[SDK] Update zod dependency to 3.25.67

[joaquim-verges]

---

PR-Codex overview

This PR focuses on updating the zod dependency version across multiple packages to 3.25.67 and includes a patch for thirdweb.

Detailed summary

• Updated zod from 3.25.62 to 3.25.67 in:
  • packages/thirdweb/package.json
  • apps/dashboard/package.json
  • apps/wallet-ui/package.json
  • apps/nebula/package.json
  • apps/playground-web/package.json
  • packages/service-utils/package.json
  • pnpm-lock.yaml
• Added a patch entry for thirdweb in .changeset/fluffy-books-hammer.md.

The following files were skipped due to too many changes: pnpm-lock.yaml

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Chores
  • Updated the "zod" dependency to the latest version across multiple packages for improved stability.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
docs-v2	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 27, 2025 2:46am
nebula	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 27, 2025 2:46am
thirdweb_playground	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 27, 2025 2:46am
thirdweb-www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 27, 2025 2:46am
wallet-ui	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 27, 2025 2:46am

[changeset-bot]

🦋 Changeset detected

Latest commit: 61508b5

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
thirdweb	Patch
@thirdweb-dev/nebula	Patch
@thirdweb-dev/wagmi-adapter	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Walkthrough

This update modifies the thirdweb package and several related apps by upgrading the zod dependency version from 3.25.62 to 3.25.67. No other changes to code, functionality, or public API were made; the update is limited to dependency version bumps and minor formatting adjustments in some package.json files.

Changes

File(s)	Change Summary
.changeset/fluffy-books-hammer.md	Added changelog describing the patch update and dependency bump.
packages/thirdweb/package.json	Updated zod dependency version from 3.25.62 to 3.25.67.
packages/service-utils/package.json	Updated zod dependency version from 3.25.62 to 3.25.67.
apps/dashboard/package.json	Updated zod dependency version from 3.25.62 to 3.25.67.
apps/nebula/package.json	Updated zod dependency version from 3.25.62 to 3.25.67; changed JSON formatting indentation (spaces → tabs).
apps/playground-web/package.json	Updated zod dependency version from 3.25.62 to 3.25.67; changed JSON formatting indentation (spaces → tabs).
apps/wallet-ui/package.json	Updated zod dependency version from 3.25.62 to 3.25.67.

Sequence Diagram(s)

No sequence diagram generated as the changes are limited to dependency version updates.

Possibly related PRs

• update dependencies #7326: Also updates the zod dependency version in multiple package.json files, directly related to the dependency version bump in this PR.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b1fee58 and 61508b5.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (7)

• .changeset/fluffy-books-hammer.md (1 hunks)
• apps/dashboard/package.json (1 hunks)
• apps/nebula/package.json (1 hunks)
• apps/playground-web/package.json (1 hunks)
• apps/wallet-ui/package.json (1 hunks)
• packages/service-utils/package.json (1 hunks)
• packages/thirdweb/package.json (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (7)

• apps/wallet-ui/package.json
• apps/dashboard/package.json
• .changeset/fluffy-books-hammer.md
• packages/service-utils/package.json
• apps/playground-web/package.json
• apps/nebula/package.json
• packages/thirdweb/package.json

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: Size
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Unit Tests
• GitHub Check: Lint Packages
• GitHub Check: Build Packages
• GitHub Check: Analyze (javascript)

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[joaquim-verges]

• [SDK] Update zod dependency to 3.25.67 #7451 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	zod@​3.25.62 ⏵ 3.25.67	+1

View full report

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.changeset/fluffy-books-hammer.md (1)

1-5: Expand the changeset description

The entry is too terse for consumers scanning the changelog.
Consider explicitly noting: “bump zod to 3.25.67 and fix exports map ordering”.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0ac5e59 and 15f14d3.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (2)

• .changeset/fluffy-books-hammer.md (1 hunks)
• packages/thirdweb/package.json (2 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

`packages/thirdweb/*`: Every public symbol in the SDK must have comprehensive TS...

packages/thirdweb/*: Every public symbol in the SDK must have comprehensive TSDoc with at least one @example block that compiles and custom annotation tags (@beta, @internal, @experimental).
Export everything via the exports/ directory, grouped by feature.
Place tests alongside code: foo.ts ↔ foo.test.ts.
Use real function invocations with stub data in tests; avoid brittle mocks.
Use Mock Service Worker (MSW) for fetch/HTTP call interception in tests.
Keep tests deterministic and side-effect free.

