update dependencies

[jnsdls]

Summary by CodeRabbit

• Chores
  • Updated dependencies and development tools across multiple apps and packages to newer versions, including Next.js, Storybook, TypeScript type definitions, and various linting and utility tools.
  • Made minor configuration and formatting improvements to project files.
  • No changes to application features or user-facing functionality.

---

PR-Codex overview

This PR primarily focuses on updating various package dependencies across multiple projects, ensuring compatibility with newer versions and improving overall stability and performance.

Detailed summary

• Updated @hey-api/openapi-ts from 0.67.0 to 0.67.5.
• Updated @cloudflare/workers-types from 4.20250421.0 to 4.20250520.0.
• Updated next from 15.3.1 to 15.3.2.
• Updated React type definitions (@types/react, @types/react-dom) to newer versions.
• Updated knip versions across multiple packages.
• Adjusted file structure in knip.json for better organization.
• Updated various Storybook and ESLint configurations to newer versions.
• Improved ignore patterns in knip.json for better dependency management.

The following files were skipped due to too many changes: pnpm-lock.yaml

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
docs-v2	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2025 6:55pm
login	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2025 6:55pm
thirdweb_playground	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2025 6:55pm
thirdweb-www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2025 6:55pm
wallet-ui	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 20, 2025 6:55pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: b9a8455

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

This update consists of dependency version bumps and minor configuration adjustments across multiple package.json and knip.json files in various applications and packages. No code logic or public API changes are present. The changes are limited to upgrading frameworks, type definitions, linting tools, and development utilities, with some minor formatting updates in configuration files.

Changes

File(s)	Change Summary
apps/dashboard/package.json apps/login/package.json apps/playground-web/package.json apps/portal/package.json apps/wallet-ui/package.json	Bumped Next.js, ESLint plugins, React type definitions, knip, and Storybook packages to newer patch/minor versions.
packages/thirdweb/package.json	Upgraded Storybook packages, @types/react, @vitest/ui, knip; reformatted "typesVersions" and corrected react-native path.
packages/engine/package.json packages/insight/package.json	Upgraded @hey-api/openapi-ts devDependency to 0.67.5; insight also reformatted "files" array.
packages/service-utils/package.json	Updated @cloudflare/workers-types devDependency to 4.20250520.0.
apps/portal/knip.json	Removed "@types/mdx" from "ignoreDependencies".
packages/thirdweb/knip.json	Expanded "entry" array; added ignore pattern for **/*.bench.ts; removed @size-limit/preset-big-lib from ignoreDependencies; reformatted arrays.

Sequence Diagram(s)

No sequence diagrams are generated, as the changes are limited to dependency upgrades and configuration updates without affecting application control flow or introducing new features.

Note

⚡️ AI Code Reviews for VS Code, Cursor, Windsurf

CodeRabbit now has a plugin for VS Code, Cursor and Windsurf. This brings AI code reviews directly in the code editor. Each commit is reviewed immediately, finding bugs before the PR is raised. Seamless context handoff to your AI code agent ensures that you can easily incorporate review feedback.
Learn more here.

---

Note

⚡️ Faster reviews with caching

CodeRabbit now supports caching for code and dependencies, helping speed up reviews. This means quicker feedback, reduced wait times, and a smoother review experience overall. Cached data is encrypted and stored securely. This feature will be automatically enabled for all accounts on May 16th. To opt out, configure Review - Disable Cache at either the organization or repository level. If you prefer to disable all data retention across your organization, simply turn off the Data Retention setting under your Organization Settings.
Enjoy the performance boost—your workflow just got faster.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 37bede2 and b9a8455.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (11)

• apps/dashboard/package.json (3 hunks)
• apps/login/package.json (2 hunks)
• apps/playground-web/package.json (2 hunks)
• apps/portal/knip.json (0 hunks)
• apps/portal/package.json (2 hunks)
• apps/wallet-ui/package.json (2 hunks)
• packages/engine/package.json (1 hunks)
• packages/insight/package.json (1 hunks)
• packages/service-utils/package.json (1 hunks)
• packages/thirdweb/knip.json (1 hunks)
• packages/thirdweb/package.json (3 hunks)

💤 Files with no reviewable changes (1)

• apps/portal/knip.json

✅ Files skipped from review due to trivial changes (1)

• packages/thirdweb/package.json

🚧 Files skipped from review as they are similar to previous changes (9)

• packages/insight/package.json
• packages/engine/package.json
• packages/thirdweb/knip.json
• apps/login/package.json
• packages/service-utils/package.json
• apps/portal/package.json
• apps/wallet-ui/package.json
• apps/playground-web/package.json
• apps/dashboard/package.json

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Unit Tests
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Build Packages
• GitHub Check: Lint Packages
• GitHub Check: Size
• GitHub Check: Analyze (javascript)

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[jnsdls]

