Bump esbuild from 0.21.5 to 0.27.3 in the npm_and_yarn group across 1 directory#10
Open
dependabot[bot] wants to merge 18 commits intomainfrom
Open
Bump esbuild from 0.21.5 to 0.27.3 in the npm_and_yarn group across 1 directory#10dependabot[bot] wants to merge 18 commits intomainfrom
dependabot[bot] wants to merge 18 commits intomainfrom
Conversation
Updated README.md to reflect new version and testnet status.
- Implement Clarigen v4.0.1 for type-safe contract testing - Add 60 comprehensive tests covering core, admin, and security features - Configure Vitest with coverage reporting - Create TESTING.md and TESTING_SUMMARY.md documentation - Update README with testing section, prerequisites, and installation - Add custom Clarity matchers for type-safe assertions All tests passing. Ready for audit phase.
Scaffold Next.js 14 app in web/ with @stacks/connect v8 wallet integration, @stacks/transactions v7 read-only contract calls against the live testnet deployment, and a dark-themed dashboard showing protocol stats with 30s auto-refresh. Polish README with integration guide, Stacks JS code snippets, and streamlined project documentation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add nul and tmpclaude-* patterns to root .gitignore to prevent temporary files from appearing in git status. Track web/.gitignore for Vercel build artifacts. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fetch fee rate dynamically from flashstack-core instead of hardcoding - Add total-operations and total-volume tracking data vars - Add remove-vault admin function for vault management - Add is-vault-authorized and get-owner read-only functions - Add apy-boost calculation to calculate-leverage-benefit - Rename mock functions for clarity (mock-deposit-to-vault, etc.) - Improve variable naming throughout (user-capital, flash-fees, etc.) - Add comprehensive inline documentation and TODO markers Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bug fix: sbtc-token mint/burn now checks contract-caller (not tx-sender) for flash-minter authorization. This fixes cross-contract flash mint calls where tx-sender is the user, not the calling contract. Tests added (86 total, up from 60): - Successful end-to-end flash mint execution - Flash mint result data validation - Stats accumulation after successful mints - Zero sBTC supply after mint-burn cycle - Multiple sequential loans with incremental IDs - Admin transfer revokes old admin privileges - Boundary value collateral tests (exact boundary, one-below) - Single loan limit boundary tests - sbtc-token mint/burn/transfer authorization - SNP receiver v3 leverage benefit calculator - SNP receiver v3 stats and owner queries Also: Register snp-flashstack-receiver-v3 in Clarinet.toml, fix CRLF line endings in contract files. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New page at /flash-loan with: - Loan amount input with real-time fee calculation preview - Receiver contract dropdown (8 deployed receivers) - Collateral check warning when exceeding max flash amount - Transaction submission via @stacks/connect request API - Success/error status with Explorer link - Protocol stats display (fee rate, max flash, total mints) Also: - Sidebar now uses usePathname for active route highlighting - Header title updates dynamically per page - Receiver contracts list added to config Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CI: Replace stub pipeline with real test execution and frontend build - Contract tests run via npm test (86 tests) - Frontend build verification via npm run build README: - Update test count: 60 -> 86 - Update contract count: 12 -> 15 - Add flash loan execution UI to frontend features - Add live deployment link (flashstack.vercel.app) - Add SNP receiver v3 to receiver examples table - Expand test coverage description Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove `as const` from RECEIVER_CONTRACTS array to prevent literal type narrowing that caused type mismatch in FlashLoanForm. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Both CI jobs failed because package-lock.json was in .gitignore. npm ci requires lock files to exist. Now tracking both root and web/ lock files. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Track settings/Devnet.toml (standard Clarinet test accounts, required for simnet initialization in CI) - Add .gitattributes to enforce LF line endings for .clar files (Clarinet rejects CRLF) - Fix flashstack-test.ts simnet reference (must be inside test block, not at module level) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Prevents Next.js 14→15/16, React 18→19, and esbuild major/minor upgrade PRs that require migration work. Allows patch and security updates through automatically. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bumps [next](https://github.com/vercel/next.js) from 14.2.28 to 14.2.35. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.28...v14.2.35) --- updated-dependencies: - dependency-name: next dependency-version: 14.2.35 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Use wildcard ignore to prevent any major version PRs across all dependencies. Only patch and minor updates will be proposed. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…-14.2.35 Bump next from 14.2.28 to 14.2.35 in /web
Bumps the npm_and_yarn group with 1 update in the / directory: [esbuild](https://github.com/evanw/esbuild). Updates `esbuild` from 0.21.5 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md) - [Commits](evanw/esbuild@v0.21.5...v0.27.3) --- updated-dependencies: - dependency-name: esbuild dependency-version: 0.27.3 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 1 update in the / directory: esbuild.
Updates
esbuildfrom 0.21.5 to 0.27.3Release notes
Sourced from esbuild's releases.
... (truncated)
Changelog
Sourced from esbuild's changelog.
... (truncated)
Commits
9129e00publish 0.27.3 to npme20e411small fix to release notes0dc0f2dfix #4322: parse and print CSS@scoperules55fe391update firefox css gradient support2c35297update gradient lowering transform9209e44Update Go to 1.25.7 (#4388)e8d861bclose #4374: compat table for theusingfeature19b8887no longer needwilliamkapke/node-compat-table7e44218thekangax/compat-tablerepo moved to a new url23b9338runmake update-compat-tableMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.