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• packages/thirdweb/package.json

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: De-duplicate dependencies across packages through pnpm workspace hoisting.

Learnt from: MananTank
PR: thirdweb-dev/js#7332
File: apps/dashboard/src/app/(app)/(dashboard)/(chain)/[chain_id]/[contractAddress]/public-pages/nft/overview/nft-drop-claim.tsx:82-90
Timestamp: 2025-06-13T13:03:41.732Z
Learning: The thirdweb `contract` object is serializable and can safely be used in contexts (e.g., React-Query keys) that require serializable values.

Learnt from: MananTank
PR: thirdweb-dev/js#7356
File: apps/nebula/src/app/not-found.tsx:1-1
Timestamp: 2025-06-17T18:30:52.976Z
Learning: In the thirdweb/js project, the React namespace is available for type annotations (like React.FC) without needing to explicitly import React. This is project-specific configuration that differs from typical TypeScript/React setups.

.changeset/fluffy-books-hammer.md (2)

Learnt from: MananTank
PR: thirdweb-dev/js#7356
File: apps/nebula/src/app/not-found.tsx:1-1
Timestamp: 2025-06-17T18:30:52.976Z
Learning: In the thirdweb/js project, the React namespace is available for type annotations (like React.FC) without needing to explicitly import React. This is project-specific configuration that differs from typical TypeScript/React setups.

Learnt from: MananTank
PR: thirdweb-dev/js#7298
File: apps/dashboard/src/app/nebula-app/move-funds/move-funds.tsx:424-424
Timestamp: 2025-06-06T23:46:08.795Z
Learning: The thirdweb project has an ESLint rule that restricts direct usage of `defineChain`. When it's necessary to use `defineChain` directly, it's acceptable to disable the rule with `// eslint-disable-next-line no-restricted-syntax`.

packages/thirdweb/package.json (8)

Learnt from: gregfromstl
PR: thirdweb-dev/js#7450
File: packages/thirdweb/src/bridge/Webhook.ts:57-81
Timestamp: 2025-06-26T19:46:04.024Z
Learning: In the onramp webhook schema (`packages/thirdweb/src/bridge/Webhook.ts`), the `currencyAmount` field is intentionally typed as `z.number()` while other amount fields use `z.string()` because `currencyAmount` represents fiat currency amounts in decimals (like $10.50), whereas other amount fields represent token amounts in wei (very large integers that benefit from bigint representation). The different naming convention (`currencyAmount` vs `amount`) reflects this intentional distinction.

Learnt from: MananTank
PR: thirdweb-dev/js#7356
File: apps/nebula/src/app/not-found.tsx:1-1
Timestamp: 2025-06-17T18:30:52.976Z
Learning: In the thirdweb/js project, the React namespace is available for type annotations (like React.FC) without needing to explicitly import React. This is project-specific configuration that differs from typical TypeScript/React setups.

Learnt from: MananTank
PR: thirdweb-dev/js#7332
File: apps/dashboard/src/app/(app)/(dashboard)/(chain)/[chain_id]/[contractAddress]/public-pages/nft/overview/nft-drop-claim.tsx:82-90
Timestamp: 2025-06-13T13:03:41.732Z
Learning: The thirdweb `contract` object is serializable and can safely be used in contexts (e.g., React-Query keys) that require serializable values.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: For multi-platform support, provide platform-specific exports and adapters (e.g., React Native, Node.js, Wagmi, Ethers).

Learnt from: CR
PR: thirdweb-dev/js#0
File: .cursor/rules/dashboard.mdc:0-0
Timestamp: 2025-06-23T13:49:58.951Z
Learning: Prefix server-only files with 'import "server-only";' to prevent them from being included in the client bundle.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: Re-use shared types from @/types or local types.ts barrels.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: Group feature-specific components under feature/components/* with a barrel index.ts.

Learnt from: jnsdls
PR: thirdweb-dev/js#7363
File: apps/dashboard/src/app/(app)/layout.tsx:63-74
Timestamp: 2025-06-18T02:01:06.006Z
Learning: In Next.js applications, instrumentation files (instrumentation.ts or instrumentation-client.ts) placed in the src/ directory are automatically handled by the framework and included in the client/server bundles without requiring manual imports. The framework injects these files as part of the build process.

