stabilize the environment, example projects were isolated using pnpm link protocols and local AVA configurations. CI/CD workflows were modified to initialize git submodules before installation and now include foundry-upgrades in npmFilesToBuild.

• Documentation & Known Constraints

A comprehensive MIGRATION.md has been added with before/after examples, and the README now reflects Hardhat 3 patterns. Please note that full hardhat-verify integration and certain namespace layouts are currently pending an upstream fix in Hardhat ([PR #7744](NomicFoundation/hardhat#7744)), which also impacts the provided example projects. While core functionality is tested and passing, some edge cases in verification may require further refinement following the upstream merge. We also need a new feature from the nomic team to allow access to their internal libraries for us to use them like in hh2, at the verify part.

[ericglau]

These are Hardhat internal subtasks, where Hardhat calls TASK_COMPILE_SOLIDITY -> TASK_COMPILE_SOLIDITY_COMPILE_JOBS -> TASK_COMPILE_SOLIDITY_COMPILE_JOB -> TASK_COMPILE_SOLIDITY_COMPILE. And only certain parts of those need to be overridden in our plugin. See https://github.com/NomicFoundation/hardhat/blob/09951afd78e49465f7949478919c9217a12e8338/packages/hardhat-core/src/builtin-tasks/compile.ts#L1366 for the v2 internal subtasks.

We may need to find the equivalents in v3.

[afa7789]

On it already.

it seems that there is no such function named subtask anymore, so I'm trying to find what is the alternative right now, so we can figure out how to do what we did before but in hardhat3.

[socket-security]

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		High CVE: npm glob CLI: Command injection via -c/--cmd executes matches with shell:true CVE: GHSA-5j98-mcp5-4vw2 glob CLI: Command injection via -c/--cmd executes matches with shell:true (HIGH) Affected versions: >= 11.0.0 < 11.1.0; >= 10.2.0 < 10.5.0 Patched version: 10.5.0 From: ? → npm/ava@6.4.1 → npm/glob@10.4.5 ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@10.4.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm @aws-sdk/credential-provider-process is 100.0% likely to have a medium risk anomaly Notes: This module implements the standard AWS 'credential_process' flow and is not itself obfuscated or malicious. However, it inherently executes arbitrary commands taken from AWS profile configuration (credential_process), which is a high-risk sink. The code includes validation of the command output but does not mitigate the core risk of executing untrusted commands. If profile files or the external exec interceptor are untrusted or can be modified by an attacker, this can lead to arbitrary command execution and credential misuse. Use only with trusted profile/config sources and review any externalDataInterceptor hooks in your environment. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/@aws-sdk/credential-provider-process@3.956.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-process@3.956.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm acorn is 100.0% likely to have a medium risk anomaly Notes: Overall, the analyzed code is a legitimate, well-structured Acorn 8.x parser fragment with robust handling for ES2020+ features. There is no direct malicious payload, backdoor, or exfiltration mechanism within this fragment. The primary security considerations relate to safe handling of untrusted input to avoid DoS via complex/ pathological RegExp usage or verbose error reporting. In a typical extension usage, isolate parsing to a sandbox and limit resource usage to mitigate potential abuse. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/ava@6.4.1 → npm/acorn@8.15.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/acorn@8.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm axios is 100.0% likely to have a medium risk anomaly Notes: The analyzed code is a standard Axios defaults/module implementation with no malicious behavior detected. It handles request/response transformations and content-type management in a typical, safe manner. No data exfiltration, backdoors, or privacy-invasive actions are present within this fragment. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/axios@1.13.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/axios@1.13.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm consola is 100.0% likely to have a medium risk anomaly Notes: The analyzed code fragment is a feature-rich, standard Consola logging utility responsible for redirecting and managing log output with throttling, pausing, and reporter integration. There is no direct evidence of malicious activity, hardcoded secrets, or exfiltration within this snippet. However, the powerful I/O overrides pose privacy and data flow risks if reporters or downstream sinks are untrusted. The security posture hinges on trusted reporters and proper governance of the overall supply chain. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/ava@6.4.1 → npm/consola@3.4.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/consola@3.4.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm esbuild is 100.0% likely to have a medium risk anomaly Notes: On its face this package.json looks like the legitimate esbuild package layout: it runs a local install.js during postinstall and defines many optional platform-specific packages. The main risk is that the uninspected install.js may perform arbitrary, privileged actions (download remote binaries, execute code, add hooks, exfiltrate data, etc.). You should audit the contents of install.js (and any code it downloads or executes) before trusting installation in sensitive environments. The package.json itself does not contain obvious malicious indicators (no http:// deps, no non-registry dependency URLs, no overrides), but the postinstall hook makes it potentially risky. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/tsx@4.21.0 → npm/esbuild@0.27.2 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/esbuild@0.27.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm foreground-child is 100.0% likely to have a medium risk anomaly Notes: The code implements a standard watchdog for child-process lifecycle management, aiming to prevent zombie processes when the parent exits. It is not inherently malicious, but reliability hinges on the correctness of the inline watchdog script and proper scoping of the PID. Potential improvements include addressing syntax reliability of the inline code, removing unnecessary no-op keepalive, and ensuring strict validation of the provided PID to mitigate accidental termination of unrelated processes. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/ava@6.4.1 → npm/foreground-child@3.3.1 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/foreground-child@3.3.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm glob is 100.0% likely to have a medium risk anomaly Notes: The analyzed code is a conventional, non-malicious implementation of glob pattern expansion and directory traversal. It reads filesystem data based on user-provided patterns but does not exhibit data exfiltration, remote communications, or code execution risks within this fragment. Overall security risk is low, with standard OS-specific handling for nocase behavior. Confidence: 1.00 Severity: 0.60 From: ? → npm/ava@6.4.1 → npm/glob@10.4.5 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@10.4.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm glob is 100.0% likely to have a medium risk anomaly Notes: The analyzed code is a conventional, non-malicious implementation of glob pattern expansion and directory traversal. It reads filesystem data based on user-provided patterns but does not exhibit data exfiltration, remote communications, or code execution risks within this fragment. Overall security risk is low, with standard OS-specific handling for nocase behavior. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/ava@6.4.1 → npm/glob@10.5.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@10.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm hardhat is 100.0% likely to have a medium risk anomaly Notes: The code is a security-conscious utility for running a compiler subprocess and collecting its output. It uses temporary files and careful stream handling to avoid large buffers and ensure proper cleanup. No suspicious data leakage, hardcoded credentials, or backdoors are evident. The primary risk is the inherent risk of spawning external processes, but this is standard for compilers in build tools and is mitigated by controlled I/O and error handling. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/package.json → npm/hardhat@3.1.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/hardhat@3.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm ignore is 100.0% likely to have a medium risk anomaly Notes: The code fragment represents a conventional, well-structured path-ignore utility with caching and recursive parent-directory evaluation. Windows path normalization is present for compatibility but does not indicate malicious intent. No indicators of data leakage, external communication, or covert backdoors were found. Security impact primarily revolves around correct ignore semantics rather than intrinsic vulnerabilities. The component remains appropriate for use in a broader security-conscious pipeline if used with careful awareness of what is being ignored. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/ava@6.4.1 → npm/ignore@7.0.5 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ignore@7.0.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm pbkdf2 is 100.0% likely to have a medium risk anomaly Notes: The code is a straightforward and correct PBKDF2 implementation using HMAC with support for multiple digests and standard input handling. No malicious behavior detected. Security risk mainly derives from correct usage (encodings, salt handling, and proper key length) and from the absence of explicit side-channel hardening within the function. Recommendations focus on careful integration and memory hygiene, and optional refinements for side-channel resilience in high-assurance contexts. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/pbkdf2@3.1.5 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/pbkdf2@3.1.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This fragment appears to be a bundler-generated bootstrap/initialization piece that imports many modules and executes an initialization function (r). No explicit malicious activity is evident within this fragment itself, but the risk stems from side effects of the imported modules on load. A careful review of the implementations of the imported modules (especially those exporting r and those performing initialization, build-time, or network/file operations) is recommended to rule out hidden telemetry, backdoors, or undesired side effects. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: No clear indicators of classic malware (no reverse shell, no network connections, no child_process usage, no hard-coded credentials). The primary risk is information leakage: the loader posts module load events and dependency paths to external consumers via p.port and O.send. In contexts where those channels are controlled by an untrusted or remote party, this could leak local file paths or project structure. The module otherwise performs expected loader duties (file reads, tsconfig handling, transforming CJS to ESM, returning data: URLs). Review runtime consumers of O and any provided p.port to ensure they are trusted before using this loader in a sensitive environment. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This module installs signal handlers and actively hides them from inspection by monkeypatching listener inspection APIs. In the main thread it can forward SIGINT/SIGTERM events to a remote client (via client.connectingToServer) and may exit the process after forwarding. The concealment is a noteworthy red flag: it makes detection and auditing harder and may be used to implement covert telemetry or control. The file alone is not conclusively malicious, but the combination of hiding handlers and forwarding signals to an external component warrants careful review of the client module (client-D6NvIMSC.cjs) and any network destinations it uses before trusting this package in sensitive environments. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: The module installs hidden signal handlers for SIGINT and SIGTERM, hides them from other code by monkey-patching process.listenerCount and process.listeners, forwards signals to an external client callback, and may force exit. That stealthy interception of process signals is suspicious from a supply-chain/security perspective because it can be used to intercept or suppress normal shutdown behavior and to forward events to another module which may perform network I/O or exfiltration. There is no direct evidence in this file of data exfiltration, reverse shell, or explicit malicious payload, but the hiding behavior and delegation to an external client warrant caution and further inspection of the imported client and cjs modules. Recommend auditing the client callback and cjs/index.cjs for network operations or data-leaking behavior before trusting this package. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm undici is 100.0% likely to have a medium risk anomaly Notes: The analyzed code appears to implement a standard in-memory cache batch operation flow (put/delete) with careful handling of response bodies by buffering and storing bytes for caching. No signs of malware, data exfiltration, backdoors, or obfuscated behavior were found. The primary security considerations relate to memory usage from buffering potentially large response bodies and ensuring robust validation within batch operations to prevent cache state corruption. Overall risk is moderate, driven by in-memory data handling rather than external communication. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/hardhat@3.1.0 → npm/@nomicfoundation/hardhat-ethers@4.0.3 → npm/undici@6.22.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/undici@6.22.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm zod is 100.0% likely to have a medium risk anomaly Notes: No explicit network exfiltration, reverse shell, or credential theft is present in this fragment. However, the code assembles and compiles arbitrary code via the Function constructor and invokes passed-in functions immediately (twice). That behavior constitutes a strong dangerous primitive (arbitrary code execution) which can be abused if any inputs (strings or args) are attacker-controlled. Treat this module as risky in threat models where inputs are not fully trusted; review call sites and sanitize/validate inputs or avoid dynamic evaluation. Confidence: 1.00 Severity: 0.60 From: packages/plugin-hardhat/example/TokenUUPS/pnpm-lock.yaml → npm/hardhat@3.1.0 → npm/zod@3.25.76 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/zod@3.25.76. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​sinon@​17.0.3 ⏵ 17.0.4	+1		+1
	@​openzeppelin/​upgrades-core@​2.0.0-alpha.0
	@​types/​node@​20.19.27
	tsx@​4.21.0
	hardhat@​2.22.9 ⏵ 3.1.0	+6		-8		+20
	esmock@​2.7.3
	ava@​6.1.3 ⏵ 6.4.1	+1
	cbor@​8.1.0 ⏵ 10.0.3
	ethers@​6.16.0
	typescript@​5.5.4 ⏵ 5.9.3			+1
	@​nomicfoundation/​hardhat-ethers@​3.0.7 ⏵ 4.0.3	+1		+1	-2
	@​nomicfoundation/​hardhat-verify@​2.0.14 ⏵ 3.0.3	-4		+1	+5
	@​nomicfoundation/​hardhat-ethers@​3.0.7 ⏵ 3.1.0	+1		+1	-1
	@​openzeppelin/​foundry-upgrades@​0.5.0-alpha.0

View full report

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch migrate/hardhat-3

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}