chore(deps-dev): bump eslint from 9.39.4 to 10.4.0#5
Closed
dependabot[bot] wants to merge 37 commits into
Closed
Conversation
ChainId union (5 EVM chains), NetworkConfig, PaymentProof, PaymentRequiredResponse, FrameContext, FrameState. Zero runtime deps. pnpm build produces dist/ with .js + .d.ts. npm pack --dry-run clean.
… (T-3) Pins rust-toolchain to 1.85.0 (minimum for edition 2024; 1.84.1 from previous dispatch was incompatible). cargo build --release + cargo test (1/1) both green. npm pack --dry-run succeeds.
…confirmed Corpus: 20 synthetic invoices via TS reference codec (140–564 B uncompressed, median 193 B). Brotli-wasm q=11 median compressed: 185 B — Plan-C NOT triggered. WASM blob measurements (wasm-pack 0.13.1 + wasm-opt -Oz, Rust 1.85.0): A (brotli-decompressor decoder-only): ~196 KB blob / ~201 KB pkg total B (brotli v7 full encoder+decoder): ~953 KB blob / ~959 KB pkg total C (brotli v7 no-stdlib): ≈ B — no decoder-only feature gate in v7 Verdict: B-i RULED OUT. B-iv CONFIRMED — Rust ships brotli-decompressor only; encode-wire is native JS-side. Matches Ignat pre-decision. Cargo.toml unchanged (T-P2-1 owns deps).
…th (T-P2-0b follow-up)
dependabot
Bot
added
dependencies
dependabot
Bot
added
dependencies
…eplan T-P2-7 deleted. B-iv (decode in Rust) measured at ~196 KB WASM blob vs the 80 KB hard cap. brotli-decompressor mandates a ~120 KB static dictionary with no decoder-only feature gate. B-v LOCKED: WASM ships TLV+keccak core only. Both compress and decompress live in the JS shim layer over brotli-wasm peerDep. Wire bytes unchanged (brotli-wasm q11 = same compressor as TS codec). Removes: brotli-decompressor v4.0.3, alloc-stdlib v0.2.2, alloc-no-stdlib v2.0.4 Cargo.lock staged with Cargo.toml per Phase 1 rule F-3.
Replace `map(|b| format!("{b:02x}")).collect::<String>()` with
`fold + write!` pattern in arb_wallet_address and arb_invoice.
cargo clippy --all-targets --all-features -- -D warnings now exits 0.
Implements the canonical-only Rust surface per B-v replan: - encode_invoice_canonical → TLV bytes, COMPRESSED_FLAG never set - decode_invoice_canonical → Invoice from canonical bytes, rejects 0x80 - lib.rs: exports 2 canonical fns + compute_content_hash; no wire variants - wasm.rs: exactly 2 #[wasm_bindgen] exports (encodeInvoiceCanonical / decodeInvoiceCanonical); BigInt-safe via serde_large_number_types_as_bigints - invoice.rs: Invoice/InvoiceFrom/InvoiceClient/InvoiceItem with Tsify + serde - encode.rs: TLV type registry, phf dict, mantissa/LEB128 encoding, domain sep - decode.rs: full TLV decode, domain separator verify, BigInt-safe mantissa No brotli dep in Rust. Wire compression lives in JS shim (src/index.ts).
Removed tsify (gloo-utils, web-sys, serde_json) and serde_json from [dependencies] — not needed since wasm.rs uses JsValue + serde_wasm_bindgen directly. Invoice structs keep Serialize+Deserialize for serde_wasm_bindgen. WASM blob after wasm-pack release build: 163 KB (hard cap 80 KB exceeded). Size checkpoint FAILED — see T-P2-7-alt final report for Kai escalation.
…7-alt) - src/index.ts: 4-name public API — encodeInvoiceCanonical/decodeInvoiceCanonical re-exported from WASM, encodeInvoiceWire/decodeInvoiceWire over brotli-wasm peerDep (COMPRESSED_FLAG + expand-fallback mirror reference compressPayload) - vitest.config.ts: vite-plugin-wasm + top-level-await; brotli-wasm aliased to the CJS node build for the Node test env - package.json: dist/ shim is the main entry (was raw WASM pkg); build runs wasm-pack then tsc, strips wasm-pack's pkg/.gitignore so pkg/ ships - 6 shim tests green (canonical + wire roundtrip, COMPRESSED_FLAG set/clear)
Iris Gate A2 flagged cargo fmt --check failures across 5 files (purely stylistic — line wrapping, import ordering, no logic change). fmt now clean; 81 Rust tests still green.
