Skip to content

chore(deps): bump the frontend-dependencies group in /bimex-frontend with 8 updates#210

Merged
David1984TK merged 1 commit into
mainfrom
dependabot/npm_and_yarn/bimex-frontend/frontend-dependencies-f96c76b3ee
Jul 7, 2026
Merged

chore(deps): bump the frontend-dependencies group in /bimex-frontend with 8 updates#210
David1984TK merged 1 commit into
mainfrom
dependabot/npm_and_yarn/bimex-frontend/frontend-dependencies-f96c76b3ee

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the frontend-dependencies group in /bimex-frontend with 8 updates:

Package From To
@creit.tech/stellar-wallets-kit 1.9.5 2.5.0
@sentry/react 10.62.0 10.63.0
@supabase/supabase-js 2.108.2 2.110.0
i18next 26.3.3 26.3.4
lucide-react 1.21.0 1.23.0
react-router-dom 7.18.0 7.18.1
@types/react 19.2.14 19.2.17
vite 8.1.0 8.1.3

Updates @creit.tech/stellar-wallets-kit from 1.9.5 to 2.5.0

Release notes

Sourced from @​creit.tech/stellar-wallets-kit's releases.

v2.5.0

2.5.0 (2026-06-24)

Add

  • Add new D'CENT wallet module (PR #89)

Change

  • Update the wallet connect dependencies (Upgrade reown/appkit to 1.8.21)
  • Disable tests when building the NPM module, tests run with Deno. We will move the tests to the @​std library from Deno so they can run on all platforms

v2.4.0

2.4.0 (2026-06-24)

Change

  • Remove the library @​stellar/stellar-base and install @​stellar/stellar-sdk (the base version has been deprecated by Stellar)

v2.3.0

2.3.0 (2026-06-05)

Add

Fix

  • It upgrades the Trezor libraries to the latest ALPHA releases. This is because when a website is using modern bundling (ESM only), the process breaks since the @trezor/connect-plugin-stellar package is looking for ESM code that isn't available in old @trezor/connect-web versions.

v2.2.0

2.2.0 (2026-05-08)

Add

  • Adds Fordefi module
  • Adds Cactus Link module

Changes

  • Update WalletConnect Freighter's ID

v2.1.0

2.1.0 (2026-03-30)

add

... (truncated)

Changelog

Sourced from @​creit.tech/stellar-wallets-kit's changelog.

2.5.0 (2026-06-24)

Add

  • Add new D'CENT wallet module (PR #89)

Change

  • Update the wallet connect dependencies (Upgrade reown/appkit to 1.8.21)
  • Disable tests when building the NPM module, tests run with Deno. We will move the tests to the @​std library from Deno so they can run on all platforms

2.4.0 (2026-06-24)

Change

  • Remove the library @​stellar/stellar-base and install @​stellar/stellar-sdk (the base version has been deprecated by Stellar)

2.3.0 (2026-06-05)

Add

Fix

  • It upgrades the Trezor libraries to the latest ALPHA releases. This is because when a website is using modern bundling (ESM only), the process breaks since the @trezor/connect-plugin-stellar package is looking for ESM code that isn't available in old @trezor/connect-web versions.

2.2.0 (2026-05-08)

Add

  • Adds Fordefi module
  • Adds Cactus Link module

Changes

  • Update WalletConnect Freighter's ID

2.1.0 (2026-03-30)

add

  • Include PR 84 - adds signAndSubmitTransaction method
  • Add new method fetchAddress

... (truncated)

Commits
  • 282fe7d Upgrade to 2.5.0
  • 456a0cf Upgrade wallet connect dependencies
  • b41c236 Merge branch 'main' of github.com:Creit-Tech/Stellar-Wallets-Kit
  • 465f5fc Merge pull request #98 from IotrustGitHub/dcent-wallet-module
  • 53144f8 Chore: Translate D'CENT module test descriptions to English
  • f53c801 Fix: Wait for injection sentinel in D'CENT isAvailable to avoid cold-load race
  • 5760127 Feat: Add D'CENT wallet module
  • 92eb600 Upgrade to 2.4.0
  • bd1c771 Upgrade to 2.3.0
  • d0af8c1 Update WalletConnect module and Trezor libraries
  • Additional commits viewable in compare view

Updates @sentry/react from 10.62.0 to 10.63.0

Release notes

Sourced from @​sentry/react's releases.

