🔖 (release) [NO-ISSUE]: New release incoming: Signer SOL 1.6.2, Signer ETH 1.11.0, Context Module 1.14.0, Signer BTC 1.2.1, Transport Node HID 1.0.0, Ledger Wallet 0.2.0, DMK 1.1.0, DevTools UI 1.1.0, DevTools Core 1.1.0, DevTools Rozenite 0.1.0, DevTools Websocket Common 1.0.1, DevTools Websocket Connector 1.1.0 (#1306)

Author: aussedatlo

.changeset/icy-tables-change.md

@@ -0,0 +1,5 @@
+---
+"@ledgerhq/device-management-kit-sample": patch
+---
+
+Convert trusted-name name sources/types to strings in API output.

.cursor/commands/create-pr.md

@@ -0,0 +1,159 @@
+# Create PR
+
+Create a GitHub pull request with proper title, changeset, and all required elements.
+
+## Prompt Variables
+
+All variables are optional. The AI will auto-derive values from context and only prompt when necessary.
+
+$TICKET
+
+> (Optional) JIRA ticket or NO-ISSUE. Auto-extracted from branch name if present.
+
+$EMOJI
+
+> (Optional) Gitmoji emoji. Auto-selected based on diff contents.
+
+$SCOPE
+
+> (Optional) Package scope in lowercase. Auto-detected from changed files.
+
+$DESCRIPTION
+
+> (Optional) Short description. Auto-generated from diff analysis.
+
+$DRAFT
+
+> (Optional) Whether to create as draft PR. Defaults to true.
+
+## Instructions
+
+**Before starting**: Read [CONTRIBUTING.md](../../CONTRIBUTING.md) and [danger/helpers.ts](../../danger/helpers.ts) to understand the current validation rules for branches, commits, and PR titles.
+
+### Step 1: Pre-flight checks
+
+1. Check for uncommitted changes with `git status --porcelain`. If any exist, ask user whether to commit, stash, or abort.
+
+2. Check if a PR already exists for this branch:
+
+   ```bash
+   gh pr view --json url,title,state 2>/dev/null
+   ```
+
+   If it exists, ask user whether to update it or abort.
+
+3. Detect if this is a fork (forks have relaxed validation rules per CONTRIBUTING.md):
+   ```bash
+   gh repo view --json isFork -q .isFork
+   ```
+
+### Step 2: Check current branch state
+
+1. Get current branch with `git branch --show-current`
+2. If on `develop` or `main`, ask user for a new branch name following the conventions in [CONTRIBUTING.md](../../CONTRIBUTING.md), then create it with `git checkout -b <branch-name>`
+3. Validate the branch name against the regex in [danger/helpers.ts](../../danger/helpers.ts). Do not skip this as a wrong branch name will force the user to close the PR and reopen a new one.
+4. Extract ticket from branch name (refer to danger/helpers.ts for the valid ticket patterns)
+
+### Step 3: Analyze changes
+
+1. Run `git fetch origin develop && git diff origin/develop...HEAD` to understand the changes (three dots to show only branch changes, not upstream changes)
+2. Run `git status` to see modified files
+3. Validate existing commit messages against the regex in [danger/helpers.ts](../../danger/helpers.ts):
+   ```bash
+   git log origin/develop..HEAD --pretty=format:%s
+   ```
+   If any commits don't match, warn the user they may need to amend commits before the PR can pass CI.
+4. Auto-derive:
+   - **Scope**: from the most impacted package(s) under `packages/`
+   - **Emoji**: run `pnpm gitmoji --list` and select the most appropriate one based on diff contents
+   - **Description**: summarize the changes in a few words, starting with uppercase
+
+### Step 4: Ask for missing info
