Release v4.0.8

[jaybuidl]

PR-Codex overview

This PR primarily focuses on adding a new KlerosCoreSnapshotProxy contract, enhancing various components with new features, and updating dependencies. It also introduces utility functions, modifies existing ones, and adjusts styles for better UI consistency.

Detailed summary

• Added isEmpty utility function in web-devtools/src/utils/isEmpty.ts.
• Introduced isUndefined utility function in kleros-sdk/src/dataMappings/utils/index.ts.
• Created KlerosCoreSnapshotProxy contract for snapshot voting.
• Updated arbitrationFee formatting in web/src/pages/Resolver/Parameters/Jurors.tsx.
• Enhanced Toastify styles in web/src/styles/global-style.ts.
• Updated node version in several package.json files.
• Adjusted various components to use new wagmi configurations.
• Modified disputeDetails handling in multiple components.
• Added new tooltip functionality in web/src/components/Verdict/FinalDecision.tsx.
• Updated tests to reflect changes in dispute handling and proxy functionality.

The following files were skipped due to too many changes: contracts/deployments/arbitrum/KlerosCoreSnapshotProxy.json, contracts/deployments/arbitrumSepolia/KlerosCoreSnapshotProxy.json, contracts/deployments/arbitrumSepoliaDevnet/KlerosCoreSnapshotProxy.json, yarn.lock

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features

  • Introduced a new mechanism to display real-time staked token balances for snapshot voting.
  • Enhanced the interface with improved tooltips, error notifications, and smoother scrolling for a better user experience.
  • Updated deployment records across networks for increased transparency.
  • Added a function to check if a value is undefined or null, improving validation processes.

• Tests

  • Added comprehensive test cases to ensure the reliability of the new snapshot functionality and event tracking.

• Chores / Refactor

  • Streamlined the codebase by removing redundant metadata and reorganizing components for improved maintainability.
  • Updated dependencies for better compatibility and performance.
  • Updated Node.js version across multiple projects for enhanced compatibility.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

web/src/styles/global-style.ts (1)

128-131: Consider refining the toast container styling approach.

The current implementation has a few potential issues:

1. The attribute selector might be too broad
2. Using !important makes future style overrides difficult
3. Removing the top position without a replacement could affect toast visibility

Consider these improvements:

-  [class*="Toastify__toast-container"] {
+  .Toastify__toast-container--top-right,
+  .Toastify__toast-container--top-left,
+  .Toastify__toast-container--top-center {
     top: unset;
-    padding-top: 20px !important;
+    padding-top: 20px;
   }

Also, consider adding a comment explaining why these positioning changes are necessary for better maintainability.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5241361 and 269b145.

📒 Files selected for processing (2)

• web/src/components/Field.tsx (1 hunks)
• web/src/styles/global-style.ts (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• web/src/components/Field.tsx

⏰ Context from checks skipped due to timeout of 90000ms (6)

• GitHub Check: Analyze (javascript)
• GitHub Check: contracts-testing
• GitHub Check: SonarCloud
• GitHub Check: SonarCloud
• GitHub Check: Scorecards analysis
• GitHub Check: Analyze (javascript)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

web/src/pages/GetPnk/WalletProvider.tsx (2)

22-27: Initialize WagmiAdapter carefully
You're setting the adapter's networks to [mainnet], but in other lines, you use Arbitrum or Arbitrum Sepolia as the default network. If you intend to support multiple networks, consider including them here or confirm that allowUnsupportedChain meets your needs.

---

35-46: Check mismatch in createAppKit configuration
createAppKit sets [mainnet] in networks while defaulting to Arbitrum or Arbitrum Sepolia. This works with allowUnsupportedChain: true, but may confuse end users if a default network is not explicitly in the networks list. Consider adding Arbitrum or Arbitrum Sepolia to the networks array to provide a more consistent user experience.

web-devtools/src/context/Web3Provider.tsx (2)

82-87: Enhance SDK configuration robustness.

The SDK configuration could benefit from error handling and validation.

Consider wrapping the configuration in a try-catch block:

+try {
   configureSDK({
     client: {
       chain: isProduction ? arbitrum : arbitrumSepolia,
       transport: transports[isProduction ? arbitrum.id : arbitrumSepolia.id],
     },
   });
+} catch (error) {
+  console.error('Failed to configure SDK:', error);
+  throw new Error('SDK configuration failed');
+}

---

15-19: Enhance environment variable validation.

