Skip to content

Chore(deps): Bump the major group across 5 directories with 43 updates#2889

Open
dependabot[bot] wants to merge 3 commits into
masterfrom
dependabot/npm_and_yarn/major-2413282fe2
Open

Chore(deps): Bump the major group across 5 directories with 43 updates#2889
dependabot[bot] wants to merge 3 commits into
masterfrom
dependabot/npm_and_yarn/major-2413282fe2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 5, 2026

Copy link
Copy Markdown
Contributor

Bumps the major group with 41 updates in the / directory:

Package From To
@actions/core 1.11.1 3.0.1
@babel/core 7.29.7 8.0.1
@babel/eslint-parser 7.29.7 8.0.1
@babel/preset-env 7.29.7 8.0.2
@babel/preset-react 7.29.7 8.0.1
@babel/preset-typescript 7.29.7 8.0.1
babel-jest 29.7.0 30.4.1
eslint 9.18.0 10.6.0
eslint-import-resolver-typescript 3.7.0 4.4.5
eslint-plugin-react-hooks 5.1.0 7.1.1
eslint-webpack-plugin 5.0.0 6.0.0
glob 12.0.0 13.0.6
globals 16.0.0 17.7.0
got 14.4.5 15.0.6
jest 29.7.0 30.4.2
@types/jest 29.5.14 30.0.0
jsdom 26.0.0 29.1.1
lint-staged 15.4.1 17.0.8
react-i18next 15.4.1 17.0.8
typescript 5.7.3 6.0.3
webpack-cli 6.0.1 7.1.0
@lavamoat/allow-scripts 3.3.1 5.1.0
@lavamoat/preinstall-always-fail 2.1.0 3.0.0
eslint-plugin-jsdoc 50.6.2 63.0.10
@blockaid/client 0.31.0 1.4.0
bignumber.js 9.3.0 11.1.4
@sentry/browser 9.13.0 10.62.0
@stellar/typescript-wallet-sdk-km 1.9.0 3.0.1
@types/jsdom 21.1.7 28.0.3
@types/node 22.14.1 26.0.1
concurrently 9.1.2 10.0.3
copy-webpack-plugin 13.0.0 14.0.0
dotenv-webpack 8.1.0 9.0.0
i18next 25.0.1 26.3.3
i18next-scanner-webpack 0.9.1 1.0.0
jest-environment-jsdom 29.7.0 30.4.1
js-yaml 4.2.0 5.2.0
sass-loader 16.0.5 17.0.0
ses 1.12.0 2.2.0
@sentry/webpack-plugin 3.3.1 5.3.0
shadcn 3.8.4 4.12.0

Bumps the major group with 4 updates in the /@shared/api directory: typescript, @lavamoat/allow-scripts, @blockaid/client and bignumber.js.
Bumps the major group with 2 updates in the /@shared/helpers directory: typescript and bignumber.js.
Bumps the major group with 1 update in the /@stellar/freighter-api directory: @lavamoat/allow-scripts.
Bumps the major group with 19 updates in the /extension directory:

Package From To
@lavamoat/allow-scripts 3.3.2 5.1.0
bignumber.js 9.3.0 11.1.4
@amplitude/analytics-browser 2.44.4 2.44.3
@amplitude/experiment-js-client 1.21.2 1.21.1
@sentry/browser 9.13.0 10.62.0
@stellar/typescript-wallet-sdk-km 1.9.0 3.0.1
@types/jsdom 21.1.7 28.0.3
@types/node 22.14.1 26.0.1
concurrently 9.1.2 10.0.3
copy-webpack-plugin 13.0.0 14.0.0
dotenv-webpack 8.1.0 9.0.0
i18next 25.0.1 26.3.3
i18next-scanner-webpack 0.9.1 1.0.0
jest-environment-jsdom 29.7.0 30.4.1
js-yaml 4.2.0 5.2.0
sass-loader 16.0.5 17.0.0
ses 1.12.0 2.2.0
@sentry/webpack-plugin 3.3.1 5.3.0
shadcn 3.8.4 4.12.0

Updates @actions/core from 1.11.1 to 3.0.1

Changelog

Sourced from @​actions/core's changelog.

3.0.1

  • Bump undici from 6.23.0 to 6.24.1 #2348

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.3

  • Bump @actions/http-client to 3.0.2

2.0.1

  • Bump @​actions/exec from 1.1.1 to 2.0.0 #2199

2.0.0

  • Add support for Node 24 #2110
  • Bump @​actions/http-client from 2.0.1 to 3.0.0
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​actions/core since your current version.


Updates @babel/core from 7.29.7 to 8.0.1

Release notes

Sourced from @​babel/core's releases.

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v8.0.1 (2026-06-17)

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

🏠 Internal

  • babel-core
  • babel-compat-data, babel-register
  • babel-helper-transform-fixture-test-runner, babel-node

... (truncated)

Commits

Updates @babel/eslint-parser from 7.29.7 to 8.0.1

Release notes

Sourced from @​babel/eslint-parser's releases.