+
+1. If ticket was not extracted from branch name (and not a fork), ask the user for it
+2. Present the auto-derived values (emoji, scope, description) for confirmation
+3. Allow user to override any values if needed
+4. Ask if the PR should be created as draft (default: yes)
+
+### Step 5: Verify changeset
+
+1. Check if a changeset file exists in `.changeset/`
+2. If not, and the changes affect **published packages** (not apps or internal tooling), create one following [.cursor/rules/changeset.mdc](../rules/changeset.mdc)
+
+> Note: Changesets are only required for published packages, not for apps or internal tooling (see CONTRIBUTING.md).
+
+### Step 6: Stage and commit if needed
+
+If there are changes after creating the changeset:
+
+1. Stage the changes
+2. Create a commit following the format in [CONTRIBUTING.md](../../CONTRIBUTING.md)
+3. Validate the commit message against the regex in [danger/helpers.ts](../../danger/helpers.ts)
+
+### Step 7: Run Danger validation (MANDATORY)
+
+**This step is mandatory.** Run the local Danger checks to validate branch name, commit messages, and changesets before pushing:
+
+```bash
+# For non-fork repositories
+pnpm danger:local
+
+# For fork repositories (relaxed validation rules)
+pnpm danger:local:fork
+```
+
+If any checks fail:
+
+- **Branch name invalid**: Follow the dangerfile rules and suggest a new branch name. A wrong branch name will force closing the PR and reopening a new one. As long as this check is failing, DO NOT open the PR.
+- **Commit messages invalid**: Warn user they need to amend commits (e.g., `git rebase -i origin/develop`) before the PR can pass CI.
+- **Changeset missing**: Go back to Step 5 to create one if needed.
+
+Do NOT proceed to push until all Danger checks pass.
+
+### Step 8: Push branch
+
+```bash
+git push -u origin HEAD
+```
+
+### Step 9: Create or update PR
+
+**Read [CONTRIBUTING.md](../../CONTRIBUTING.md) for the exact PR title format** (different for forks vs non-forks).
+
+For the PR body, use the structure from [.github/pull_request_template.md](../../.github/pull_request_template.md) and fill in:
+
+- Description based on diff analysis
+- Ticket link
+- Checklist: check "Changeset is provided" if one was created, otherwise add a note explaining why no changeset is needed (e.g., "No changeset needed - changes only affect apps/internal tooling")
+
+Use `gh pr create` (or `gh pr edit` if updating):
+
+```bash
+# Add --draft flag only if user chose draft mode
+gh pr create [--draft] --title "<TITLE>" --body "<BODY>"
+```
+
+When updating an existing PR, ask the user if they want to update the body as well:
+
+```bash
+gh pr edit --title "<TITLE>" --body "<BODY>"
+```
+
+### Step 10: Output PR URL
+
+After creating/updating the PR, output the URL in two formats (do NOT auto-open):
+
+```
+PR created successfully!
+
+URL: <PR_URL>
+
+[<TITLE>](<PR_URL>)
+```
+
+## Reference Files
+
+- [CONTRIBUTING.md](../../CONTRIBUTING.md) - All conventions (branch naming, PR title format, commit format)
+- [danger/helpers.ts](../../danger/helpers.ts) - CI validation regexes (source of truth)
+- [.github/pull_request_template.md](../../.github/pull_request_template.md) - PR body template structure
+- [.cursor/rules/changeset.mdc](../rules/changeset.mdc) - Changeset creation guidelines

