[SDK] Update x402 dependency and export additional types

[joaquim-verges]

---

PR-Codex overview

This PR focuses on updating the version of the x402 package and modifying related type exports in the thirdweb package. It also includes updates to dependencies and their versions across several files.

Detailed summary

• Updated x402 version from 0.6.1 to 0.7.0 in package.json.
• Added type exports from x402/types in src/exports/x402.ts.
• Updated various dependencies and their versions in pnpm-lock.yaml and other files.
• Changed zod version from 3.25.75 to 4.1.11 in relevant dependencies.

The following files were skipped due to too many changes: pnpm-lock.yaml

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Dependencies

  • Updated x402 dependency to version 0.7.0

• New Features

  • Added HTTPRequestStructure and Resource type exports

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
docs-v2	Ready	Preview	Comment	Oct 27, 2025 5:12pm
nebula	Ready	Preview	Comment	Oct 27, 2025 5:12pm
thirdweb_playground	Ready	Preview	Comment	Oct 27, 2025 5:12pm
thirdweb-www	Ready	Preview	Comment	Oct 27, 2025 5:12pm
wallet-ui	Ready	Preview	Comment	Oct 27, 2025 5:12pm

[changeset-bot]

🦋 Changeset detected

Latest commit: df98c80

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 4 packages

Name	Type
thirdweb	Patch
@thirdweb-dev/nebula	Patch
@thirdweb-dev/wagmi-adapter	Patch
wagmi-inapp	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[joaquim-verges]

• [SDK] Update x402 dependency and export additional types #8319 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Updates the x402 package dependency from version 0.6.1 to 0.7.0 in the thirdweb package. Re-exports two additional types (HTTPRequestStructure and Resource) from x402/types alongside existing exports. Changes recorded in a new changeset file for versioning.

Changes

Cohort / File(s)	Change Summary
Dependency Update packages/thirdweb/package.json	x402 dependency version bumped from 0.6.1 to 0.7.0
Type Re-exports packages/thirdweb/src/exports/x402.ts	Added HTTPRequestStructure and Resource to exported types from x402/types; existing Money and PaymentMiddlewareConfig exports retained
Release Metadata .changeset/tricky-coats-kick.md	New changeset file documenting a patch release for thirdweb with summary "Update x402 types"

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Small set of related changes (dependency bump, two type re-exports, and a changeset).
• Pay attention to:
  • Verification that the new x402 v0.7.0 types match the re-exported names (HTTPRequestStructure, Resource).
  • package.json lock/update effects (if CI or lockfile updates are required).

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The PR description does not follow the required template structure. Instead of filling out the template sections (title format, Linear issue tag, "Notes for the reviewer," and "How to test"), the description only contains the template comments and an auto-generated PR-Codex summary. While the auto-generated content describes what was changed, it lacks the required sections that help reviewers understand the context, testing approach, and any important considerations. The description is largely incomplete relative to the template requirements.	The PR description should be updated to properly fill out the template sections. Please add a Linear issue tag (TEAM-0000 format) if applicable, provide explicit "Notes for the reviewer" section explaining any important details about the changes, and include a "How to test" section describing the testing approach (unit tests, manual verification, etc.). The auto-generated summary can complement but should not replace the structured template sections.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The pull request title "[SDK] Update x402 dependency and export additional types" directly and clearly summarizes the main changes in the changeset. The title accurately reflects the two primary modifications: the version bump of the x402 dependency from 0.6.1 to 0.7.0, and the addition of two new type exports (HTTPRequestStructure and Resource) to the x402 exports file. The title is concise, specific, and uses clear language without vague terms, making it easy for reviewers scanning the history to understand the purpose of the change.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1da62e0 and df98c80.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (3)

• .changeset/tricky-coats-kick.md (1 hunks)
• packages/thirdweb/package.json (1 hunks)
• packages/thirdweb/src/exports/x402.ts (1 hunks)

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	x402@​0.6.1 ⏵ 0.7.0	+1		+1	+2

View full report

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.88%. Comparing base (bfd3be7) to head (df98c80).
⚠️ Report is 9 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8319      +/-   ##
==========================================
- Coverage   54.90%   54.88%   -0.02%     
==========================================
  Files         919      919              
  Lines       60687    60701      +14     
  Branches     4135     4132       -3     
==========================================
- Hits        33319    33318       -1     
- Misses      27267    27281      +14     
- Partials      101      102       +1     

Flag	Coverage Δ
packages	54.88% <ø> (-0.02%)	⬇️
see 3 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
thirdweb (esm)	64.55 KB (0%)	1.3 s (0%)	320 ms (+212.68% 🔺)	1.7 s
thirdweb (cjs)	366.18 KB (0%)	7.4 s (0%)	1.2 s (+12.55% 🔺)	8.5 s
thirdweb (minimal + tree-shaking)	5.73 KB (0%)	115 ms (0%)	175 ms (+3458.16% 🔺)	290 ms
thirdweb/chains (tree-shaking)	526 B (0%)	11 ms (0%)	181 ms (+7024.22% 🔺)	191 ms
thirdweb/react (minimal + tree-shaking)	19.09 KB (0%)	382 ms (0%)	175 ms (+2476.58% 🔺)	557 ms