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: Size
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Unit Tests
• GitHub Check: Build Packages
• GitHub Check: Lint Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (1)

packages/thirdweb/package.json (1)

42-42: Check for workspace-wide zod version consistency

Good to see the patch bump.
However, several other packages in this mono-repo also depend on zod. Please make sure they are upgraded in lock-step, otherwise you’ll get duplicate copies in the store (and runtime type mismatches).

#!/bin/bash
# Find every package.json that still references an older zod.
rg -l '"zod":' --glob='**/package.json' \
  | xargs jq -r '.name + " -> " + (.dependencies.zod // .devDependencies.zod // "")' \
  | grep -v '3.25.67' || true

[coderabbitai]

⚠️ Potential issue

exports condition order is now incorrect – will force ESM imports to load the CJS build

In Node’s resolution algorithm the conditions object is traversed in the order they appear.
Placing "default" before "import" means that:

1. For an ESM import (conditions set contains "import" and "default"),
2. Node hits "default" first and immediately resolves to ./dist/cjs/... (CommonJS),
3. Resulting in the wrong format being loaded (or even a runtime syntax error under "type": "module").

"default" must remain the fallback, i.e. the last key.

Minimal fix pattern (apply to every sub-export):

-      "default": "./dist/cjs/exports/*.js",
-      "import": "./dist/esm/exports/*.js",
+      "import": "./dist/esm/exports/*.js",
+      "default": "./dist/cjs/exports/*.js",

I recommend running a small script to auto-reorder across the file, or revert the earlier ordering that had been working.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In packages/thirdweb/package.json between lines 98 and 123, the "exports" field
has the "default" condition listed before the "import" condition, causing
Node.js to resolve ESM imports to the CommonJS build incorrectly. To fix this,
reorder each export entry so that the "import" condition comes before the
"default" condition, ensuring "default" remains the fallback and is listed last.
Apply this change consistently to all sub-exports in the "exports" object.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
thirdweb (esm)	63.11 KB (-0.1% 🔽)	1.3 s (-0.1% 🔽)	281 ms (+75.41% 🔺)	1.6 s
thirdweb (cjs)	352.61 KB (+0.28% 🔺)	7.1 s (+0.28% 🔺)	1.3 s (+6.48% 🔺)	8.4 s
thirdweb (minimal + tree-shaking)	5.72 KB (0%)	115 ms (0%)	79 ms (+777.4% 🔺)	193 ms
thirdweb/chains (tree-shaking)	530 B (0%)	11 ms (0%)	59 ms (+2048.79% 🔺)	70 ms
thirdweb/react (minimal + tree-shaking)	19.59 KB (-0.1% 🔽)	392 ms (-0.1% 🔽)	97 ms (+258.03% 🔺)	488 ms

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 51.90%. Comparing base (45bb790) to head (61508b5).
Report is 4 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7451      +/-   ##
==========================================
- Coverage   51.92%   51.90%   -0.02%     
==========================================
  Files         947      947              
  Lines       63875    63932      +57     
  Branches     4214     4209       -5     
==========================================
+ Hits        33166    33186      +20     
- Misses      30603    30640      +37     
  Partials      106      106              

Flag	Coverage Δ
packages	51.90% <ø> (-0.02%)	⬇️

see 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

apps/nebula/package.json (1)

1-85: Large whitespace-only diff — consider letting the formatter run instead

Most lines in this file are shown as changed solely because indentation switched from 2 spaces to tabs. It obscures the real dependency tweak and bloats the diff history.

Unless the repo’s formatter config intentionally changed to tabs, revert whitespace-only changes and rely on the formatter/CI to keep style consistent.

apps/playground-web/package.json (1)

1-68: Whitespace-only churn

The switch to tab indentation accounts for the bulk of the diff. If this was unintentional, re-run the project formatter with the repo standard settings before merging.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 15f14d3 and acc4bd1.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (7)

• .changeset/fluffy-books-hammer.md (1 hunks)
• apps/dashboard/package.json (1 hunks)
• apps/nebula/package.json (1 hunks)
• apps/playground-web/package.json (1 hunks)
• apps/wallet-ui/package.json (1 hunks)
• packages/service-utils/package.json (2 hunks)
• packages/thirdweb/package.json (2 hunks)

✅ Files skipped from review due to trivial changes (3)

• apps/dashboard/package.json
• apps/wallet-ui/package.json
• packages/service-utils/package.json

🚧 Files skipped from review as they are similar to previous changes (2)

• .changeset/fluffy-books-hammer.md
• packages/thirdweb/package.json

🧰 Additional context used

📓 Path-based instructions (2)

`apps/playground-web/*`: The playground-web app is an interactive SDK testing environment.

apps/playground-web/*: The playground-web app is an interactive SDK testing environment.