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/eslint-parser's changelog.

v8.0.1 (2026-06-17)

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

🏠 Internal

  • babel-core
  • babel-compat-data, babel-register
  • babel-helper-transform-fixture-test-runner, babel-node

... (truncated)

Commits

Updates @babel/preset-env from 7.29.7 to 8.0.2

Release notes

Sourced from @​babel/preset-env's releases.

v8.0.2 (2026-06-18)

🐛 Bug Fix

  • Other
  • babel-helper-validator-identifier

🏠 Internal

  • babel-plugin-proposal-decorators, babel-plugin-transform-regenerator, babel-preset-env

Committers: 2

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

... (truncated)

Changelog

Sourced from @​babel/preset-env's changelog.

v8.0.2 (2026-06-18)

🐛 Bug Fix

  • Other
  • babel-helper-validator-identifier

🏠 Internal

  • babel-plugin-proposal-decorators, babel-plugin-transform-regenerator, babel-preset-env

v8.0.1 (2026-06-17)

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

... (truncated)

Commits

Updates @babel/preset-react from 7.29.7 to 8.0.1

Release notes

Sourced from @​babel/preset-react's releases.

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/preset-react's changelog.

v8.0.1 (2026-06-17)

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

🏠 Internal

  • babel-core
  • babel-compat-data, babel-register
  • babel-helper-transform-fixture-test-runner, babel-node

... (truncated)

Commits

Updates @babel/preset-typescript from 7.29.7 to 8.0.1

Release notes

Sourced from @​babel/preset-typescript's releases.

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/preset-typescript's c...

Description has been truncated

Bumps the major group with 41 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.11.1` | `3.0.1` |
| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.7` | `8.0.1` |
| [@babel/eslint-parser](https://github.com/babel/babel/tree/HEAD/eslint/babel-eslint-parser) | `7.29.7` | `8.0.1` |
| [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.29.7` | `8.0.2` |
| [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) | `7.29.7` | `8.0.1` |
| [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) | `7.29.7` | `8.0.1` |
| [babel-jest](https://github.com/jestjs/jest/tree/HEAD/packages/babel-jest) | `29.7.0` | `30.4.1` |
| [eslint](https://github.com/eslint/eslint) | `9.18.0` | `10.6.0` |
| [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | `3.7.0` | `4.4.5` |
| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `5.1.0` | `7.1.1` |
| [eslint-webpack-plugin](https://github.com/webpack/eslint-webpack-plugin) | `5.0.0` | `6.0.0` |
| [glob](https://github.com/isaacs/node-glob) | `12.0.0` | `13.0.6` |
| [globals](https://github.com/sindresorhus/globals) | `16.0.0` | `17.7.0` |
| [got](https://github.com/sindresorhus/got) | `14.4.5` | `15.0.6` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.4.2` |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.14` | `30.0.0` |
| [jsdom](https://github.com/jsdom/jsdom) | `26.0.0` | `29.1.1` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `15.4.1` | `17.0.8` |
| [react-i18next](https://github.com/i18next/react-i18next) | `15.4.1` | `17.0.8` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.7.3` | `6.0.3` |
| [webpack-cli](https://github.com/webpack/webpack-cli) | `6.0.1` | `7.1.0` |
| [@lavamoat/allow-scripts](https://github.com/LavaMoat/LavaMoat/tree/HEAD/packages/allow-scripts) | `3.3.1` | `5.1.0` |
| [@lavamoat/preinstall-always-fail](https://github.com/LavaMoat/LavaMoat/tree/HEAD/packages/preinstall-always-fail) | `2.1.0` | `3.0.0` |
| [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) | `50.6.2` | `63.0.10` |
| [@blockaid/client](https://github.com/blockaid-official/blockaid-client-node) | `0.31.0` | `1.4.0` |
| [bignumber.js](https://github.com/MikeMcl/bignumber.js) | `9.3.0` | `11.1.4` |
| [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `9.13.0` | `10.62.0` |
| @stellar/typescript-wallet-sdk-km | `1.9.0` | `3.0.1` |
| [@types/jsdom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsdom) | `21.1.7` | `28.0.3` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.14.1` | `26.0.1` |
| [concurrently](https://github.com/open-cli-tools/concurrently) | `9.1.2` | `10.0.3` |
| [copy-webpack-plugin](https://github.com/webpack/copy-webpack-plugin) | `13.0.0` | `14.0.0` |
| [dotenv-webpack](https://github.com/mrsteele/dotenv-webpack) | `8.1.0` | `9.0.0` |
| [i18next](https://github.com/i18next/i18next) | `25.0.1` | `26.3.3` |
| [i18next-scanner-webpack](https://github.com/ph1p/i18next-scanner-webpack) | `0.9.1` | `1.0.0` |
| [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `29.7.0` | `30.4.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.2.0` | `5.2.0` |
| [sass-loader](https://github.com/webpack/sass-loader) | `16.0.5` | `17.0.0` |
| [ses](https://github.com/endojs/endo/tree/HEAD/packages/ses) | `1.12.0` | `2.2.0` |
| [@sentry/webpack-plugin](https://github.com/getsentry/sentry-javascript-bundler-plugins) | `3.3.1` | `5.3.0` |
| [shadcn](https://github.com/shadcn-ui/ui/tree/HEAD/packages/shadcn) | `3.8.4` | `4.12.0` |