• update dependencies #7098 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	eslint-config-next@​15.3.1 ⏵ 15.3.2
	@​next/​eslint-plugin-next@​15.3.1 ⏵ 15.3.2
	@​types/​papaparse@​5.3.15 ⏵ 5.3.16	+1		+1
	@​types/​react-dom@​19.1.2 ⏵ 19.1.5	+1		+1	-1
	@​storybook/​nextjs@​8.6.12 ⏵ 8.6.14	+1		+1	+1
	@​vitest/​ui@​3.1.2 ⏵ 3.1.4	+1			+2
	@​storybook/​addon-viewport@​8.6.12 ⏵ 8.6.14				+4
	@​storybook/​blocks@​8.6.12 ⏵ 8.6.14				+4
	@​types/​react@​19.1.2 ⏵ 19.1.4				-1
	next@​15.3.1 ⏵ 15.3.2	+1		+1
	storybook@​8.6.12 ⏵ 8.6.14
	@​storybook/​test@​8.6.12 ⏵ 8.6.14
	@​storybook/​addon-onboarding@​8.6.12 ⏵ 8.6.14				+1
	@​storybook/​addon-essentials@​8.6.12 ⏵ 8.6.14				+4
	@​storybook/​addon-interactions@​8.6.12 ⏵ 8.6.14			+1	+4
	knip@​5.50.5 ⏵ 5.56.0	+1		+1
	@​next/​bundle-analyzer@​15.3.1 ⏵ 15.3.2
	eslint-plugin-mdx@​3.4.0 ⏵ 3.4.2	+1			+3
	@​hey-api/​openapi-ts@​0.67.0 ⏵ 0.67.5	+1		+1	+1
	@​storybook/​addon-links@​8.6.12 ⏵ 8.6.14
	@​cloudflare/​workers-types@​4.20250421.0 ⏵ 4.20250520.0			+1	+1

View full report

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

packages/engine/package.json (1)

34-34: DevDependency version bump: @hey-api/openapi-ts → 0.67.5
The devDependency has been updated from 0.67.0 to 0.67.5. Please verify that this patch upgrade doesn’t introduce breaking changes by reviewing the changelog and running pnpm build:generate to regenerate OpenAPI typings.

Consider hoisting shared devDependencies (like @hey-api/openapi-ts) to the root workspace package.json to centralize version management and avoid repeated updates across sub-packages.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e6213db and 37bede2.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (11)

• apps/dashboard/package.json (3 hunks)
• apps/login/package.json (2 hunks)
• apps/playground-web/package.json (2 hunks)
• apps/portal/knip.json (0 hunks)
• apps/portal/package.json (2 hunks)
• apps/wallet-ui/package.json (2 hunks)
• packages/engine/package.json (1 hunks)
• packages/insight/package.json (1 hunks)
• packages/service-utils/package.json (1 hunks)
• packages/thirdweb/knip.json (1 hunks)
• packages/thirdweb/package.json (3 hunks)

💤 Files with no reviewable changes (1)

• apps/portal/knip.json

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Unit Tests
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Size
• GitHub Check: Lint Packages
• GitHub Check: Build Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (33)

packages/insight/package.json (2)

26-29: Reformat files array for readability and consistency
The files field was reformatted from a single-line array to a multi-line layout, aligning with the structure used in other packages (e.g., engine). This improves clarity when reviewing diffs and editing the list.

---

34-34: DevDependency version bump: @hey-api/openapi-ts → 0.67.5
Upgraded @hey-api/openapi-ts from 0.67.0 to 0.67.5. Ensure the lockfile is updated and validate the change by running pnpm build:generate to regenerate and inspect the OpenAPI typings.

apps/login/package.json (3)

28-28: Upgrade Next.js to 15.3.2
This patch upgrade keeps us on the latest Next.js version; ensure there are no unexpected deprecations.

---

41-42: Bump React type definitions to match React 19
Updating @types/react and @types/react-dom to 19.1.x aligns with React 19.1.0.

---

44-44: Update ESLint Next.js config
Upgrading eslint-config-next to 15.3.2 to match the Next.js core version.

apps/wallet-ui/package.json (4)

23-23: Upgrade Next.js to 15.3.2
Patch bump in line with other apps—no breaking changes expected.

---

37-37: Update ESLint Next.js plugin
Bumping @next/eslint-plugin-next to 15.3.2 for consistency with Next.js.

---

39-40: Synchronize React typings
@types/react and @types/react-dom now at 19.1.x to match React version.

---

46-46: Bump knip to 5.56.0
Updating dependency tracker to the latest version.

apps/playground-web/package.json (4)

35-35: Upgrade Next.js to 15.3.2
Standard patch update across all web apps.

---

54-55: Align React type definitions with core
Updating to @types/react 19.1.4 and @types/react-dom 19.1.5 alongside React 19.1.0.

---

59-59: Update ESLint Next.js config
Bumping eslint-config-next to 15.3.2 to mirror the Next.js version.

---

61-61: Upgrade knip to 5.56.0
Keeping dependency analysis tooling up to date.

apps/portal/package.json (5)

40-40: Upgrade Next.js to 15.3.2
Patch-level bump ensures consistency with other apps.

---

60-60: Update ESLint Next.js plugin
@next/eslint-plugin-next now matches Next.js 15.3.2.

