From 6ae67f35465f67c810c0f4dd913b5f6db95a2dca Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 19 Dec 2025 03:32:10 +0000 Subject: [PATCH 1/2] fix: upgrade dotenv from 16.4.7 to 16.6.1 Snyk has created this PR to upgrade dotenv from 16.4.7 to 16.6.1. See this package in pnpm: dotenv See this project in Snyk: https://app.snyk.io/org/smsdao/project/bd064e83-f2aa-4c6e-82ee-1155af3d9107?utm_source=github&utm_medium=referral&page=upgrade-pr --- examples/discord-bot-starter/package.json | 2 +- examples/discord-bot-starter/pnpm-lock.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/examples/discord-bot-starter/package.json b/examples/discord-bot-starter/package.json index c4d154f65..1c88808d5 100644 --- a/examples/discord-bot-starter/package.json +++ b/examples/discord-bot-starter/package.json @@ -11,7 +11,7 @@ "author": "dimitrov-d", "dependencies": { "discord.js": "^14.17.2", - "dotenv": "^16.4.7", + "dotenv": "^16.6.1", "solana-agent-kit": "^1.3.4" }, "devDependencies": { diff --git a/examples/discord-bot-starter/pnpm-lock.yaml b/examples/discord-bot-starter/pnpm-lock.yaml index af15a8b13..53d3e3119 100644 --- a/examples/discord-bot-starter/pnpm-lock.yaml +++ b/examples/discord-bot-starter/pnpm-lock.yaml @@ -12,8 +12,8 @@ importers: specifier: ^14.17.2 version: 14.17.2(bufferutil@4.0.9)(utf-8-validate@5.0.10) dotenv: - specifier: ^16.4.7 - version: 16.4.7 + specifier: ^16.6.1 + version: 16.6.1 solana-agent-kit: specifier: ^1.3.4 version: 1.3.4(@noble/hashes@1.7.0)(axios@1.7.9)(borsh@2.0.0)(buffer@6.0.3)(bufferutil@4.0.9)(fastestsmallesttextencoderdecoder@1.0.22)(sodium-native@3.4.1)(typescript@5.7.2)(utf-8-validate@5.0.10) @@ -1966,8 +1966,8 @@ packages: resolution: {integrity: sha512-rlBi9d8jpv9Sf1klPjNfFAuWDjKLwTIJJ/VxtoTwIR6hnZxcEOQCZg2oIL3MWBYw5GpUDKOEnND7LXTbIpQ03Q==} engines: {node: '>=10'} - dotenv@16.4.7: - resolution: {integrity: sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==} + dotenv@16.6.1: + resolution: {integrity: sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==} engines: {node: '>=12'} dunder-proto@1.0.1: @@ -6442,7 +6442,7 @@ snapshots: dotenv@10.0.0: {} - dotenv@16.4.7: {} + dotenv@16.6.1: {} dunder-proto@1.0.1: dependencies: @@ -8064,7 +8064,7 @@ snapshots: bs58: 6.0.0 chai: 5.1.2 decimal.js: 10.4.3 - dotenv: 16.4.7 + dotenv: 16.6.1 form-data: 4.0.1 langchain: 0.3.9(@langchain/core@0.3.27(openai@4.77.3(zod@3.24.1)))(@langchain/groq@0.1.2(@langchain/core@0.3.27(openai@4.77.3(zod@3.24.1))))(axios@1.7.9)(openai@4.77.3(zod@3.24.1)) openai: 4.77.3(zod@3.24.1) From 291e25fde6808aa99e2a875134bc4c92596166e3 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 9 May 2026 20:26:44 +0000 Subject: [PATCH 2/2] fix: align root dotenv version with upgraded example Agent-Logs-Url: https://github.com/SMSDAO/solana-agent-kit/sessions/d8d578ce-0802-447a-8a11-c46f1e0dacaf Co-authored-by: SMSDAO <144380926+SMSDAO@users.noreply.github.com> --- package.json | 4 ++-- pnpm-lock.yaml | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index d7ee54664..3b7929672 100644 --- a/package.json +++ b/package.json @@ -85,7 +85,7 @@ "bs58": "^6.0.0", "chai": "^5.1.2", "decimal.js": "^10.4.3", - "dotenv": "^16.4.7", + "dotenv": "^16.6.1", "ethers": "^6.13.5", "flash-sdk": "^2.24.3", "form-data": "^4.0.1", @@ -111,4 +111,4 @@ "typescript": "^5.7.2" }, "packageManager": "pnpm@9.15.3" -} \ No newline at end of file +} diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index bfe78d3f1..73d96ec50 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -156,8 +156,8 @@ importers: specifier: ^10.4.3 version: 10.4.3 dotenv: - specifier: ^16.4.7 - version: 16.4.7 + specifier: ^16.6.1 + version: 16.6.1 ethers: specifier: ^6.13.5 version: 6.13.5(bufferutil@4.0.9)(utf-8-validate@5.0.10) @@ -2466,8 +2466,8 @@ packages: resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} engines: {node: '>=12'} - dotenv@16.4.7: - resolution: {integrity: sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==} + dotenv@16.6.1: + resolution: {integrity: sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==} engines: {node: '>=12'} dunder-proto@1.0.1: @@ -6258,7 +6258,7 @@ snapshots: bn-sqrt: 1.0.0 bn.js: 5.2.1 decimal.js: 10.4.3 - dotenv: 16.4.7 + dotenv: 16.6.1 invariant: 2.2.4 transitivePeerDependencies: - bufferutil @@ -6284,7 +6284,7 @@ snapshots: bn-sqrt: 1.0.0 bn.js: 5.2.1 decimal.js: 10.4.3 - dotenv: 16.4.7 + dotenv: 16.6.1 invariant: 2.2.4 transitivePeerDependencies: - bufferutil @@ -7347,7 +7347,7 @@ snapshots: '@solana/spl-token-metadata': 0.1.6(@solana/web3.js@1.98.0(bufferutil@4.0.9)(utf-8-validate@5.0.10))(fastestsmallesttextencoderdecoder@1.0.22)(typescript@5.7.2) '@solana/web3.js': 1.98.0(bufferutil@4.0.9)(utf-8-validate@5.0.10) bs58: 6.0.0 - dotenv: 16.4.7 + dotenv: 16.6.1 transitivePeerDependencies: - bufferutil - encoding @@ -9203,7 +9203,7 @@ snapshots: dotenv@16.4.5: {} - dotenv@16.4.7: {} + dotenv@16.6.1: {} dunder-proto@1.0.1: dependencies: @@ -9688,7 +9688,7 @@ snapshots: '@types/node': 20.17.11 bignumber.js: 9.1.2 bs58: 5.0.0 - dotenv: 16.4.7 + dotenv: 16.6.1 fs: 0.0.1-security js-sha256: 0.9.0 jsbi: 4.3.0 @@ -10224,7 +10224,7 @@ snapshots: '@noble/ed25519': 1.7.3 '@solana/web3.js': 1.77.4(bufferutil@4.0.9)(utf-8-validate@5.0.10) agentkeepalive: 4.6.0 - dotenv: 16.4.7 + dotenv: 16.6.1 jayson: 4.1.3(bufferutil@4.0.9)(utf-8-validate@5.0.10) node-fetch: 2.7.0 superstruct: 1.0.4