- wasm.rs: #[wasm_bindgen(js_name = receiptHash)] export - wasm_boundary.rs: boundary test (32-byte digest, deterministic) - index.ts: re-export receiptHash - Decision: receipt_hash ships in Phase 2 (plan-2c C6, Ignat 2026-05-20)
… (T-P2-9c) - proptest -> [target.'cfg(not(target_arch = "wasm32"))'.dev-dependencies] - getrandom 0.3 / wait-timeout don't build for wasm32; proptest must leave the wasm32 test graph - cfg-gate proptest-using test files to cfg(not(wasm32)) - wasm-pack test --node now compiles -> AC-9 boundary tests executable - see spec 056 plan-2c C8
…2-9b-fix) - drop #[wasm_bindgen(module = "/pkg/...")] extern block — a wasm_bindgen_test must not re-import the built JS bundle - call void_layer_codec::compute_content_hash directly, like bigint_boundary.rs - add receiptHash JS-export coverage to index.test.ts - fix pre-existing TS18046 errors on decoded: unknown (add DecodedInvoice cast) - fixes ERR_MODULE_NOT_FOUND under wasm-pack test --node
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/eslint-10.4.0
branch
from
f134a4e to
dcfd55f
Compare
- codec build script invokes `wasm-pack build` since B-v (a1e6753); lint-and-build ran `pnpm -r build` without wasm-pack on the runner - pin wasm-pack 0.14.1 per Phase 1 D-A5 - add explicit `rustup target add wasm32-unknown-unknown` before install - fixes CI run 26179858633 'wasm-pack: not found'
- mantissa_bytes parses amounts as U256 (ruint) — matches the TS BigInt reference; covers the on-chain uint256 domain - decode reconstructs U256; removes the silent u128::MAX saturation bug - InvalidAmount error variant replaces miscategorised CompressionFailed - byte-identical output for amounts <= u128::MAX (parity preserved) - decision: codec amount domain = U256 (Ignat 2026-05-20)
- 1 minimal + 5 chain-selectors + 4 bigint-edges + 3 extensions + 4 malformed - bigint edges: 0, 1, uint256-max (encodes), over-u256 (InvalidAmount) - TS generator over the U256 codec; Kai-reviewed (2 rounds) - two malformed subtypes: decode-input (hex) + encode-input (payload) - generator excluded from `pnpm test` (vitest scripts/** exclude) - append-only forever; schema_version locked at 1 per D-R6.1 Co-Authored-By: kai-cto <kai@void-layer.local>
…12 follow-up) - malformed-varint-overflow relabelled: the old hex triggers ChecksumMismatch (no valid domain-separator TLV), not VarintOverflow -> kept as new vector `malformed-checksum-mismatch` - new `malformed-varint-overflow`: overflow moved into the TLV length-varint, hit during structural decode before the checksum check -> genuinely yields VarintOverflow (Kai-reviewed) - 18 golden vectors total - pnpm-lock.yaml: @types/node lockfile entry missed by e7b0340
- parity.test.ts: TS/JS surface, canonical + wire, both directions - parity.rs: Rust surface, canonical only (no wire encoder per B-v C3) - ci.yml: vector-parity job - 18/18 golden vectors pass parity on both surfaces - malformed vectors assert expected CodecError variant
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/eslint-10.4.0
branch
from
dcfd55f to
f89b7db
Compare
- scripts/assert-size.sh: WASM gzip <80KB + tarball <200KB hard gate - ci.yml: assert-size + test-wasm-node jobs - test-wasm-node gates the AC-9 boundary tests (prev. ungated — C8)
…(T-P2-15) - docs/bundle-budget.md: measured gzip/tarball numbers (B-v, post-U256) - hygiene grep: no panic/unwrap on user-input src paths (all in #[cfg(test)]) - Cargo.toml + package.json + Cargo.lock bumped to 0.1.0 lockstep (F13) - cargo publish NOT invoked; npm publish lands in Phase 3
Bumps [eslint](https://github.com/eslint/eslint) from 9.39.4 to 10.4.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.4...v10.4.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.4.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/eslint-10.4.0
branch
from
f89b7db to
9bbe126
Compare
Contributor
|
Закрыт: base main перемотан на commit #0 для полного project-review PR. Dependabot пересоздаст после мерджа #7. |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
ignromanov
added a commit
that referenced
this pull request
May 22, 2026
…ch Rust schema field-for-field Mismatches fixed vs packages/codec/src/invoice.rs: - InvoiceParty used for both from/client; Rust has distinct InvoiceFrom (wallet required) and InvoiceClient (wallet optional) - Missing optional fields on both: phone, physical_address, tax_id - Invoice missing token_address optional field Tests updated: InvoiceParty test replaced with InvoiceFrom + InvoiceClient tests covering all fields and correct optionality. token_address optional test added. Closes #5
ignromanov
added a commit
that referenced
this pull request
May 25, 2026
…s.rs (R5) Removes inline const from decode/amount.rs::unpack_items and local MAX_SCALE from encode/amount.rs; both sides import from crate::limits. Single source of truth for scale cap. Per Audit A #5.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps eslint from 9.39.4 to 10.4.0.
Release notes
Sourced from eslint's releases.
... (truncated)
Commits
452c40110.4.0b6417e8Build: changelog update for 10.4.06616856chore: upgrade knip to v6 (#20875)d13b084ci: ensure auto-created PRs run CI (#20860)7e52a71docs: add mention of@eslint-react/eslint-plugin(#20869)e71c7afci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862)544c0c3fix: escape code path DOT labels in debug output (#20866)db3468bdocs: tweak wording around ambiguous CJS-vs-ESM config (#20865)d84393dtest: add unit tests for SuppressionsService.applySuppressions() (#20863)9084664docs: Update README