Consider using a more descriptive error message and validating the API key format.

 const alchemyApiKey = process.env.NEXT_PUBLIC_ALCHEMY_API_KEY;
-if (!alchemyApiKey) {
+if (!alchemyApiKey || !/^[A-Za-z0-9_-]+$/.test(alchemyApiKey)) {
   throw new Error(
-    "Alchemy API key is not set in NEXT_PUBLIC_ALCHEMY_API_KEY environment variable."
+    "Invalid or missing Alchemy API key in NEXT_PUBLIC_ALCHEMY_API_KEY environment variable. Please ensure it contains only alphanumeric characters, underscores, and hyphens."
   );
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 269b145 and ba621a8.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (15)

• kleros-app/README.md (1 hunks)
• kleros-app/package.json (2 hunks)
• kleros-app/src/lib/atlas/providers/AtlasProvider.tsx (3 hunks)
• web-devtools/package.json (2 hunks)
• web-devtools/src/components/ConnectWallet/index.tsx (2 hunks)
• web-devtools/src/consts/chains.ts (1 hunks)
• web-devtools/src/context/Web3Provider.tsx (2 hunks)
• web-devtools/src/utils/getDisputeRequestParamsFromTxn.ts (1 hunks)
• web/package.json (2 hunks)
• web/src/components/ConnectWallet/index.tsx (2 hunks)
• web/src/consts/chains.ts (1 hunks)
• web/src/consts/eip712-messages.ts (2 hunks)
• web/src/context/AtlasProvider.tsx (1 hunks)
• web/src/context/Web3Provider.tsx (5 hunks)
• web/src/pages/GetPnk/WalletProvider.tsx (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

web/src/context/AtlasProvider.tsx (1)

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1687
File: web/src/context/AtlasProvider.tsx:225-244
Timestamp: 2024-11-12T04:49:48.060Z
Learning: In `web/src/context/AtlasProvider.tsx`, the `atlasUri` variable comes from environment variables and does not change, so it does not need to be included in dependency arrays.

web-devtools/src/context/Web3Provider.tsx (1)

Learnt from: alcercu
PR: kleros/kleros-v2#1703
File: web/src/context/Web3Provider.tsx:9-9
Timestamp: 2024-11-12T04:49:43.234Z
Learning: The SDK structure will be improved in PR #1704.

⏰ Context from checks skipped due to timeout of 90000ms (7)

• GitHub Check: contracts-testing
• GitHub Check: SonarCloud
• GitHub Check: Analyze (javascript)
• GitHub Check: SonarCloud
• GitHub Check: Analyze (javascript)
• GitHub Check: Mend Security Check
• GitHub Check: contracts-testing

🔇 Additional comments (38)

web/src/consts/eip712-messages.ts (2)

25-25: LGTM!

The formatting change maintains code readability while preserving the correct EIP-712 message structure and type safety.

---

44-44: LGTM!

The formatting change maintains code readability while preserving the correct EIP-712 message structure and type safety.

web/package.json (5)

82-82: New Dependency Addition: @bigmi/react

The addition of @bigmi/react at version ^0.1.0 is noted. Please ensure that this library is required and integrated within the project as expected, and that its version aligns with the overall React ecosystem in use.

---

90-93: Dependency Updates and Additions: LIFI & Reown AppKit

These lines update the version of @lifi/wallet-management to ^3.6.0 and @lifi/widget to ^3.14.2, while also adding @reown/appkit and @reown/appkit-adapter-wagmi at version ^1.6.5. This aligns with the integration of Reown AppKit for enhanced wallet connection management. Please verify that the updated versions are fully compatible with the project's requirements and that the new dependencies are used consistently in the codebase.

---

96-96: New Dependency Addition: @solana/wallet-adapter-react

The dependency @solana/wallet-adapter-react has been added at version ^0.15.35. Ensure this addition is intentional for handling Solana wallet interactions and that its integration is tested in relevant parts of the application.

---

100-100: Dependency Version Update: @wagmi/core

The version for @wagmi/core has been updated to ^2.16.3. Confirm that this update does not introduce breaking changes and is compatible with the other Wagmi packages used in the project.

---

129-129: Dependency Version Update: wagmi

The update of wagmi to version ^2.14.10 should be reviewed to ensure that it includes the expected enhancements and that no new incompatibilities have been introduced. Testing around wallet integrations and other Wagmi-related functionality is recommended.

web-devtools/src/components/ConnectWallet/index.tsx (2)

36-37:

✅ Verification successful

LGTM! Verify the hook usage pattern.