10.63.0

  • feat(browser): Add url.full attribute to resource spans (#21846)
  • feat(core): Add extendIntegration method (#21759)
  • feat(core): Add isTracingSuppressed to the async context strategy (#21785)
  • feat(core): Pass normalizedRequest to the sampling context for root spans (#21833)
  • feat(node): Add lru-memoizer diagnostics-channel integration to experimentalUseDiagnosticsChannelInjection (#21786)
  • feat(node): Expose channel-based, streamlined fastifyIntegration (#21706)
  • fix(browser): Defer sending session envelope until browser is idle (#21844)
  • fix(core): Improve waiting for tracing channel bindings (#21815)
  • fix(core): Serialize streamed span status message to sentry.status.message attribute (#21811)
  • fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#21141)
  • fix(opentelemetry): Strip leading ? and # from inferred http.query and http.fragment (#21848)
  • fix(tanstackstart-react): Drop server transactions for tunnel route requests (#21769)
  • chore: Add external contributor to CHANGELOG.md (#21832)
  • chore: Hoist transitive imports for bundles (#21858)
  • chore: Mark http.query/http.fragment stripping for v11 url.query migration (#21852)
  • docs: Use Cloudflare nodejs_compat flag (#21659)
  • feat(server-utils): Add lru-memoizer diagnostics-channel integration (#21786)
  • feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#21706)
  • feat(server-utils): Restore caller context for callback tracing channels (#21863)
  • ref(core): Move spanStreamingIntegration setup into ServerRuntimeClient (#21814)
  • ref(node): Infer orchestrion integration names (#21834)
  • ref(node): Move node-fetch instrumentation away from InstrumentBase (#21778)
  • ref(node): Streamline Prisma instrumentation (v6 and v7) (#21819)
  • ref(node): Streamline vendored mysql instrumentation (#21568)
  • ref(server-utils): Ensure ts3.8 has diagnostics channel shim (#21845)
  • ref(server-utils): Move mysql orchestrion integration onto bindTracingChannelToSpan (#21865)
  • ref(server-utils): Set error attributes on span and simplify error info extraction (#21822)
  • test: Introduce .unordered in node-integration-tests (#21697)
  • test(cloudflare): Align CF types and compat flags (#21835)
  • test(e2e/hono): Isolate request-data extraction tests onto a dedicated route (#21869)
  • test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21868)
  • test(node-integration-tests): Fix flaky postgresjs basic transaction/error ordering (#21870)
  • test(node-integration-tests): Retry transient docker compose up failures (#21860)
  • test(nuxt): Test mysql instrumentation with orchestrion bundler plugin (#21782)

Work in this release was contributed by @​suzunn. Thank you for your contribution!

Bundle size 📦

Path Size
@​sentry/browser 26.97 KB
@​sentry/browser - with treeshaking flags 25.44 KB

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.63.0

  • feat(browser): Add url.full attribute to resource spans (#21846)
  • feat(core): Add extendIntegration method (#21759)
  • feat(core): Add isTracingSuppressed to the async context strategy (#21785)
  • feat(core): Pass normalizedRequest to the sampling context for root spans (#21833)
  • feat(node): Add lru-memoizer diagnostics-channel integration to experimentalUseDiagnosticsChannelInjection (#21786)
  • feat(node): Expose channel-based, streamlined fastifyIntegration (#21706)
  • fix(browser): Defer sending session envelope until browser is idle (#21844)
  • fix(core): Improve waiting for tracing channel bindings (#21815)
  • fix(core): Serialize streamed span status message to sentry.status.message attribute (#21811)
  • fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#21141)
  • fix(opentelemetry): Strip leading ? and # from inferred http.query and http.fragment (#21848)
  • fix(tanstackstart-react): Drop server transactions for tunnel route requests (#21769)
  • chore: Add external contributor to CHANGELOG.md (#21832)
  • chore: Hoist transitive imports for bundles (#21858)
  • chore: Mark http.query/http.fragment stripping for v11 url.query migration (#21852)
  • docs: Use Cloudflare nodejs_compat flag (#21659)
  • feat(server-utils): Add lru-memoizer diagnostics-channel integration (#21786)
  • feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#21706)
  • feat(server-utils): Restore caller context for callback tracing channels (#21863)
  • ref(core): Move spanStreamingIntegration setup into ServerRuntimeClient (#21814)
  • ref(node): Infer orchestrion integration names (#21834)
  • ref(node): Move node-fetch instrumentation away from InstrumentBase (#21778)
  • ref(node): Streamline Prisma instrumentation (v6 and v7) (#21819)
  • ref(node): Streamline vendored mysql instrumentation (#21568)
  • ref(server-utils): Ensure ts3.8 has diagnostics channel shim (#21845)
  • ref(server-utils): Move mysql orchestrion integration onto bindTracingChannelToSpan (#21865)
  • ref(server-utils): Set error attributes on span and simplify error info extraction (#21822)
  • test: Introduce .unordered in node-integration-tests (#21697)
  • test(cloudflare): Align CF types and compat flags (#21835)
  • test(e2e/hono): Isolate request-data extraction tests onto a dedicated route (#21869)
  • test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21868)
  • test(node-integration-tests): Fix flaky postgresjs basic transaction/error ordering (#21870)
  • test(node-integration-tests): Retry transient docker compose up failures (#21860)
  • test(nuxt): Test mysql instrumentation with orchestrion bundler plugin (#21782)