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• apps/playground-web/package.json

`apps/nebula/*`: The nebula app is for account abstraction and smart wallet management.

apps/nebula/*: The nebula app is for account abstraction and smart wallet management.

📄 Source: CodeRabbit Inference Engine (CLAUDE.md)

List of files the instruction was applied to:

• apps/nebula/package.json

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: De-duplicate dependencies across packages through pnpm workspace hoisting.

Learnt from: MananTank
PR: thirdweb-dev/js#7356
File: apps/nebula/src/app/not-found.tsx:1-1
Timestamp: 2025-06-17T18:30:52.976Z
Learning: In the thirdweb/js project, the React namespace is available for type annotations (like React.FC) without needing to explicitly import React. This is project-specific configuration that differs from typical TypeScript/React setups.

Learnt from: gregfromstl
PR: thirdweb-dev/js#7450
File: packages/thirdweb/src/bridge/Webhook.ts:57-81
Timestamp: 2025-06-26T19:46:04.024Z
Learning: In the onramp webhook schema (`packages/thirdweb/src/bridge/Webhook.ts`), the `currencyAmount` field is intentionally typed as `z.number()` while other amount fields use `z.string()` because `currencyAmount` represents fiat currency amounts in decimals (like $10.50), whereas other amount fields represent token amounts in wei (very large integers that benefit from bigint representation). The different naming convention (`currencyAmount` vs `amount`) reflects this intentional distinction.

apps/playground-web/package.json (4)

Learnt from: jnsdls
PR: thirdweb-dev/js#7363
File: apps/dashboard/src/app/(app)/layout.tsx:63-74
Timestamp: 2025-06-18T02:01:06.006Z
Learning: In Next.js applications, instrumentation files (instrumentation.ts or instrumentation-client.ts) placed in the src/ directory are automatically handled by the framework and included in the client/server bundles without requiring manual imports. The framework injects these files as part of the build process.

Learnt from: MananTank
PR: thirdweb-dev/js#7356
File: apps/nebula/src/app/not-found.tsx:1-1
Timestamp: 2025-06-17T18:30:52.976Z
Learning: In the thirdweb/js project, the React namespace is available for type annotations (like React.FC) without needing to explicitly import React. This is project-specific configuration that differs from typical TypeScript/React setups.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: De-duplicate dependencies across packages through pnpm workspace hoisting.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: For multi-platform support, provide platform-specific exports and adapters (e.g., React Native, Node.js, Wagmi, Ethers).

apps/nebula/package.json (3)

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: De-duplicate dependencies across packages through pnpm workspace hoisting.

Learnt from: CR
PR: thirdweb-dev/js#0
File: CLAUDE.md:0-0
Timestamp: 2025-06-25T02:13:08.257Z
Learning: Use pnpm as the package manager and Turborepo for monorepo management.

Learnt from: jnsdls
PR: thirdweb-dev/js#7363
File: apps/dashboard/src/app/(app)/layout.tsx:63-74
Timestamp: 2025-06-18T02:01:06.006Z
Learning: In Next.js applications, instrumentation files (instrumentation.ts or instrumentation-client.ts) placed in the src/ directory are automatically handled by the framework and included in the client/server bundles without requiring manual imports. The framework injects these files as part of the build process.

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: Lint Packages
• GitHub Check: Unit Tests
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Size
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Build Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (2)

apps/nebula/package.json (1)

39-41: Zod patch-level bump looks safe, but double-check for monorepo deduplication

Nothing functionally wrong with moving from 3.25.62 → 3.25.67; it is a patch release.
Two quick sanity checks before merge:

1. Run pnpm why zod at the repo root to confirm every workspace package resolves to 3.25.67 so we don’t pull multiple copies.
2. Skipped lock-file updates often break reproducible CI. If the repo policy still requires committing pnpm-lock.yaml, regenerate it (pnpm i --lockfile-only) and commit in a follow-up.

apps/playground-web/package.json (1)

33-36: Keep zod version in lock-step with the rest of the workspace

Same remark as for nebula: verify that all packages now pick 3.25.67 and there is no accidental mix (e.g., a transitive 3.25.62). Running unit / e2e tests that hit zod schemas will surface any behavioural changes.