---

65-66: Bump React type definitions
Aligning @types/react and @types/react-dom to 19.1.x for consistency.

---

74-74: Upgrade MDX ESLint plugin
eslint-plugin-mdx moved from 3.4.0 to 3.4.2, ensure no new linting issues.

---

77-77: Bump knip to 5.56.0
Updating to the latest version of dependency tracker.

apps/dashboard/package.json (7)

74-74: Upgrade Next.js to 15.3.2
Standard patch upgrade; confirm build performance is unaffected.

---

113-114: Update Next.js analyzer and ESLint plugin
@next/bundle-analyzer and @next/eslint-plugin-next now match core Next.js version.

---

116-124: Bump Storybook packages to 8.6.14
Coordinated patch updates for Storybook addons and core—no breaking changes expected.

---

127-127: Update PapaParse type definitions
@types/papaparse bumped to ^5.3.16; aligns with papaparse ^5.5.2.

---

130-131: Align React typings with React 19
Updated @types/react and @types/react-dom to 19.1.x for consistency.

---

143-143: Upgrade knip to 5.56.0
Dependency analysis tooling updated.

---

146-146: Update Storybook CLI
storybook package moved to 8.6.14; verify CLI commands still function.

packages/thirdweb/knip.json (3)

3-8: Approve explicit multi-line entries and new batch-transaction path.

Listing "src/transaction/actions/send-batch-transaction.ts" in the entry array improves clarity and ensures this file is scanned by knip. The multi-line formatting also enhances readability.

---

10-10: Approve ignoring benchmark files (**/*.bench.ts).

Adding **/*.bench.ts to the ignore array prevents benchmark scripts from being flagged, which aligns with typical knip usage.

---

12-17: Inconsistent AI summary: @size-limit/preset-big-lib removal not reflected.

The AI summary mentioned removing @size-limit/preset-big-lib from ignoreDependencies, but this file’s ignoreDependencies section never included it. Please verify whether this dependency should be added or removed here.

Likely an incorrect or invalid review comment.

packages/thirdweb/package.json (4)

326-330: Verify compatibility of Storybook v8.6.14 upgrades.

You’ve bumped several Storybook packages (addon-essentials, addon-interactions, addon-links, addon-onboarding, core @storybook/react, and @storybook/test, plus the CLI storybook) to 8.6.14. Ensure these updates don’t introduce breaking changes:

• Run Storybook locally (npm run storybook) and inspect for regressions.
• Execute the static build (npm run build-storybook) in CI to confirm it still succeeds.

Also applies to: 332-332, 362-362

---

338-338: Approve @types/react bump to 19.1.4.

Updating React type definitions to 19.1.4 aligns with the React version in devDependencies and includes important type fixes.

---

342-342: Approve @vitest/ui bump to 3.1.4.

The UI plugin for Vitest has been updated to match the core vitest version, ensuring better cohesion in your test runner UI.

---

349-349: Approve knip bump to 5.56.0.

Upgrading knip to 5.56.0 corresponds with the updated knip.json configuration and brings in the latest file-analysis improvements.

packages/service-utils/package.json (1)

53-53:

❓ Verification inconclusive

Approve bump and verify published version
The @cloudflare/workers-types devDependency has been updated from 4.20250421.0 to 4.20250520.0. This aligns with the PR’s goal to keep types up to date. Please confirm that this version is published on npm and review any breaking changes in the release notes.

---

🏁 Script executed:

#!/usr/bin/env bash
# Verify that the bumped version exists on npm
npm view @cloudflare/[email protected] version

Length of output: 70

---

Approve bump: version 4.20250520.0 confirmed on npm
Version 4.20250520.0 of @cloudflare/workers-types has been published. Please review the release notes for any breaking changes before merging.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
thirdweb (esm)	56.57 KB (-0.03% 🔽)	1.2 s (-0.03% 🔽)	102 ms (+193.22% 🔺)	1.3 s
thirdweb (cjs)	309.52 KB (+1.67% 🔺)	6.2 s (+1.67% 🔺)	305 ms (+12.26% 🔺)	6.5 s
thirdweb (minimal + tree-shaking)	5.69 KB (0%)	114 ms (0%)	47 ms (+1575.49% 🔺)	161 ms
thirdweb/chains (tree-shaking)	531 B (0%)	11 ms (0%)	9 ms (+880.15% 🔺)	20 ms
thirdweb/react (minimal + tree-shaking)	19.5 KB (-0.08% 🔽)	390 ms (-0.08% 🔽)	49 ms (+795.31% 🔺)	439 ms

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 55.81%. Comparing base (e6213db) to head (b9a8455).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7098   +/-   ##
=======================================
  Coverage   55.80%   55.81%           
=======================================
  Files         900      900           
  Lines       57848    57848           
  Branches     4062     4067    +5     
=======================================
+ Hits        32283    32288    +5     
+ Misses      25459    25454    -5     
  Partials      106      106           

Flag	Coverage Δ
packages	55.81% <ø> (+<0.01%)	⬆️

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.