Work in this release was contributed by @​suzunn. Thank you for your contribution!

Commits
  • 2362e9f release: 10.63.0
  • 5b51d5e Merge pull request #21874 from getsentry/prepare-release/10.63.0
  • 4e16503 meta(changelog): Update changelog for 10.63.0
  • 690f778 test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21...
  • 429cdaf test(node-integration-tests): Fix flaky postgresjs basic transaction/error or...
  • 35998e6 test(e2e/hono): Isolate request-data extraction tests onto a dedicated route ...
  • 88e7ad5 feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#...
  • e316151 ref(server-utils): Move mysql orchestrion integration onto bindTracingChannel...
  • e7c24a5 feat(server-utils): Restore caller context for callback tracing channels (#21...
  • bf21b16 fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#...
  • Additional commits viewable in compare view

Updates @supabase/supabase-js from 2.108.2 to 2.110.0

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.110.0

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.110.0-canary.0

2.110.0-canary.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

v2.109.0

2.109.0 (2026-06-30)

🚀 Features

  • auth: add custom_claims_allowlist to custom providers admin API (#2473)
  • realtime: add postgres_changes filter builder, new operators and select (#2463)
  • storage: expose purgeCache for buckets and single objects (#2429)

🩹 Fixes

  • functions: honor a caller's Content-Type override regardless of casing (#2455)
  • realtime: pin @​supabase/phoenix and browser test CDN deps (#2457)
  • realtime: add replication connection system message option (#2470)
  • storage: keep sortBy defaults when list() is given a partial sortBy (#2454)

❤️ Thank You

v2.108.3-canary.2

2.108.3-canary.2 (2026-06-19)

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.110.0 (2026-06-30)

🚀 Features

  • repo: drop Node.js 20 support (#2482)

❤️ Thank You

2.109.0 (2026-06-30)

🩹 Fixes

  • realtime: pin @​supabase/phoenix and browser test CDN deps (#2457)

❤️ Thank You

Commits

Updates i18next from 26.3.3 to 26.3.4

Release notes

Sourced from i18next's releases.

v26.3.4

  • fix(security): deepExtend (used by addResourceBundle(..., deep, overwrite)) no longer recurses into inherited properties. It checked key existence with the in operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. hasOwnProperty, toString) caused recursion into the shared Object.prototype function and, with overwrite: true, could overwrite e.g. Object.prototype.hasOwnProperty.call with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with Object.prototype.hasOwnProperty.call, so such keys are copied as plain own data instead. This complements the existing __proto__/constructor guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with deep: true and overwrite: true; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, setPath mechanism). Thanks to zx (Jace) for the responsible disclosure.
Changelog

Sourced from i18next's changelog.

26.3.4

  • fix(security): deepExtend (used by addResourceBundle(..., deep, overwrite)) no longer recurses into inherited properties. It checked key existence with the in operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. hasOwnProperty, toString) caused recursion into the shared Object.prototype function and, with overwrite: true, could overwrite e.g. Object.prototype.hasOwnProperty.call with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with Object.prototype.hasOwnProperty.call, so such keys are copied as plain own data instead. This complements the existing __proto__/constructor guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with deep: true and overwrite: true; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, setPath mechanism). See advisory GHSA-6jcc-5g8w-32mx, CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H). Thanks to zx (Jace) @​manus-use for the responsible disclosure.
Commits

Updates lucide-react from 1.21.0 to 1.23.0

Release notes

Sourced from lucide-react's releases.