.cursor/commands/trigger-snapshot-release.md

@@ -0,0 +1,109 @@
+# Trigger Snapshot Release
+
+Trigger the snapshot release workflow to build and publish snapshot packages from the current branch.
+
+## Requirements
+
+- **GitHub CLI (`gh`)** — Must be installed and authenticated (`gh auth login`)
+- **Git push access** — Write permissions to `LedgerHQ/device-sdk-ts`
+
+## Prompt Variables
+
+$TAG
+
+> Optional: Snapshot version tag name (e.g., "my-feature"). Leave empty to use the branch name (with "/" replaced by "-").
+
+## Instructions
+
+Execute the following steps in order. Stop and report to the user if any step fails.
+
+Throughout execution, collect any warnings (non-fatal issues) to include in the final output summary.
+
+### 1. Get current branch
+
+- Run: `git branch --show-current`
+- If the output is empty, the repo is in detached HEAD state. Stop and inform the user: "Cannot trigger snapshot release: not on a branch (detached HEAD state)"
+- Otherwise, store the branch name for later steps
+
+### 2. Determine snapshot tag
+
+- If `$TAG` is provided and non-empty:
+  - Validate it contains only alphanumeric characters, hyphens (`-`), and underscores (`_`)
+  - If invalid, stop and inform the user: "Invalid tag: only alphanumeric characters, hyphens, and underscores are allowed"
+  - Use it as the snapshot tag
+- Otherwise, derive the tag from the branch name by replacing all `/` characters with `-` (e.g., `feat/my-feature` becomes `feat-my-feature`)
+
+### 3. Check for uncommitted changes
+
+- Run: `git status --porcelain`
+- If output is non-empty, **record a warning** (but continue): "Uncommitted changes won't be included in the snapshot"
+  - Store this warning to include in the final output summary
+
+### 4. Push branch to origin
+
+- Run: `git push -u origin HEAD`
+- **If push fails**:
+  - If the error indicates the remote branch has diverged (e.g., "rejected" or "non-fast-forward"), inform the user: "Push failed: remote branch has diverged. Run `git pull --rebase` to update your local branch, or use `git push --force` if you're sure you want to overwrite the remote."
+  - For other errors (e.g., permission denied), stop and report the error to the user
+
+### 5. Trigger the snapshot workflow
+
+- Run: `gh workflow run "[Release] Snapshot Release" -f ref=<branch> -f tag=<snapshot_tag>`
+  - `<branch>` is the branch name from step 1
+  - `<snapshot_tag>` is the tag determined in step 2
+- **If the workflow trigger fails**, stop and report the error to the user
+
+### 6. Get workflow run URL
+
+- Wait 5 seconds for the workflow to be queued
+- Fetch the most recent pending or in-progress run: `gh run list --workflow=snapshot_release.yml --limit 5 --json url,name,status,createdAt`
+  - Note: Do not use `--branch` filter — `workflow_dispatch` runs are associated with the default branch, not the `ref` input
+- Filter to runs with `status` of `"queued"`, `"in_progress"`, or `"pending"`
+- Take the most recently created run (by `createdAt` timestamp)
+- If the JSON output is an empty array `[]` or no matching run is found, retry up to 6 times with 5-second delays between attempts
+- Parse the JSON output and extract the `url`, `name`, and `status` fields
+
+### 7. Estimate build time
+
+- Fetch recent completed runs: `gh run list --workflow=snapshot_release.yml --status completed --limit 20 --json conclusion,createdAt,updatedAt`
+- Filter to successful runs only (`conclusion` = `"success"`)
+- Take up to 5 most recent successful runs
+- For each run, calculate duration in minutes: `(updatedAt - createdAt)` (both are ISO 8601 timestamps)
+- Calculate the average duration, rounded to the nearest minute
+- If no successful runs exist, note that build time cannot be estimated
+
+## Output Format
+
+After completing all steps, display the following summary:
+
+---
+
+**Snapshot release triggered**
+
+- **Branch:** `<branch name>`
+- **Tag:** `<snapshot tag>`
+- **Workflow run:** [<run name> (<status>)](<run url>)
+- **Expected build time:** ~<average> minutes (based on up to 5 recent successful builds)
+  - If no successful builds exist: "Unknown (no previous successful builds)"
+- **View all runs:** https://github.com/LedgerHQ/device-sdk-ts/actions/workflows/snapshot_release.yml
+
+**Warnings:** (only include this section if there are warnings)
+
+- List any warnings that occurred during execution, such as:
+  - Uncommitted changes not included in the snapshot
+  - Any other non-fatal issues encountered
+
+---
+
+## Workflow Reference
+
+| Workflow Name                | Workflow File          | Description                            |
+| ---------------------------- | ---------------------- | -------------------------------------- |
+| `[Release] Snapshot Release` | `snapshot_release.yml` | Builds and publishes snapshot packages |
+
+## Notes
+
+- The snapshot workflow builds all packages from the specified branch and publishes them with the given tag
+- Packages are published to JFrog with the snapshot tag (e.g., `@ledgerhq/device-management-kit@0.0.0-feat-my-feature.1`)
+- The workflow runs on both public (for attestation) and private Ledger runners (for JFrog publishing)
+- The branch must exist on `LedgerHQ/device-sdk-ts` (origin)

.cursor/rules/commit.mdc

@@ -55,3 +55,22 @@ Refer to these resources to help you select appropriate emojis and follow the co
 For more details or troubleshooting, see [CONTRIBUTING.md](https://github.com/LedgerHQ/device-sdk-ts/blob/develop/CONTRIBUTING.md).
 
 Commits that don't follow this convention will fail CI and block merging.
+
+### Signed commits
+
+**All commits must be signed** to be merged into protected branches (`develop` and `main`). This is enforced by GitHub branch rulesets.
+
+Make sure you have commit signing configured:
+
+```bash
+git config --global commit.gpgsign true
+```
+
+If you have unsigned commits, re-sign them before pushing:
+
+```bash
+git rebase -i HEAD~N --exec "git commit --amend --no-edit -S"
+git push --force-with-lease
+```
+
+See [CONTRIBUTING.md](https://github.com/LedgerHQ/device-sdk-ts/blob/develop/CONTRIBUTING.md#signed-commits) for setup instructions.

.github/actions/setup-with-cache-composite/action.yml

@@ -6,16 +6,21 @@ runs:
   steps:
     - uses: moonrepo/setup-toolchain@v0
 
-    - name: Install toolchain
+    - name: Install toolchain and setup PATH
       shell: bash
-      run: proto use
+      run: |
+        proto use
+        # Get actual binary directories and add to PATH
+        echo "$(dirname $(proto bin node))" >> $GITHUB_PATH
+        echo "$(dirname $(proto bin pnpm))" >> $GITHUB_PATH
+        echo "/home/runner/.proto/bin" >> $GITHUB_PATH
 
     - name: Get pnpm store directory
       shell: bash
       run: |
-        echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+        echo "STORE_PATH=$(proto run pnpm -- store path --silent)" >> $GITHUB_ENV
 
-    - name: Restore pnpm cache
+    - name: Setup pnpm cache
       uses: actions/cache@v4
       with:
         path: ${{ env.STORE_PATH }}
@@ -25,4 +30,4 @@ runs:
 
     - name: Install dependencies
       shell: bash
-      run: pnpm install
+      run: proto run pnpm -- install

.prototools

@@ -1,3 +1,3 @@
-node = "20.19.6"
-npm = "11.7.0"
-pnpm = "10.28.0"
+node = "20.20.0"
+npm = "11.8.0"
+pnpm = "10.28.2"

AGENTS.md

@@ -0,0 +1,18 @@
+# AI Agent Guidelines
+
+AI agents contributing to this repository must follow project conventions.
+
+## Description
+
+The Device Management Kit (DMK) is a TypeScript library that provides easy communication with Ledger devices.
+
+## Documentation
+
+- [README.md](README.md)
+- [CONTRIBUTING.md](CONTRIBUTING.md) - Full contribution guidelines (branch naming, commits, PRs, changesets)
+
+## Tools
+
+- **proto** is used as the toolchain manager to install the right version of every tool.
+- **pnpm** is used as the package manager to install all the dependencies.
+- Use `gh` CLI (if available) for GitHub operations (create/update PRs, view workflows, comments, etc.)