Bumps the major group with 4 updates in the /@shared/api directory: [typescript](https://github.com/microsoft/TypeScript), [@lavamoat/allow-scripts](https://github.com/LavaMoat/LavaMoat/tree/HEAD/packages/allow-scripts), [@blockaid/client](https://github.com/blockaid-official/blockaid-client-node) and [bignumber.js](https://github.com/MikeMcl/bignumber.js).
Bumps the major group with 2 updates in the /@shared/helpers directory: [typescript](https://github.com/microsoft/TypeScript) and [bignumber.js](https://github.com/MikeMcl/bignumber.js).
Bumps the major group with 1 update in the /@stellar/freighter-api directory: [@lavamoat/allow-scripts](https://github.com/LavaMoat/LavaMoat/tree/HEAD/packages/allow-scripts).
Bumps the major group with 19 updates in the /extension directory:

| Package | From | To |
| --- | --- | --- |
| [@lavamoat/allow-scripts](https://github.com/LavaMoat/LavaMoat/tree/HEAD/packages/allow-scripts) | `3.3.2` | `5.1.0` |
| [bignumber.js](https://github.com/MikeMcl/bignumber.js) | `9.3.0` | `11.1.4` |
| [@amplitude/analytics-browser](https://github.com/amplitude/Amplitude-TypeScript) | `2.44.4` | `2.44.3` |
| [@amplitude/experiment-js-client](https://github.com/amplitude/experiment-js-client/tree/HEAD/packages/experiment-browser) | `1.21.2` | `1.21.1` |
| [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `9.13.0` | `10.62.0` |
| @stellar/typescript-wallet-sdk-km | `1.9.0` | `3.0.1` |
| [@types/jsdom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsdom) | `21.1.7` | `28.0.3` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.14.1` | `26.0.1` |
| [concurrently](https://github.com/open-cli-tools/concurrently) | `9.1.2` | `10.0.3` |
| [copy-webpack-plugin](https://github.com/webpack/copy-webpack-plugin) | `13.0.0` | `14.0.0` |
| [dotenv-webpack](https://github.com/mrsteele/dotenv-webpack) | `8.1.0` | `9.0.0` |
| [i18next](https://github.com/i18next/i18next) | `25.0.1` | `26.3.3` |
| [i18next-scanner-webpack](https://github.com/ph1p/i18next-scanner-webpack) | `0.9.1` | `1.0.0` |
| [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `29.7.0` | `30.4.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.2.0` | `5.2.0` |
| [sass-loader](https://github.com/webpack/sass-loader) | `16.0.5` | `17.0.0` |
| [ses](https://github.com/endojs/endo/tree/HEAD/packages/ses) | `1.12.0` | `2.2.0` |
| [@sentry/webpack-plugin](https://github.com/getsentry/sentry-javascript-bundler-plugins) | `3.3.1` | `5.3.0` |
| [shadcn](https://github.com/shadcn-ui/ui/tree/HEAD/packages/shadcn) | `3.8.4` | `4.12.0` |



Updates `@actions/core` from 1.11.1 to 3.0.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@babel/core` from 7.29.7 to 8.0.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.1/packages/babel-core)

Updates `@babel/eslint-parser` from 7.29.7 to 8.0.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.1/eslint/babel-eslint-parser)

Updates `@babel/preset-env` from 7.29.7 to 8.0.2
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.2/packages/babel-preset-env)

Updates `@babel/preset-react` from 7.29.7 to 8.0.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.1/packages/babel-preset-react)

Updates `@babel/preset-typescript` from 7.29.7 to 8.0.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.1/packages/babel-preset-typescript)

Updates `babel-jest` from 29.7.0 to 30.4.1
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.1/packages/babel-jest)

Updates `eslint` from 9.18.0 to 10.6.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.18.0...v10.6.0)

Updates `eslint-import-resolver-typescript` from 3.7.0 to 4.4.5
- [Release notes](https://github.com/import-js/eslint-import-resolver-typescript/releases)
- [Changelog](https://github.com/import-js/eslint-import-resolver-typescript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-import-resolver-typescript/compare/v3.7.0...v4.4.5)

Updates `eslint-plugin-react-hooks` from 5.1.0 to 7.1.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.1/packages/eslint-plugin-react-hooks)

Updates `eslint-webpack-plugin` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/webpack/eslint-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/eslint-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/eslint-webpack-plugin/compare/v5.0.0...v6.0.0)

Updates `glob` from 12.0.0 to 13.0.6
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v12.0.0...v13.0.6)

Updates `globals` from 16.0.0 to 17.7.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.0.0...v17.7.0)

Updates `got` from 14.4.5 to 15.0.6
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](https://github.com/sindresorhus/got/compare/v14.4.5...v15.0.6)

Updates `jest` from 29.7.0 to 30.4.2
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.2/packages/jest)

Updates `@types/jest` from 29.5.14 to 30.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `jsdom` from 26.0.0 to 29.1.1
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](https://github.com/jsdom/jsdom/compare/v26.0.0...v29.1.1)

Updates `lint-staged` from 15.4.1 to 17.0.8
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lint-staged/lint-staged/compare/v15.4.1...v17.0.8)

Updates `react-i18next` from 15.4.1 to 17.0.8
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v15.4.1...v17.0.8)

Updates `typescript` from 5.7.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `webpack-cli` from 6.0.1 to 7.1.0
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/webpack-cli@6.0.1...webpack-cli@7.1.0)

Updates `@lavamoat/allow-scripts` from 3.3.1 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@lavamoat/preinstall-always-fail` from 2.1.0 to 3.0.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/preinstall-always-fail/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/allow-scripts-v3.0.0/packages/preinstall-always-fail)

Updates `eslint-plugin-jsdoc` from 50.6.2 to 63.0.10
- [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
- [Commits](https://github.com/gajus/eslint-plugin-jsdoc/compare/v50.6.2...v63.0.10)