Version 1.23.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.22.0...1.23.0

Version 1.22.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.21.0...1.22.0

Commits

Updates react-router-dom from 7.18.0 to 7.18.1

Changelog

Sourced from react-router-dom's changelog.

v7.18.1

Patch Changes

Commits

Updates @types/react from 19.2.14 to 19.2.17

Commits

Updates vite from 8.1.0 to 8.1.3

Release notes

Sourced from vite's releases.

v8.1.3

Please refer to CHANGELOG.md for details.

v8.1.2

Please refer to CHANGELOG.md for details.

v8.1.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.3 (2026-07-02)

Bug Fixes

8.1.2 (2026-06-30)

Bug Fixes

  • deps: revert es-module-lexer to 2.1.0 (#22827) (0d3bd7c)
  • restore, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (#22825) (efb98cc)
  • revert, "fix: escape ids with multiple null bytes (#22687)" (cccef55)
  • revert, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (cf97711)

8.1.1 (2026-06-30)

Features

  • update dynamic import warning to link to Vite docs (#22823) (62bd7af)

Bug Fixes

  • bundled-dev: avoid stack overflow on import.meta.hot.invalidate() (#22797) (709eb8e)
  • bundled-dev: serve assets emitted during HMR/lazy compile (#22745) (5876b2c)
  • bundledDev: skip plugin transform hooks for rolldown-lazy stub modules (#22778) (8f925e2)
  • css: preserve dollar signs in external @import urls with lightningcss (#22718) (9fa7ab4)
  • css: resolve tsconfig paths in CSS and Sass @​import (#22775) (ef0b891)
  • deps: update all non-major dependencies (#22734) (e635f49)
  • deps: update all non-major dependencies (#22804) (8837400)
  • deps: update rolldown-related dependencies (#22591) (2ce6677)
  • escape ids with multiple null bytes (#22687) (833fc30)
  • hide console window when running 'net use' on Windows (#22698) (92b63f2)
  • ignore bundled config temp dir (#22800) (043a810)
  • invert esbuild.jsxSideEffects when converting to oxc.jsx.pure (#22809) (33895ba)
  • optimize-deps: ignore ERR_CLOSED_SERVER in scanner (#22784) (085a0ab)
  • optimizer: scanner should resolve input from root (#22769) (9722b07)
  • resolve pnpm .modules.yaml from workspace root instead of cwd (#22757) (2531ac7)
  • return sourcemap field from some plugins that were lacking (#22782) (7e18bf8)
  • server: handle malformed URI in indexHtmlMiddleware (#22781) (84f5ccc)

Miscellaneous Chores

Code Refactoring

  • css: remove lightningcss null byte bug workaround (#22822) (2dafd3b)
  • use pre-defined environments variable to avoid duplicate Object.values calls (#22790) (1113acf)

... (truncated)

Commits
  • 578ffb8 release: v8.1.3
  • 7103c3a fix(deps): bump es-module-lexer to 2.3.0 (#22838)
  • 1534d36 fix(css): inject inlined CSS after the shebang line (#22717)
  • c4acd69 fix(ssr): correct stacktrace column position for first line (#22828)
  • 2c53054 fix: preload css for nested dynamic imports (#22759)
  • ba31193 release: v8.1.2
  • 0d3bd7c fix(deps): revert es-module-lexer to 2.1.0 (#22827)
  • efb98cc fix: restore, "fix: resolve pnpm .modules.yaml from workspace root instead of...
  • cf97711 fix: revert, "fix: resolve pnpm .modules.yaml from workspace root instead of ...
  • cccef55 fix: revert, "fix: escape ids with multiple null bytes (#22687)"
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the frontend-dependencies group in /bimex-frontend with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [@creit.tech/stellar-wallets-kit](https://github.com/Creit-Tech/Stellar-Wallets-Kit) | `1.9.5` | `2.5.0` |
| [@sentry/react](https://github.com/getsentry/sentry-javascript) | `10.62.0` | `10.63.0` |
| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.108.2` | `2.110.0` |
| [i18next](https://github.com/i18next/i18next) | `26.3.3` | `26.3.4` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.21.0` | `1.23.0` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.18.0` | `7.18.1` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.1.0` | `8.1.3` |