The migration from web3modal to appkit hooks looks good. The API usage pattern appears to be compatible.

Let's verify the correct usage of these hooks in the codebase:

Also applies to: 44-44

---

🏁 Script executed:

#!/bin/bash
# Description: Check the usage pattern of appkit hooks across the codebase.

# Search for useAppKit usage
echo "Checking useAppKit usage pattern..."
rg -A 2 "useAppKit\(\)" 

# Search for useAppKitState usage
echo -e "\nChecking useAppKitState usage pattern..."
rg -A 2 "useAppKitState\(\)"

# Search for open method calls with view parameter
echo -e "\nChecking open method calls..."
rg "open\(\s*\{\s*view\s*:"

Length of output: 1430

---

LGTM! Hook usage across the codebase has been verified.

• The migration from web3modal to appkit hooks is correctly implemented in both web-devtools/src/components/ConnectWallet/index.tsx and web/src/components/ConnectWallet/index.tsx.
• Both the useAppKit() and useAppKitState() hooks are used with the expected pattern.
• The open method is consistently invoked with the view parameter (e.g., open({ view: "Connect" })).

---

3-3:

❓ Verification inconclusive

Verify the @reown/appkit package installation.

The code imports hooks from the @reown/appkit package. Please ensure that this package is properly installed and listed in the project's dependencies.

Run the following script to check the package installation:

---

🏁 Script executed:

#!/bin/bash
# Description: Check if @reown/appkit is properly installed.

# Check package.json for the dependency
echo "Checking package.json for @reown/appkit..."
cat package.json | jq '.dependencies["@reown/appkit"] // .devDependencies["@reown/appkit"]'

# Check if the package is installed in node_modules
echo -e "\nChecking node_modules for @reown/appkit..."
fd -t d '^@reown' node_modules

Length of output: 427

---

Action Required: Verify the Installation of @reown/appkit

The code now imports useAppKit and useAppKitState from @reown/appkit/react, but our initial check did not find any reference to @reown/appkit in your package.json dependencies. Additionally, the script was unable to search for node_modules due to the directory not being present in the current context. Please ensure that:

• Dependency Listing: The @reown/appkit package is explicitly listed in your dependency management (e.g., in package.json under dependencies or devDependencies).
• Lock Files Verification: If the package is installed as expected, verify its presence in your lock files (like yarn.lock or package-lock.json).
• Installation Check: Confirm that the installation is correct (you might need to run a manual or scripted check in the environment where node_modules is available).

Once confirmed, this import statement will integrate correctly. Please verify these points and update the dependency configuration if needed.

web/src/components/ConnectWallet/index.tsx (4)

3-3: LGTM!

The migration from @web3modal/wagmi/react to @reown/appkit/react is correctly implemented.

---

37-49: LGTM!

The migration to AppKit hooks is correctly implemented. The component:

• Uses the new useAppKit and useAppKitState hooks.
• Correctly handles the modal's open state.
• Properly configures the connect view.

---

51-59: LGTM!

The component maintains correct wallet connection state handling and seamlessly integrates with the updated child components.

---

13-14:

✅ Verification successful

Verify the isLoading property in the latest version of wagmi.

The TODO comment suggests potential API changes. Let's verify if isLoading has been replaced with isPending in the latest version.

---

🌐 Web query:

Has wagmi replaced isLoading with isPending in useSwitchChain hook?

💡 Result:

Based on recent documentation updates and community discussions around Wagmi v2.x.x (current as of 2025), isLoading remains present alongside isPending in some hooks like useSwitchNetwork, while newer patterns show status: "pending" being used instead of separate boolean flags[1][7]. However:

1. useSwitchNetwork still exposes isLoading
   The original implementation continues using isLoading to indicate network switching progress[1][3]:

   const { chains, error, isLoading } = useSwitchNetwork()

2. Newer hooks like useWaitForTransactionReceipt favor isPending
   Recent additions align with React Query v5 patterns where isPending replaces isLoading[4][5]:

   const { data: receipt } = useWaitForTransactionReceipt({ 
     hash,
     query: { enabled: !!hash }
   })

3. Confusion stems from overlapping terminology

   • isLoading: Legacy term indicating initial fetch state
   • isPending: Newer term encompassing all async states
   • status: "pending": Alternative pattern via state enums[7]

Current recommendation: Check both properties until full migration completes:

const { 
  switchNetwork,
  error,
  status,
  // Legacy pattern ↓
  isLoading,
  // Newer pattern ↓  
  pendingChainId 
} = useSwitchNetwork()

This dual approach handles transitional APIs while maintaining backward compatibility[3][9].