Updates `@blockaid/client` from 0.31.0 to 1.4.0
- [Release notes](https://github.com/blockaid-official/blockaid-client-node/releases)
- [Changelog](https://github.com/blockaid-official/blockaid-client-node/blob/main/CHANGELOG.md)
- [Commits](https://github.com/blockaid-official/blockaid-client-node/compare/v0.31.0...v1.4.0)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@sentry/browser` from 9.13.0 to 10.62.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/9.13.0...10.62.0)

Updates `@stellar/typescript-wallet-sdk-km` from 1.9.0 to 3.0.1

Updates `@types/jsdom` from 21.1.7 to 28.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom)

Updates `@types/node` from 22.14.1 to 26.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `concurrently` from 9.1.2 to 10.0.3
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](https://github.com/open-cli-tools/concurrently/compare/v9.1.2...v10.0.3)

Updates `copy-webpack-plugin` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/webpack/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/copy-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/copy-webpack-plugin/compare/v13.0.0...v14.0.0)

Updates `dotenv-webpack` from 8.1.0 to 9.0.0
- [Release notes](https://github.com/mrsteele/dotenv-webpack/releases)
- [Commits](https://github.com/mrsteele/dotenv-webpack/compare/v8.1.0...v9.0.0)

Updates `i18next` from 25.0.1 to 26.3.3
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v25.0.1...v26.3.3)

Updates `i18next-scanner-webpack` from 0.9.1 to 1.0.0
- [Release notes](https://github.com/ph1p/i18next-scanner-webpack/releases)
- [Commits](https://github.com/ph1p/i18next-scanner-webpack/compare/v0.9.1...v1.0.0)

Updates `jest-environment-jsdom` from 29.7.0 to 30.4.1
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-environment-jsdom)

Updates `js-yaml` from 4.2.0 to 5.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.2.0...5.2.0)

Updates `sass-loader` from 16.0.5 to 17.0.0
- [Release notes](https://github.com/webpack/sass-loader/releases)
- [Changelog](https://github.com/webpack/sass-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/sass-loader/compare/v16.0.5...v17.0.0)

Updates `ses` from 1.12.0 to 2.2.0
- [Release notes](https://github.com/endojs/endo/releases)
- [Changelog](https://github.com/endojs/endo/blob/master/packages/ses/CHANGELOG.md)
- [Commits](https://github.com/endojs/endo/commits/ses@2.2.0/packages/ses)

Updates `@sentry/webpack-plugin` from 3.3.1 to 5.3.0
- [Release notes](https://github.com/getsentry/sentry-javascript-bundler-plugins/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript-bundler-plugins/blob/main/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript-bundler-plugins/compare/3.3.1...5.3.0)

Updates `shadcn` from 3.8.4 to 4.12.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.12.0/packages/shadcn)

Updates `@blockaid/client` from 0.31.0 to 1.4.0
- [Release notes](https://github.com/blockaid-official/blockaid-client-node/releases)
- [Changelog](https://github.com/blockaid-official/blockaid-client-node/blob/main/CHANGELOG.md)
- [Commits](https://github.com/blockaid-official/blockaid-client-node/compare/v0.31.0...v1.4.0)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.7.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `@lavamoat/allow-scripts` from 3.3.1 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.7.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `@lavamoat/allow-scripts` from 3.3.1 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@sentry/browser` from 9.13.0 to 10.62.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/9.13.0...10.62.0)

Updates `@stellar/typescript-wallet-sdk-km` from 1.9.0 to 3.0.1

Updates `@types/jsdom` from 21.1.7 to 28.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom)

Updates `@types/node` from 22.14.1 to 26.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `concurrently` from 9.1.2 to 10.0.3
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](https://github.com/open-cli-tools/concurrently/compare/v9.1.2...v10.0.3)

Updates `copy-webpack-plugin` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/webpack/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/copy-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/copy-webpack-plugin/compare/v13.0.0...v14.0.0)

Updates `dotenv-webpack` from 8.1.0 to 9.0.0
- [Release notes](https://github.com/mrsteele/dotenv-webpack/releases)
- [Commits](https://github.com/mrsteele/dotenv-webpack/compare/v8.1.0...v9.0.0)

Updates `i18next` from 25.0.1 to 26.3.3
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v25.0.1...v26.3.3)

Updates `i18next-scanner-webpack` from 0.9.1 to 1.0.0
- [Release notes](https://github.com/ph1p/i18next-scanner-webpack/releases)
- [Commits](https://github.com/ph1p/i18next-scanner-webpack/compare/v0.9.1...v1.0.0)

Updates `jest-environment-jsdom` from 29.7.0 to 30.4.1
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-environment-jsdom)

Updates `js-yaml` from 4.2.0 to 5.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.2.0...5.2.0)

Updates `sass-loader` from 16.0.5 to 17.0.0
- [Release notes](https://github.com/webpack/sass-loader/releases)
- [Changelog](https://github.com/webpack/sass-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/sass-loader/compare/v16.0.5...v17.0.0)

Updates `ses` from 1.12.0 to 2.2.0
- [Release notes](https://github.com/endojs/endo/releases)
- [Changelog](https://github.com/endojs/endo/blob/master/packages/ses/CHANGELOG.md)
- [Commits](https://github.com/endojs/endo/commits/ses@2.2.0/packages/ses)

Updates `@lavamoat/allow-scripts` from 3.3.1 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@sentry/webpack-plugin` from 3.3.1 to 5.3.0
- [Release notes](https://github.com/getsentry/sentry-javascript-bundler-plugins/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript-bundler-plugins/blob/main/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript-bundler-plugins/compare/3.3.1...5.3.0)