Updates `@creit.tech/stellar-wallets-kit` from 1.9.5 to 2.5.0
- [Release notes](https://github.com/Creit-Tech/Stellar-Wallets-Kit/releases)
- [Changelog](https://github.com/Creit-Tech/Stellar-Wallets-Kit/blob/main/CHANGELOG.md)
- [Commits](Creit-Tech/Stellar-Wallets-Kit@v1.9.5...v2.5.0)

Updates `@sentry/react` from 10.62.0 to 10.63.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.62.0...10.63.0)

Updates `@supabase/supabase-js` from 2.108.2 to 2.110.0
- [Release notes](https://github.com/supabase/supabase-js/releases)
- [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md)
- [Commits](https://github.com/supabase/supabase-js/commits/v2.110.0/packages/core/supabase-js)

Updates `i18next` from 26.3.3 to 26.3.4
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next@v26.3.3...v26.3.4)

Updates `lucide-react` from 1.21.0 to 1.23.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.23.0/packages/lucide-react)

Updates `react-router-dom` from 7.18.0 to 7.18.1
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/react-router-dom@7.18.1/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.18.1/packages/react-router-dom)

Updates `@types/react` from 19.2.14 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `vite` from 8.1.0 to 8.1.3
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)

---
updated-dependencies:
- dependency-name: "@creit.tech/stellar-wallets-kit"
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: "@sentry/react"
  dependency-version: 10.63.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: "@supabase/supabase-js"
  dependency-version: 2.110.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: i18next
  dependency-version: 26.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: lucide-react
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: react-router-dom
  dependency-version: 7.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: vite
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the frontend Cambios en la interfaz de usuario label Jul 4, 2026
@vercel

vercel Bot commented Jul 4, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
bimex-frontend Error Error Jul 4, 2026 1:05am

@David1984TK David1984TK merged commit 0a9b0e6 into main Jul 7, 2026
6 of 8 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/bimex-frontend/frontend-dependencies-f96c76b3ee branch July 7, 2026 02:54
David1984TK pushed a commit that referenced this pull request Jul 7, 2026
CI's "Contrato Soroban" job has been failing on main since the #209/#210
dependency bumps merged (in fact since before them): bimex/Cargo.lock was
gitignored, so every CI run re-resolved dependencies from scratch. Since
soroban-env-host 26.1.3 declares `ed25519-dalek = ">=2.0.0"` with no upper
bound, the resolver started picking the newly published ed25519-dalek
3.0.0, whose rand_core trait bounds are incompatible with the ChaCha20Rng
used in soroban-env-host's own testutils.rs, breaking `cargo test`
entirely with an unrelated-looking trait error.

Fix: force the whole graph onto ed25519-dalek 2.2.0 (`cargo update -p
ed25519-dalek@3.0.0 --precise 2.2.0`) and commit the resulting Cargo.lock
so builds are reproducible instead of drifting with upstream releases.

Also regenerated the contract's test_snapshots/, which were stale since
the soroban-sdk 25->26 bump (#196) and had never been refreshed because
CI hadn't successfully run `cargo test` since.

Verified: cargo test (64/64), cargo clippy -D warnings, and cargo audit
--deny warnings all pass in bimex/.
David1984TK pushed a commit that referenced this pull request Jul 7, 2026
The v1->v2 bump (#210) didn't just move exports around (fixed in the
previous commit) — it turned StellarWalletsKit into an all-static class
backed by module-level signal state, dropping the old per-instance API
entirely. That silently broke wallet auto-reconnect at runtime even
though the app built and rendered fine:

- `new StellarWalletsKit(...)` no longer configures anything; use the
  static `StellarWalletsKit.init(...)` instead.
- `kit.setWallet(id)` is now the static `StellarWalletsKit.setWallet(id)`
  (confirmed via a live TypeError: "walletKit.setWallet is not a
  function" while reproducing the E2E failure).
- `kit.openModal({ onWalletSelected, onClosed })` was replaced by
  `StellarWalletsKit.authModal()`, which returns a promise resolving to
  `{ address }` directly instead of taking callbacks.
- `kit.getAddress({ skipRequestAccess })` became `fetchAddress()` (no
  options) for a live lookup, since `getAddress()` now only returns the
  cached in-memory address.

Root-caused by reproducing the failing Playwright golden-path spec
locally against the mocked Freighter fixture, which surfaced the
setWallet TypeError directly. Verified: bimex-frontend vitest (124/124)
and all 25 Playwright E2E specs (golden-path, filtros, landing) pass
locally against the mocked wallet fixtures.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

frontend Cambios en la interfaz de usuario

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant