Skip to content

Update thirdweb to 5.105.42 #914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 9, 2025
Merged

Update thirdweb to 5.105.42 #914

merged 1 commit into from
Sep 9, 2025

Conversation

@joaquim-verges
Copy link
Member

@joaquim-verges joaquim-verges commented Sep 9, 2025
edited by coderabbitai bot
Loading

Changes

How this PR will be tested

  • Open the dashboard and click X. Result: A modal should appear.
  • Call the /foo/bar API. Result: Returns 200 with "baz" in the response body.

Output

(Example: Screenshot/GIF for UI changes, cURL output for API changes)

PR-Codex overview

This PR updates various dependencies in the package.json and yarn.lock files, including version upgrades and changes to specific packages to improve functionality and compatibility.

Detailed summary

  • Updated thirdweb from ^5.100.1 to ^5.105.42.
  • Updated @emotion/styled from 11.14.0 to 11.14.1.
  • Updated @radix-ui/react-dialog from 1.1.10 to 1.1.14.
  • Updated @radix-ui/react-focus-scope from 1.1.4 to 1.1.7.
  • Updated @radix-ui/react-tooltip from 1.2.3 to 1.2.7.
  • Updated @tanstack/react-query from 5.74.4 to 5.81.5.
  • Updated @thirdweb-dev/engine from 3.0.1 to 3.2.1.
  • Updated @thirdweb-dev/insight from 1.0.0 to 1.1.1.
  • Updated @walletconnect/core from 2.20.1 to 2.21.4.
  • Updated @walletconnect/sign-client from 2.20.1 to 2.21.4.
  • Updated @walletconnect/types from 2.20.1 to 2.21.4.
  • Updated @walletconnect/utils from 2.20.1 to 2.21.4.
  • Updated viem from 2.28.1 to 2.33.2.
  • Updated zod from 3.22.4 to 3.25.75.
  • Added @msgpack/msgpack version 3.1.2 and @scure/base version 1.2.6.
  • Updated uint8arrays from 3.1.0 to 3.1.1.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

  • Chores
    • Updated a third-party SDK to the latest version to maintain compatibility and incorporate upstream improvements.
    • No user-facing changes are expected; existing features should continue to work as before.
    • Includes minor stability, performance, and security enhancements provided by the dependency vendor.

@coderabbitai
Copy link

coderabbitai bot commented Sep 9, 2025
edited
Loading

Walkthrough

Updated dependency version in package.json: bumped thirdweb from ^5.100.1 to ^5.105.42. No source code changes.

Changes

Cohort / File(s) Summary of changes
Dependencies
package.json		 Bump thirdweb dependency from ^5.100.1 to ^5.105.42.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Pre-merge checks (2 passed, 1 warning)

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description Check ⚠️ Warning Although the pull request description follows the template structure, it still contains placeholder text rather than actual content, omitting the specific problem statement, details of the changes made, appropriate testing instructions for the version bump, and any output examples or artifacts. Replace all placeholder sections with a clear description of the problem being solved, list the precise package updates (including thirdweb 5.105.42), refine the testing checklist to verify the version bump effects, and provide real examples or screenshots in the Output section to document the change.
✅ Passed checks (2 passed)
Check name Status Explanation
Title Check ✅ Passed The pull request title “Update thirdweb to 5.105.42” concisely and accurately describes the primary change—the bump of the thirdweb dependency to version 5.105.42—without extraneous detail or ambiguity, making it clear for anyone scanning the history.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)
  • INF-171: Entity not found: Issue - Could not find referenced Issue.
✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch Update_thirdweb_to_5.105.42

Comment @coderabbitai help to get the list of available commands and usage tips.