Updates `shadcn` from 3.8.4 to 4.12.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.12.0/packages/shadcn)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@blockaid/client` from 0.31.0 to 1.4.0
- [Release notes](https://github.com/blockaid-official/blockaid-client-node/releases)
- [Changelog](https://github.com/blockaid-official/blockaid-client-node/blob/main/CHANGELOG.md)
- [Commits](https://github.com/blockaid-official/blockaid-client-node/compare/v0.31.0...v1.4.0)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@blockaid/client` from 0.31.0 to 1.4.0
- [Release notes](https://github.com/blockaid-official/blockaid-client-node/releases)
- [Changelog](https://github.com/blockaid-official/blockaid-client-node/blob/main/CHANGELOG.md)
- [Commits](https://github.com/blockaid-official/blockaid-client-node/compare/v0.31.0...v1.4.0)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `typescript` from 5.8.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.3...v6.0.3)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@amplitude/analytics-browser` from 2.44.4 to 2.44.3
- [Release notes](https://github.com/amplitude/Amplitude-TypeScript/releases)
- [Commits](https://github.com/amplitude/Amplitude-TypeScript/compare/@amplitude/analytics-browser@2.44.4...@amplitude/analytics-browser@2.44.3)

Updates `@amplitude/experiment-js-client` from 1.21.2 to 1.21.1
- [Release notes](https://github.com/amplitude/experiment-js-client/releases)
- [Changelog](https://github.com/amplitude/experiment-js-client/blob/main/packages/experiment-browser/CHANGELOG.md)
- [Commits](https://github.com/amplitude/experiment-js-client/commits/@amplitude/experiment-js-client@1.21.1/packages/experiment-browser)

Updates `@sentry/browser` from 9.13.0 to 10.62.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/9.13.0...10.62.0)

Updates `@stellar/typescript-wallet-sdk-km` from 1.9.0 to 3.0.1

Updates `@types/jsdom` from 21.1.7 to 28.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom)

Updates `@types/node` from 22.14.1 to 26.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `concurrently` from 9.1.2 to 10.0.3
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](https://github.com/open-cli-tools/concurrently/compare/v9.1.2...v10.0.3)

Updates `copy-webpack-plugin` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/webpack/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/copy-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/copy-webpack-plugin/compare/v13.0.0...v14.0.0)

Updates `dotenv-webpack` from 8.1.0 to 9.0.0
- [Release notes](https://github.com/mrsteele/dotenv-webpack/releases)
- [Commits](https://github.com/mrsteele/dotenv-webpack/compare/v8.1.0...v9.0.0)

Updates `i18next` from 25.0.1 to 26.3.3
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v25.0.1...v26.3.3)

Updates `i18next-scanner-webpack` from 0.9.1 to 1.0.0
- [Release notes](https://github.com/ph1p/i18next-scanner-webpack/releases)
- [Commits](https://github.com/ph1p/i18next-scanner-webpack/compare/v0.9.1...v1.0.0)

Updates `jest-environment-jsdom` from 29.7.0 to 30.4.1
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-environment-jsdom)

Updates `js-yaml` from 4.2.0 to 5.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.2.0...5.2.0)

Updates `sass-loader` from 16.0.5 to 17.0.0
- [Release notes](https://github.com/webpack/sass-loader/releases)
- [Changelog](https://github.com/webpack/sass-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/sass-loader/compare/v16.0.5...v17.0.0)

Updates `ses` from 1.12.0 to 2.2.0
- [Release notes](https://github.com/endojs/endo/releases)
- [Changelog](https://github.com/endojs/endo/blob/master/packages/ses/CHANGELOG.md)
- [Commits](https://github.com/endojs/endo/commits/ses@2.2.0/packages/ses)

Updates `@sentry/webpack-plugin` from 3.3.1 to 5.3.0
- [Release notes](https://github.com/getsentry/sentry-javascript-bundler-plugins/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript-bundler-plugins/blob/main/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript-bundler-plugins/compare/3.3.1...5.3.0)

Updates `shadcn` from 3.8.4 to 4.12.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.12.0/packages/shadcn)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@sentry/browser` from 9.13.0 to 10.62.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/9.13.0...10.62.0)

Updates `@stellar/typescript-wallet-sdk-km` from 1.9.0 to 3.0.1

Updates `@types/jsdom` from 21.1.7 to 28.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom)

Updates `@types/node` from 22.14.1 to 26.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `bignumber.js` from 9.3.0 to 11.1.4
- [Release notes](https://github.com/MikeMcl/bignumber.js/releases)
- [Changelog](https://github.com/MikeMcl/bignumber.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/MikeMcl/bignumber.js/compare/v9.3.0...v11.1.4)

Updates `concurrently` from 9.1.2 to 10.0.3
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](https://github.com/open-cli-tools/concurrently/compare/v9.1.2...v10.0.3)

Updates `copy-webpack-plugin` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/webpack/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/copy-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/copy-webpack-plugin/compare/v13.0.0...v14.0.0)

Updates `dotenv-webpack` from 8.1.0 to 9.0.0
- [Release notes](https://github.com/mrsteele/dotenv-webpack/releases)
- [Commits](https://github.com/mrsteele/dotenv-webpack/compare/v8.1.0...v9.0.0)

Updates `i18next` from 25.0.1 to 26.3.3
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v25.0.1...v26.3.3)

