chore(deps-dev): bump typescript from 5.9.3 to 6.0.3 in the typescript group across 1 directory#4
Closed
dependabot[bot] wants to merge 37 commits into
Closed
Conversation
ChainId union (5 EVM chains), NetworkConfig, PaymentProof, PaymentRequiredResponse, FrameContext, FrameState. Zero runtime deps. pnpm build produces dist/ with .js + .d.ts. npm pack --dry-run clean.
… (T-3) Pins rust-toolchain to 1.85.0 (minimum for edition 2024; 1.84.1 from previous dispatch was incompatible). cargo build --release + cargo test (1/1) both green. npm pack --dry-run succeeds.
dependabot
Bot
added
dependencies
dependabot
Bot
added
dependencies
dependabot
Bot
changed the title
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/typescript-3b9b15ff01
branch
from
af12714 to
5a97906
Compare
…confirmed Corpus: 20 synthetic invoices via TS reference codec (140–564 B uncompressed, median 193 B). Brotli-wasm q=11 median compressed: 185 B — Plan-C NOT triggered. WASM blob measurements (wasm-pack 0.13.1 + wasm-opt -Oz, Rust 1.85.0): A (brotli-decompressor decoder-only): ~196 KB blob / ~201 KB pkg total B (brotli v7 full encoder+decoder): ~953 KB blob / ~959 KB pkg total C (brotli v7 no-stdlib): ≈ B — no decoder-only feature gate in v7 Verdict: B-i RULED OUT. B-iv CONFIRMED — Rust ships brotli-decompressor only; encode-wire is native JS-side. Matches Ignat pre-decision. Cargo.toml unchanged (T-P2-1 owns deps).
…th (T-P2-0b follow-up)
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/typescript-3b9b15ff01
branch
from
5a97906 to
976803f
Compare
…eplan T-P2-7 deleted. B-iv (decode in Rust) measured at ~196 KB WASM blob vs the 80 KB hard cap. brotli-decompressor mandates a ~120 KB static dictionary with no decoder-only feature gate. B-v LOCKED: WASM ships TLV+keccak core only. Both compress and decompress live in the JS shim layer over brotli-wasm peerDep. Wire bytes unchanged (brotli-wasm q11 = same compressor as TS codec). Removes: brotli-decompressor v4.0.3, alloc-stdlib v0.2.2, alloc-no-stdlib v2.0.4 Cargo.lock staged with Cargo.toml per Phase 1 rule F-3.
Replace `map(|b| format!("{b:02x}")).collect::<String>()` with
`fold + write!` pattern in arb_wallet_address and arb_invoice.
cargo clippy --all-targets --all-features -- -D warnings now exits 0.
Implements the canonical-only Rust surface per B-v replan: - encode_invoice_canonical → TLV bytes, COMPRESSED_FLAG never set - decode_invoice_canonical → Invoice from canonical bytes, rejects 0x80 - lib.rs: exports 2 canonical fns + compute_content_hash; no wire variants - wasm.rs: exactly 2 #[wasm_bindgen] exports (encodeInvoiceCanonical / decodeInvoiceCanonical); BigInt-safe via serde_large_number_types_as_bigints - invoice.rs: Invoice/InvoiceFrom/InvoiceClient/InvoiceItem with Tsify + serde - encode.rs: TLV type registry, phf dict, mantissa/LEB128 encoding, domain sep - decode.rs: full TLV decode, domain separator verify, BigInt-safe mantissa No brotli dep in Rust. Wire compression lives in JS shim (src/index.ts).
Removed tsify (gloo-utils, web-sys, serde_json) and serde_json from [dependencies] — not needed since wasm.rs uses JsValue + serde_wasm_bindgen directly. Invoice structs keep Serialize+Deserialize for serde_wasm_bindgen. WASM blob after wasm-pack release build: 163 KB (hard cap 80 KB exceeded). Size checkpoint FAILED — see T-P2-7-alt final report for Kai escalation.
…7-alt) - src/index.ts: 4-name public API — encodeInvoiceCanonical/decodeInvoiceCanonical re-exported from WASM, encodeInvoiceWire/decodeInvoiceWire over brotli-wasm peerDep (COMPRESSED_FLAG + expand-fallback mirror reference compressPayload) - vitest.config.ts: vite-plugin-wasm + top-level-await; brotli-wasm aliased to the CJS node build for the Node test env - package.json: dist/ shim is the main entry (was raw WASM pkg); build runs wasm-pack then tsc, strips wasm-pack's pkg/.gitignore so pkg/ ships - 6 shim tests green (canonical + wire roundtrip, COMPRESSED_FLAG set/clear)
Iris Gate A2 flagged cargo fmt --check failures across 5 files (purely stylistic — line wrapping, import ordering, no logic change). fmt now clean; 81 Rust tests still green.