@joaquim-verges joaquim-verges marked this pull request as ready for review September 9, 2025 11:25
@joaquim-verges Graphite App
Copy link
Member Author

joaquim-verges commented Sep 9, 2025
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

@socket-security
Copy link

socket-security bot commented Sep 9, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​storybook/​react-dom-shim@​9.0.1510010060100100
Added@​storybook/​global@​5.0.01001006683100
Added@​storybook/​react@​9.0.159810071100100
Updated@​thirdweb-dev/​insight@​1.0.0 ⏵ 1.1.194 +110082 +190100
Added@​msgpack/​msgpack@​3.1.210010010082100
Updated@​thirdweb-dev/​engine@​3.0.1 ⏵ 3.2.194 +310085 +291 -7100
Updatedes-toolkit@​1.33.0 ⏵ 1.39.310010089 +197100

View full report

@joaquim-verges joaquim-verges merged commit de9c9df into main Sep 9, 2025
8 of 9 checks passed
@joaquim-verges joaquim-verges deleted the Update_thirdweb_to_5.105.42 branch September 9, 2025 11:29
coderabbitai[bot]
coderabbitai bot reviewed Sep 9, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between bd30727 and b12ba3e.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • package.json (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: lint
  • GitHub Check: build
🔇 Additional comments (5)
package.json (5)

72-72: Dependency bump looks good.

Straightforward version update to thirdweb; no other deps changed.

72-72: Lockfile is already consistent. yarn.lock entry for thirdweb@^5.105.42 resolves to version 5.105.42, so no further action is needed.

72-72: Dual SDK check unnecessary
No @thirdweb-dev/sdk dependency or imports detected—only thirdweb is declared in package.json. Suggestion isn’t applicable.

Likely an incorrect or invalid review comment.

72-72: Verify Address type compatibility
thirdweb v5 may have widened viem’s Address type to string, which can break strict-typed code. Run a full TypeScript build (npm install --save-dev typescript if needed, then npx tsc --noEmit) to confirm there are no regressions.

72-72: Runtime meets Node ≥18.6: Dockerfile uses node:18.20-slim (≥18.6), satisfying thirdweb v5 SDK requirement.

package.json
"prom-client": "^15.1.3",
"superjson": "^2.2.1",
"thirdweb": "^5.100.1",
"thirdweb": "^5.105.42",
Copy link

@coderabbitai coderabbitai bot Sep 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Ensure viem/ethers compatibility and single-version dedupe.

thirdweb v5 works with viem and ethers; we already pin viem 2.22.17 in deps and resolutions and ethers v5. Confirm there’s no duplicate viem/ethers trees after the bump. (portal.thirdweb.com, github.com)

🏁 Script executed:

#!/bin/bash
# Explain dependency graph for potential duplicates
yarn why thirdweb viem ethers || true
# List any nested viem/ethers under thirdweb
fd -H node_modules | rg -nP '/(thirdweb|@thirdweb-dev)/' -n -C0 | rg -nP '/(viem|ethers)(/|@)' -n -C0 || true

Length of output: 142

🏁 Script executed:

#!/bin/bash
# Show why each package is installed
printf "\n=== yarn why thirdweb ===\n"
yarn why thirdweb || true

printf "\n=== yarn why viem ===\n"
yarn why viem || true

printf "\n=== yarn why ethers ===\n"
yarn why ethers || true

# List all installed versions of viem and ethers
printf "\n=== yarn list --pattern viem ===\n"
yarn list --pattern "viem" || true

printf "\n=== yarn list --pattern ethers ===\n"
yarn list --pattern "ethers" || true

# Find any nested viem/ethers module directories under node_modules
printf "\n=== Duplicate module directories ===\n"
find node_modules -type d | grep -E "/node_modules/(viem|ethers)$" || printf "No duplicate module dirs found\n"

Length of output: 18042

Pin ethers to a single version via resolutions
Detected two ethers versions (5.7.2 at root vs. 5.5.1 under ethers-gcp-kms-signer). Add a resolutions override in package.json (e.g. "ethers": "5.7.2") and reinstall to force-dedupe.

🤖 Prompt for AI Agents 
In package.json around line 72, multiple versions of ethers were detected (root
5.7.2 vs 5.5.1 under ethers-gcp-kms-signer); add a resolutions override to force
a single version (for example add a top-level "resolutions": { "ethers": "5.7.2"
}) and then reinstall and regenerate the lockfile (npm/yarn/pnpm install or yarn
install --check-files / yarn-deduplicate as appropriate) so the dependency is
deduped to the pinned version; if using npm, add an "overrides" entry instead of
"resolutions" with the same key/value and update the lockfile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@joaquim-verges