Updates `i18next-scanner-webpack` from 0.9.1 to 1.0.0
- [Release notes](https://github.com/ph1p/i18next-scanner-webpack/releases)
- [Commits](https://github.com/ph1p/i18next-scanner-webpack/compare/v0.9.1...v1.0.0)

Updates `jest-environment-jsdom` from 29.7.0 to 30.4.1
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.1/packages/jest-environment-jsdom)

Updates `js-yaml` from 4.2.0 to 5.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.2.0...5.2.0)

Updates `sass-loader` from 16.0.5 to 17.0.0
- [Release notes](https://github.com/webpack/sass-loader/releases)
- [Changelog](https://github.com/webpack/sass-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/sass-loader/compare/v16.0.5...v17.0.0)

Updates `ses` from 1.12.0 to 2.2.0
- [Release notes](https://github.com/endojs/endo/releases)
- [Changelog](https://github.com/endojs/endo/blob/master/packages/ses/CHANGELOG.md)
- [Commits](https://github.com/endojs/endo/commits/ses@2.2.0/packages/ses)

Updates `@lavamoat/allow-scripts` from 3.3.2 to 5.1.0
- [Release notes](https://github.com/LavaMoat/LavaMoat/releases)
- [Changelog](https://github.com/LavaMoat/LavaMoat/blob/main/packages/allow-scripts/CHANGELOG.md)
- [Commits](https://github.com/LavaMoat/LavaMoat/commits/lavapack-v5.1.0/packages/allow-scripts)

Updates `@sentry/webpack-plugin` from 3.3.1 to 5.3.0
- [Release notes](https://github.com/getsentry/sentry-javascript-bundler-plugins/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript-bundler-plugins/blob/main/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript-bundler-plugins/compare/3.3.1...5.3.0)

Updates `shadcn` from 3.8.4 to 4.12.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.12.0/packages/shadcn)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@babel/core"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@babel/eslint-parser"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@babel/preset-env"
  dependency-version: 8.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@babel/preset-react"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@babel/preset-typescript"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: babel-jest
  dependency-version: 30.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: eslint-import-resolver-typescript
  dependency-version: 4.4.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: eslint-plugin-react-hooks
  dependency-version: 7.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: eslint-webpack-plugin
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: glob
  dependency-version: 13.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: globals
  dependency-version: 17.7.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: got
  dependency-version: 15.0.6
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest
  dependency-version: 30.4.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/jest"
  dependency-version: 30.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jsdom
  dependency-version: 29.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: lint-staged
  dependency-version: 17.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: react-i18next
  dependency-version: 17.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: webpack-cli
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/preinstall-always-fail"
  dependency-version: 3.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: eslint-plugin-jsdoc
  dependency-version: 63.0.10
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@blockaid/client"
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/browser"
  dependency-version: 10.62.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@stellar/typescript-wallet-sdk-km"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/jsdom"
  dependency-version: 28.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: concurrently
  dependency-version: 10.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: copy-webpack-plugin
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: dotenv-webpack
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next
  dependency-version: 26.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next-scanner-webpack
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest-environment-jsdom
  dependency-version: 30.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: sass-loader
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: ses
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/webpack-plugin"
  dependency-version: 5.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: shadcn
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@blockaid/client"
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/browser"
  dependency-version: 10.62.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@stellar/typescript-wallet-sdk-km"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/jsdom"
  dependency-version: 28.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: concurrently
  dependency-version: 10.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: copy-webpack-plugin
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: dotenv-webpack
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next
  dependency-version: 26.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next-scanner-webpack
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest-environment-jsdom
  dependency-version: 30.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: sass-loader
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: ses
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/webpack-plugin"
  dependency-version: 5.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: shadcn
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@blockaid/client"
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@blockaid/client"
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@amplitude/analytics-browser"
  dependency-version: 2.44.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: major
- dependency-name: "@amplitude/experiment-js-client"
  dependency-version: 1.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: major
- dependency-name: "@sentry/browser"
  dependency-version: 10.62.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@stellar/typescript-wallet-sdk-km"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/jsdom"
  dependency-version: 28.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: concurrently
  dependency-version: 10.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: copy-webpack-plugin
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: dotenv-webpack
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next
  dependency-version: 26.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next-scanner-webpack
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest-environment-jsdom
  dependency-version: 30.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: sass-loader
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: ses
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/webpack-plugin"
  dependency-version: 5.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: shadcn
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/browser"
  dependency-version: 10.62.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@stellar/typescript-wallet-sdk-km"
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/jsdom"
  dependency-version: 28.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: bignumber.js
  dependency-version: 11.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: concurrently
  dependency-version: 10.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: copy-webpack-plugin
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: dotenv-webpack
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next
  dependency-version: 26.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next-scanner-webpack
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest-environment-jsdom
  dependency-version: 30.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: js-yaml
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: sass-loader
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: ses
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@lavamoat/allow-scripts"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@sentry/webpack-plugin"
  dependency-version: 5.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: shadcn
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 5, 2026
Copilot AI review requested due to automatic review settings July 5, 2026 02:28
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 5, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@socket-security