Citations:

• 1: https://1.x.wagmi.sh/react/hooks/useSwitchNetwork
• 2: https://egghead.io/lessons/react-use-ispending-isloading-and-isfetching-flags-with-react-query
• 3: https://web3auth.io/community/t/not-able-to-switch-chain-using-wagmi-useswitchnetwork-hook/6840
• 4: https://wagmi.sh/react/api/hooks/useWaitForTransactionReceipt
• 5: TanStack/query#6297
• 6: https://wagmi.sh/react/api/hooks/useToken
• 7: https://wagmi.sh/react/api/hooks/useSwitchChain
• 8: https://docs.zerodev.app/react/use-session-kernelclient
• 9: wevm/wagmi#4205
• 10: https://wagmi.sh/react/guides/send-transaction

---

Correctness Confirmed: useSwitchChain's isLoading Property Remains Valid

Based on the latest documentation and community discussions for Wagmi v2.x (2025), the useSwitchChain hook still supports the isLoading property. Although some newer hooks (e.g., useWaitForTransactionReceipt) adopt the isPending pattern or status enums, the current implementation of useSwitchChain correctly continues to expose isLoading. No changes are required for this file.

• The isLoading property remains active and is not replaced by isPending for useSwitchChain.
• Some hooks in Wagmi are moving toward newer async state indicators, but these changes are not yet applicable to useSwitchChain.

web/src/pages/GetPnk/WalletProvider.tsx (3)

5-7: Using @reown/appkit
The newly introduced imports look valid, provided that all required dependencies are included in your package.json.

---

10-10: Confirm wagmi version compatibility
Ensure that the version of the wagmi package is compatible with @reown/appkit-adapter-wagmi to avoid potential dependency or peer version conflicts.

---

51-51: WagmiProvider usage looks good
Passing adapter.current.wagmiConfig to WagmiProvider is consistent with the new setup.

web/src/context/Web3Provider.tsx (8)

3-14: Adopting @reown/appkit
These imports from @reown/appkit/* and wagmi align with the latest approach for network and adapter configuration.

---

43-49: Possible type inconsistency in alchemyURL
Allowing chainId to be number | string is flexible, but ensure that you handle string IDs correctly in alchemyToViemChain[chainId], as it expects numerical keys. Consider parsing or validating string inputs to avoid look-up failures.

---

51-53: Validate getChainRpcUrl
Similarly, verify that passing a string chainId to getChainRpcUrl properly resolves network addresses in all usage contexts (e.g., if the string does not match an expected ID).

---

60-63: Check for undefined RPC URLs
When using fallback([http(...), webSocket(...)]), ensure each chain has valid rpcUrls.default.http and rpcUrls.default.webSocket entries; otherwise, some calls may fail at runtime.

---

76-76: Casting ALL_CHAINS
Casting ALL_CHAINS to [AppKitNetwork, ...AppKitNetwork[]] will throw a runtime error if ALL_CHAINS is empty. Confirm that ALL_CHAINS has at least one element.

---

84-88: Initialize WagmiAdapter
This setup correctly passes networks, projectId, and transports. Confirm all your networks’ transport URLs are consistently defined.

---

97-116: createAppKit configuration
This is a solid approach to unify chain, adapter, and default network configurations. The commented block within features is a good placeholder for future toggles.

---

118-118: Returning WagmiProvider
Using wagmiAdapter.wagmiConfig in the <WagmiProvider> is consistent and should enable your app’s wagmi-based features properly.

web/src/context/AtlasProvider.tsx (4)

2-2: No changes needed on the empty line
This line change appears to be only whitespace and has no functional impact.

---

3-4: Import useConfig from wagmi
Bringing in useConfig ensures you can access and propagate Wagmi’s global configuration within the AtlasProvider.

---

8-8: Calling useConfig
Defining wagmiConfig by calling useConfig() is a straightforward way to integrate wagmi settings here. Just confirm that it does not repeatedly trigger re-renders if its value changes frequently.

---

10-10: Include wagmiConfig in AtlasProvider
Passing wagmiConfig to config allows _AtlasProvider to leverage wagmi’s settings for things like account management. This approach looks consistent with the overall architecture.

web-devtools/src/consts/chains.ts (1)

1-1: LGTM! Type updates align with AppKit integration.

The migration from Chain to AppKitNetwork type is consistent and maintains type safety while integrating with the AppKit library.

Also applies to: 7-7, 11-11

web/src/consts/chains.ts (1)

25-29: Verify type compatibility in getChain function.

The function returns Chain | null but uses ALL_CHAINS which contains AppKitNetwork types. This might lead to type mismatches.

Consider updating the return type to match the new AppKitNetwork type:

-export const getChain = (chainId: number): Chain | null =>
+export const getChain = (chainId: number): AppKitNetwork | null =>

web-devtools/src/utils/getDisputeRequestParamsFromTxn.ts (1)

4-4: LGTM! Clean migration to wagmiAdapter.

The update from wagmiConfig to wagmiAdapter.wagmiConfig is consistent with the AppKit integration while maintaining proper error handling.

Also applies to: 10-10

web-devtools/src/context/Web3Provider.tsx (1)

76-80: LGTM! WagmiAdapter initialization is well-structured.

The adapter initialization with networks, projectId, and transports is clean and type-safe.

kleros-app/src/lib/atlas/providers/AtlasProvider.tsx (2)

5-5: LGTM! Proper integration of Wagmi configuration.

The addition of the Config type and the wagmiConfig property to the AtlasConfig interface ensures proper typing and configuration support for Wagmi v2.

Also applies to: 53-57

---

60-61: LGTM! Consistent configuration usage across hooks.

The hooks are properly configured with the wagmiConfig, maintaining consistency across the provider.

Also applies to: 70-70

kleros-app/package.json (1)

52-53: LGTM! Consistent version management.

The wagmi dependency is properly added to devDependencies and updated in peerDependencies with matching versions.

Also applies to: 65-65

web-devtools/package.json (2)

53-54: LGTM! New dependencies for enhanced wallet connection handling.

The addition of @reown/appkit and its wagmi adapter provides improved wallet connection capabilities.

---

57-57:

❓ Verification inconclusive

Verify compatibility with updated wagmi versions.

The updates to @wagmi/core and wagmi versions should be tested to ensure compatibility with the new appkit integration.

Also applies to: 73-73

---

🏁 Script executed:

#!/bin/bash
# Check for any breaking changes or compatibility issues in the changelog
curl -s "https://raw.github.com/wagmi-dev/wagmi/main/CHANGELOG.md" | grep -A 10 "## 2.14.0"

Length of output: 102

---

Action Required: Verify @wagmi/core Update Compatibility

The dependency update to "@wagmi/core": "^2.16.3" (and similarly for line 73) appears correct, but the automated check for breaking changes via the changelog returned no output. This result is inconclusive, so please manually confirm that there are no breaking changes between the previously used version and 2.16.3—especially regarding the new appkit integration.

• Action Items:
  • Manually inspect the wagmi changelog for any breaking changes from version 2.14.0 up to 2.16.3.
  • Conduct integration tests or other manual validations to ensure compatibility with the updated dependency.

kleros-app/README.md (1)

30-31: LGTM! Documentation properly updated.

The README has been correctly updated to reflect the new wagmiConfig requirement in the AtlasProvider configuration.

Also applies to: 35-36, 40-40

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

contracts/package.json (2)

13-15: Node.js Version Update in Volta Configuration

The updated Node.js version in the "volta" section has been bumped to "18.20.6". This ensures that developers using Volta will leverage the latest supported version as intended. However, note that the "engines" field still specifies ">=16.0.0". For consistency, consider if aligning the "engines" requirement with the Volta version would be beneficial to enforce a minimum environment version across all setups.

---

75-76: Upgrade of @logtail/pino Dependency

The dependency for @logtail/pino has been upgraded from the previous version (presumably ^0.4.22) to ^0.5.0. Please verify that any usage in your logging configurations or associated integrations is compatible with the new version. It’s important to review the changelog for any breaking changes or adjustments needed after the upgrade.

.github/workflows/contracts-testing.yml (1)

59-59: Cache Action Version Updated & Trailing Spaces Note
The cache action has been upgraded to version v4.2.1. Additionally, note that YAMLlint flagged trailing spaces on lines 55 and 57 (in the surrounding block). Removing these extra spaces would improve code cleanliness.

Suggested Diff to Remove Trailing Spaces:

-        cache-name: cache-node-modules␣␣
+        cache-name: cache-node-modules

-        path: |␣
+        path: |

(Replace ␣ with an actual space character and remove any extraneous spaces at the end of the lines.)

.github/workflows/sentry-release.yml (1)

53-53: Cache Node Modules Action Version & Trailing Spaces
The cache action now uses version v4.2.1. Additionally, static analysis warns about trailing spaces on lines 49 and 51. Removing these trailing spaces will help maintain YAML formatting standards.

Suggested Diff to Remove Trailing Spaces:

-        node-version: 20.x␣␣
+        node-version: 20.x

-        cache: yarn␣␣
+        cache: yarn

(Ensure there are no extra spaces at the end of these lines.)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3d09b18 and ed460b9.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (16)

• .github/workflows/codeql.yml (4 hunks)
• .github/workflows/contracts-testing.yml (4 hunks)
• .github/workflows/dependency-review.yml (1 hunks)
• .github/workflows/deploy-bots.yml (1 hunks)
• .github/workflows/deploy-subgraph.yml (1 hunks)
• .github/workflows/scorecards.yml (3 hunks)
• .github/workflows/sentry-release.yml (3 hunks)
• .github/workflows/sonarcloud.yml (1 hunks)
• contracts/package.json (2 hunks)
• kleros-app/package.json (3 hunks)
• kleros-sdk/package.json (3 hunks)
• package.json (3 hunks)
• services/graph-node/docker-compose.yml (1 hunks)
• subgraph/package.json (1 hunks)
• web-devtools/package.json (3 hunks)
• web/package.json (2 hunks)

✅ Files skipped from review due to trivial changes (8)

• .github/workflows/deploy-subgraph.yml
• subgraph/package.json
• .github/workflows/sonarcloud.yml
• .github/workflows/deploy-bots.yml
• .github/workflows/dependency-review.yml
• services/graph-node/docker-compose.yml
• .github/workflows/scorecards.yml
• .github/workflows/codeql.yml

🚧 Files skipped from review as they are similar to previous changes (5)

• kleros-sdk/package.json
• package.json
• kleros-app/package.json
• web-devtools/package.json
• web/package.json

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.github/workflows/contracts-testing.yml

[error] 55-55: trailing spaces

(trailing-spaces)

---

[error] 57-57: trailing spaces

(trailing-spaces)

.github/workflows/sentry-release.yml

[error] 49-49: trailing spaces

(trailing-spaces)

---

[error] 51-51: trailing spaces

(trailing-spaces)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Dependabot
• GitHub Check: Dependabot
• GitHub Check: contracts-testing
• GitHub Check: contracts-testing

🔇 Additional comments (7)

.github/workflows/contracts-testing.yml (4)

27-27: Updated Harden Runner Version
The Harden Runner action has been updated to use commit 4d991eb9b905ef189e4c376166672c3f2f230481 (v2.11.0). This ensures the runner benefits from the latest security fixes and performance improvements.

---

53-53: Node.js Setup Action Version Update
The actions/setup-node action now uses version v4.2.0, ensuring compatibility and updated features. Please verify its behavior with your workflow configurations.

---

74-74: Foundry Action Upgrade Confirmed
The Foundry installation step now uses foundry-rs/foundry-toolchain@de808b1eea699e761c404bda44ba8f21aba30b2c (v1.3.1), aligning with the latest toolchain release.

---

84-84: Artifact Upload Action Version Update
The artifact upload step has been updated to actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 (v4.6.1), which should provide improved functionality and security.

.github/workflows/sentry-release.yml (3)

20-20: Harden Runner Version Update in Sentry Release Workflow
The Harden Runner action here has also been updated to 4d991eb9b905ef189e4c376166672c3f2f230481 (v2.11.0), ensuring consistency and improved security across workflows.

---

47-47: Updated Setup Node.js Version
The actions/setup-node action has been upgraded to version v4.2.0 in this workflow. Validate that all node-related steps perform as expected with the new version.

---

75-75: Sentry Release Action Version Update
The getsentry/action-release action has been updated to version v1.10.5, ensuring that the creation of Sentry releases uses the latest improvements from the action provider.

[sonarqubecloud]

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.4% Duplication on New Code

See analysis details on SonarQube Cloud