- wasm.rs: #[wasm_bindgen(js_name = receiptHash)] export - wasm_boundary.rs: boundary test (32-byte digest, deterministic) - index.ts: re-export receiptHash - Decision: receipt_hash ships in Phase 2 (plan-2c C6, Ignat 2026-05-20)
… (T-P2-9c) - proptest -> [target.'cfg(not(target_arch = "wasm32"))'.dev-dependencies] - getrandom 0.3 / wait-timeout don't build for wasm32; proptest must leave the wasm32 test graph - cfg-gate proptest-using test files to cfg(not(wasm32)) - wasm-pack test --node now compiles -> AC-9 boundary tests executable - see spec 056 plan-2c C8
…2-9b-fix) - drop #[wasm_bindgen(module = "/pkg/...")] extern block — a wasm_bindgen_test must not re-import the built JS bundle - call void_layer_codec::compute_content_hash directly, like bigint_boundary.rs - add receiptHash JS-export coverage to index.test.ts - fix pre-existing TS18046 errors on decoded: unknown (add DecodedInvoice cast) - fixes ERR_MODULE_NOT_FOUND under wasm-pack test --node
dependabot
Bot
changed the title
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/typescript-3b9b15ff01
branch
from
976803f to
edde95c
Compare
- codec build script invokes `wasm-pack build` since B-v (a1e6753); lint-and-build ran `pnpm -r build` without wasm-pack on the runner - pin wasm-pack 0.14.1 per Phase 1 D-A5 - add explicit `rustup target add wasm32-unknown-unknown` before install - fixes CI run 26179858633 'wasm-pack: not found'
- mantissa_bytes parses amounts as U256 (ruint) — matches the TS BigInt reference; covers the on-chain uint256 domain - decode reconstructs U256; removes the silent u128::MAX saturation bug - InvalidAmount error variant replaces miscategorised CompressionFailed - byte-identical output for amounts <= u128::MAX (parity preserved) - decision: codec amount domain = U256 (Ignat 2026-05-20)
- 1 minimal + 5 chain-selectors + 4 bigint-edges + 3 extensions + 4 malformed - bigint edges: 0, 1, uint256-max (encodes), over-u256 (InvalidAmount) - TS generator over the U256 codec; Kai-reviewed (2 rounds) - two malformed subtypes: decode-input (hex) + encode-input (payload) - generator excluded from `pnpm test` (vitest scripts/** exclude) - append-only forever; schema_version locked at 1 per D-R6.1 Co-Authored-By: kai-cto <kai@void-layer.local>
…12 follow-up) - malformed-varint-overflow relabelled: the old hex triggers ChecksumMismatch (no valid domain-separator TLV), not VarintOverflow -> kept as new vector `malformed-checksum-mismatch` - new `malformed-varint-overflow`: overflow moved into the TLV length-varint, hit during structural decode before the checksum check -> genuinely yields VarintOverflow (Kai-reviewed) - 18 golden vectors total - pnpm-lock.yaml: @types/node lockfile entry missed by e7b0340
- parity.test.ts: TS/JS surface, canonical + wire, both directions - parity.rs: Rust surface, canonical only (no wire encoder per B-v C3) - ci.yml: vector-parity job - 18/18 golden vectors pass parity on both surfaces - malformed vectors assert expected CodecError variant
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/typescript-3b9b15ff01
branch
from
edde95c to
25469ad
Compare
- scripts/assert-size.sh: WASM gzip <80KB + tarball <200KB hard gate - ci.yml: assert-size + test-wasm-node jobs - test-wasm-node gates the AC-9 boundary tests (prev. ungated — C8)
…(T-P2-15) - docs/bundle-budget.md: measured gzip/tarball numbers (B-v, post-U256) - hygiene grep: no panic/unwrap on user-input src paths (all in #[cfg(test)]) - Cargo.toml + package.json + Cargo.lock bumped to 0.1.0 lockstep (F13) - cargo publish NOT invoked; npm publish lands in Phase 3
Bumps the typescript group with 1 update in the / directory: [typescript](https://github.com/microsoft/TypeScript). Updates `typescript` from 5.9.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.9.3...v6.0.3) --- updated-dependencies: - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: typescript ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/typescript-3b9b15ff01
branch
from
25469ad to
d779516
Compare
Contributor
|
Закрыт: base main перемотан на commit #0 для полного project-review PR. Dependabot пересоздаст после мерджа #7. |
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
ignromanov
added a commit
that referenced
this pull request
May 25, 2026
…ors (R4) Replaces 12 magic 0x00/0x01 literals at TLV value-prefix sites with named constants defined in dict::mod. Per spec §5.1/§5.2. Bytes unchanged. Per Audit A #4 + Audit B naming.
ignromanov
added a commit
that referenced
this pull request
May 25, 2026
… lookups (R8) Eliminates parallel find_map patterns for CURRENCY_DICT + TOKEN_DICT. CHAIN_DICT phf_map path intentionally untouched (different iterator). Audit C #4. Lazy .then(|| v.clone()) avoids B-4 eager-alloc regression.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the typescript group with 1 update in the / directory: typescript.
Updates
typescriptfrom 5.9.3 to 6.0.3Release notes
Sourced from typescript's releases.
Commits
050880cBump version to 6.0.3 and LKGeeae9dd🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...ad1c695🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)0725fb4🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...607a22aBump version to 6.0.2 and LKG9e72ab7🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...35ff23d🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...e175b69Bump version to 6.0.1-rc and LKGaf4caacUpdate LKG8efd7e8Merge remote-tracking branch 'origin/main' into release-6.0