socket-security Bot commented Jul 5, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatednpm/​@​lavamoat/​preinstall-always-fail@​2.1.0 ⏵ 3.0.0811004883100
Updatednpm/​@​amplitude/​analytics-browser@​2.44.1 ⏵ 2.44.473 +310094 +1100 +1100
Updatednpm/​@​amplitude/​experiment-js-client@​1.21.1 ⏵ 1.21.299 +110075 +195 +4100
Updatednpm/​i18next-scanner-webpack@​0.9.1 ⏵ 1.0.076 +2100100 +180 +2100
Updatednpm/​@​sentry/​browser@​9.13.0 ⏵ 10.62.079 +110091 +196100
Updatednpm/​@​stellar/​typescript-wallet-sdk-km@​1.9.0 ⏵ 3.0.18110092 +196 +11100
Updatednpm/​dotenv-webpack@​8.1.0 ⏵ 9.0.010010010081100
Updatednpm/​@​types/​node@​18.19.124 ⏵ 26.0.110010081 +196100
Updatednpm/​@​blockaid/​client@​0.31.0 ⏵ 1.4.084 -6100100 +192 -1100
Updatednpm/​glob@​9.3.5 ⏵ 13.0.696 -31009985 +35100
Updatednpm/​globals@​14.0.0 ⏵ 17.7.010010086 +192100
Updatednpm/​@​actions/​core@​1.11.1 ⏵ 3.0.19910010086100
Updatednpm/​copy-webpack-plugin@​13.0.0 ⏵ 14.0.099 +110010087100
Updatednpm/​eslint-webpack-plugin@​5.0.0 ⏵ 6.0.099 +110010087100
Updatednpm/​ses@​1.12.0 ⏵ 2.2.088 -410010093 +4100
Updatednpm/​eslint-import-resolver-typescript@​3.7.0 ⏵ 4.4.5100 +110010088100
Updatednpm/​@​eslint/​js@​9.18.0 ⏵ 10.0.1100100100 +1388100
Updatednpm/​eslint-plugin-jsdoc@​50.6.2 ⏵ 63.0.1088 -1010010096 +1100
Updatednpm/​typescript@​4.9.5 ⏵ 6.0.3100 +1100909690
Updatednpm/​@​sentry/​webpack-plugin@​3.3.1 ⏵ 5.3.0100 +110010090100
Updatednpm/​sass-loader@​16.0.5 ⏵ 17.0.099 +110010090100
Updatednpm/​shadcn@​3.8.4 ⏵ 4.12.098 +110091 +498 +1100
Updatednpm/​concurrently@​9.1.2 ⏵ 10.0.399 +1100100 +191 -1100
Updatednpm/​react-i18next@​15.4.1 ⏵ 17.0.89910010092100
Updatednpm/​i18next@​21.10.0 ⏵ 26.3.3100 +110092 +197100
Updatednpm/​js-yaml@​4.1.0 ⏵ 5.2.0100 +1100 +310093 +1100
Updatednpm/​got@​14.4.5 ⏵ 15.0.699 +1100100 +193100
Updatednpm/​webpack-cli@​6.0.1 ⏵ 7.1.098 +110010093100
Updatednpm/​@​lavamoat/​allow-scripts@​3.3.1 ⏵ 5.1.0100 +110010094 +1100
Updatednpm/​eslint@​9.18.0 ⏵ 10.6.098 +110010095 -1100
Updatednpm/​lint-staged@​15.4.1 ⏵ 17.0.8100 +1100100 +196 -1100
Updatednpm/​eslint-plugin-react-hooks@​5.1.0 ⏵ 7.1.1100100100 +796100

View full report

@socket-security

socket-security Bot commented Jul 5, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @amplitude/plugin-custom-enrichment-browser is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/@amplitude/analytics-browser@2.44.4npm/@amplitude/plugin-custom-enrichment-browser@0.1.13

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@amplitude/plugin-custom-enrichment-browser@0.1.13. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm @sentry/cli under LicenseRef-FSL-1.1-MIT

License: LicenseRef-FSL-1.1-MIT - The applicable license policy does not permit this license (5) (package/LICENSE)

From: ?npm/@sentry/webpack-plugin@5.3.0npm/@sentry/cli@2.58.6

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@sentry/cli@2.58.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm cheerio is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/i18next-scanner-webpack@1.0.0npm/cheerio@1.2.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/cheerio@1.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm eslint-plugin-jsdoc is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package.jsonnpm/eslint-plugin-jsdoc@63.0.10

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-jsdoc@63.0.10. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm htmlparser2 is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/i18next-scanner-webpack@1.0.0npm/htmlparser2@10.1.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/htmlparser2@10.1.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm typescript under MIT-Khronos-old

License: MIT-Khronos-old - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

License: LicenseRef-W3C-Community-Final-Specification-Agreement - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

From: ?npm/i18next-scanner-webpack@1.0.0npm/typescript@5.9.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@5.9.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm typescript under MIT-Khronos-old

License: MIT-Khronos-old - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

License: LicenseRef-W3C-Community-Final-Specification-Agreement - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

From: @shared/api/package.jsonnpm/typescript@6.0.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@6.0.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm yargs is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/@lavamoat/allow-scripts@5.1.0npm/jest@29.7.0npm/yargs@17.7.3

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/yargs@17.7.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

…ber 11

Dependabot's grouped "major" PR bundled ~43 major bumps; several require
migrations that don't belong in a version-currency bump. This keeps the
bumps that build + test green and reverts the ones causing failures.

Reverted to current versions (deferred to dedicated migrations):
- jest, babel-jest, @types/jest, jest-environment-jsdom, jsdom,
  @types/jsdom, and the Babel 8 set (@babel/core, @babel/eslint-parser,
  @babel/preset-env, @babel/preset-react, @babel/preset-typescript) --
  jest 30 / babel-jest 30 mis-transform @stellar/design-system's Icon ESM
  namespace re-export (Icon.* -> undefined), causing ~200 suite failures;
  babel-jest 29 also requires @babel/core ^7, so Babel stays on 7.
- bignumber.js (x3 workspaces) -- v11 throws on malformed numeric
  strings instead of yielding a non-finite value, regressing
  usdValueOf() balance handling (a real runtime regression).

Supporting fixes required by the kept bumps:
- @actions/core v3 is ESM-only: load it via dynamic import in the
  chrome-extension-upload action and rebuild the ncc bundle.
- TypeScript 6: add ignoreDeprecations "6.0"; set explicit rootDir and
  add node types for @stellar/freighter-api; declare *.scss/*.css.
- ESLint 10: add @eslint/js dependency; disable the newly-recommended
  no-useless-assignment / preserve-caught-error rules (pre-existing
  violations, tracked for a follow-up).
- lavamoat: deny eslint-import-resolver-typescript>unrs-resolver's
  postinstall (native binary ships via its optional dependency).
- pin docs @stellar/freighter-api off the moving "latest" tag; add a
  @stellar/freighter-api -> workspace:* resolution (required once
  typescript-wallet-sdk-km 3 depends on freighter-api 6.0.1, which
  collides with the local workspace under Yarn hardened mode).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@piyalbasu

Copy link
Copy Markdown
Contributor

Trimmed this grouped-major PR to the bumps that are actually green

TL;DR: This grouped-major PR bundled ~43 major bumps, and a few of them require real migrations (they break the test suite or regress runtime behavior) that don't belong in a version-currency bump. I pushed a commit that keeps every bump that builds and tests clean and reverts the handful that don't, so this PR can merge as a safe subset. The deferred ones (the jest/Babel-8 test-runner stack and bignumber.js 11) should each get their own dedicated migration PR.

Verified locally (Node 22, Yarn 4.10): yarn install --immutable (hardened mode) ✅ · build:freighter-api ✅ · build:extension ✅ · jest --ci full unit suite 180 passed / 0 failed ✅. e2e (Playwright) not run locally — it needs a browser + backend secrets, so it'll run here in CI.

What was reverted and why (for reviewers/agents)

Reverted to master versions (deferred to dedicated migrations):

  • Test-runner stackjest, babel-jest, @types/jest, jest-environment-jsdom, jsdom, @types/jsdom, and the Babel 8 set (@babel/core, @babel/eslint-parser, @babel/preset-env, @babel/preset-react, @babel/preset-typescript).
    Root cause: jest 30 / babel-jest 30 mis-transform @stellar/design-system's Icon ESM namespace re-export — Icon.User, Icon.ArrowLeft, etc. resolve to undefined, so every component that renders an icon throws "Element type is invalid" (~200 suite failures). Confirmed by bisection: the same AssetTile suite passes on master (babel-jest 29) and fails on the bumped branch. babel-jest 29 also peers on @babel/core ^7, so Babel stays on 7 as a set.
  • bignumber.js 11 (reverted in all three workspaces: extension, @shared/api, @shared/helpers).
    v11 throws on a malformed numeric string instead of yielding a non-finite value. usdValueOf() in balance.ts relies on the old behavior (new BigNumber(priceStr) → non-finite → treated as unpriced). Under v11 a bad price string throws, breaking balance sorting — a real runtime regression, not just a test failure.

Kept (all validated green by build + tests): typescript 6, eslint 10.6, @actions/core 3, glob 13, got 15, globals 17, lint-staged 17, webpack-cli 7, eslint plugins, @lavamoat/* 5, @sentry/browser 10.62, i18next 26 / react-i18next 17, ses 2, @stellar/typescript-wallet-sdk-km 3, @blockaid/client 1.4, js-yaml 5, @types/node 26, shadcn 4, amplitude, etc.

Supporting fixes required by the kept bumps:

  • @actions/core v3 is ESM-only → load it via dynamic import() in the chrome-extension-upload action and rebuild the ncc bundle.
  • TypeScript 6 → add ignoreDeprecations: "6.0"; explicit rootDir + node types for @stellar/freighter-api; declare *.scss/*.css modules.
  • ESLint 10 → add @eslint/js as an explicit dep; disable the newly-recommended no-useless-assignment / preserve-caught-error (pre-existing violations, tracked for a follow-up).
  • lavamoat → deny eslint-import-resolver-typescript>unrs-resolver's postinstall (native binary ships via its optional dependency).
  • Pin docs @stellar/freighter-api off the moving latest tag; add a @stellar/freighter-api → workspace:* resolution (needed once typescript-wallet-sdk-km 3 depends on freighter-api 6.0.1, which collides with the local workspace under Yarn hardened mode).

Follow-ups (out of scope here):

  1. Jest 30 / Babel 8 migration (fix the design-system Icon transform, e.g. resolver/babel-config work).
  2. bignumber.js 11 (guard usdValueOf construction, then bump).
  3. Consider ungrouping majors in dependabot.yml so one migration-blocker no longer holds the rest hostage.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

PR Preview build is ready: https://github.com/stellar/freighter/releases/tag/untagged-f4f2154081f632249b7e (SDF collaborators only — install instructions in the release description)

Dependabot left the two @amplitude packages on caret ranges while every
other dependency in the repo is pinned exact. Pin them to the resolved,
tested versions (analytics-browser 2.44.4, experiment-js-client 1.21.2)
so installs are reproducible and can't silently float.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants