Bump the npm_and_yarn group across 4 directories with 7 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the /wagmi-project directory: next, vite, @metamask/sdk and nuxt.
Bumps the npm_and_yarn group with 1 update in the /wagmi-project/packages/connectors directory: @metamask/sdk.
Bumps the npm_and_yarn group with 1 update in the /wagmi-project/packages/create-wagmi/templates/next directory: next.
Bumps the npm_and_yarn group with 1 update in the /wagmi-project/playgrounds/next directory: next.

Updates next from 15.3.3 to 15.4.10

Release notes

Sourced from next's releases.

v15.4.10

Please see the Next.js Security Update for information about this security patch.

v15.4.8

Please see CVE-2025-66478 for additional details about this release.

v15.3.8

Please see the Next.js Security Update for information about this security patch.

v15.3.6

Please see CVE-2025-66478 for additional details about this release.

Commits

• 43cb546 v15.4.10
• 6129673 Backport facebook/react#35351 for 15.4.9 (#87087)
• d1449e5 v15.4.9
• 596f513 Update React Version (#42)
• 2ff781e Update React Version (#31)
• d0edaac Backport Next.js changes to v15.4.9 (#24)
• bd84546 lock binaries
• 4966847 v15.4.8
• bf8d31c update version script
• bed530f Update React Version for Next.js 15.4.8 (#9)
• Additional commits viewable in compare view

Updates happy-dom from 15.10.2 to 18.0.1

Release notes

Sourced from happy-dom's releases.

v18.0.1

👷‍♂️ Patch fixes

• Addresses an issue where an error occurred if the Element ID was set to the same name as a Window property with a null value - By @​capricorn86 in task #1841

v18.0.0

💣 Breaking Changes

• Makes the types for Happy DOM strict - By @​capricorn86 in task #1154
  • This makes it possible to use the option skipLibCheck set to "false" in the typescript configuration for projects with a strict configuration
  • This change has resulted in that some types has changed and is therefore considered as a breaking change
• BrowserContext.close() now throws an error when trying to close the default context of a browser - By @​capricorn86 in task #1154

🎨 Features

• Adds support for Browser.closed, BrowserContext.closed, BrowserPage.closed and BrowserFrame.closed - By @​capricorn86 in task #1154
• Adds support for VirtualConsolePrinter.close() and VirtualConsolePrinter.closed - By @​capricorn86 in task #1154
• Adds support for CookieContainer.clearCookies() - By @​capricorn86 in task #1154

v17.6.3

👷‍♂️ Patch fixes

• Removes global typescript definition that was used for custom elements - By @​capricorn86 in task #1154

v17.6.2

👷‍♂️ Patch fixes

• Updates Typescript to the latest version - By @​capricorn86 in task #1154

v17.6.1

🎨 Features

• Adds support for disabling validation of certificates, to allow for self-signed certificates to be used - By @​capricorn86 in task #1763
  • Read more about the new setting fetch.disableStrictSSL under IBrowserSettings in the Wiki

v17.5.9

👷‍♂️ Patch fixes

• Adds missing null check in HTMLLinkElement for a browser frame property that becomes null during teardown of a Window - By @​capricorn86 in task #1800

v17.5.8

👷‍♂️ Patch fixes

• Incorrect cache matching caused Element.classList to return the wrong items - By @​capricorn86 in task #1812

v17.5.7

👷‍♂️ Patch fixes

• Handle wider range of valid characters in unquoted attribute value parsing - By @​AudunWA in task #1817

v17.5.6

👷‍♂️ Patch fixes

• Removes the min and max boundary check when setting the value of an input field of type "date" - By @​zgrybus in task #1815

v17.5.4

👷‍♂️ Patch fixes

• Fixes issue where the body of a ReadableStream was locked after being cloned - By @​MarcMcIntosh in task #1493

v17.5.3

... (truncated)

Commits

• cf74f5f fix: #1841 Addresses an issue where an error occurred if the Element ID was...
• bfd0fff chore: #1154 Fixes failing unit test (#1843)
• 99ebbfc BREAKING CHANGE: #1154 Makes the types for Happy DOM strict (#1842)
• a94d780 fix: #1154 Removes global typescript definition that was used for custom el...
• 00d665b fix: #1154 Updates Typescript to the latest version (#1839)
• fe66e76 fix: #1800 Adds support for disabling validation of certificates, to allow ...
• 4a3db4f feat: #1800 Adds support for disabling validation of certificates (#1832)
• 6bad92f fix: #1800 Fixes issue where browse frame is null during teardown of Window...
• d1182cb fix: #1812 Incorrect cache match caused Element classList to return the wro...
• 9e884df chore: #1 use Node.js 24 (#1826)
• Additional commits viewable in compare view

Updates vite from 5.4.19 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

• fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970) (cad1d31), closes #20968 #20970
• chore: update CHANGELOG (ca88ed7)

5.4.20 (2025-09-08)

• fix: apply fs.strict check to HTML files (#20736) (482000f), closes #20736
• fix: port sirv@3.0.2 changes to sirv@2.0.4 (#20737) (4f1c35b), closes #20737

Commits

• adce3c2 release: v5.4.21
• cad1d31 fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970)
• ca88ed7 chore: update CHANGELOG
• 997700f release: v5.4.20
• 482000f fix: apply fs.strict check to HTML files (#20736)
• See full diff in compare view

Updates @metamask/sdk from 0.32.1 to 0.33.1

Changelog

Sourced from @​metamask/sdk's changelog.

[0.33.1]

Fixed

• chore: pin debug package to 4.3.4 due to npm compromise (#1342)

[0.33.0]

Added

• Add rpc ingore list to analytics (#1293)
• Integrate sdk-analytics with SDK (#1289)

Fixed

• Updates and Fixes to Analytics (#1294)

Commits

• 7eb3e16 Release 115.0.0 (#1345)
• f5a8457 fix: Rollback Release 115.0.0 and fix issue (#1344)
• 0cd04ee Release 115.0.0 (#1343)
• baa185c chore: pin debug package to exact version due to npm compromise (#1342)
• e1764d4 Release 114.0.0 (#1296)
• b005ef2 Updates and Fixes to Analytics (#1294)
• 40440e3 Add rpc ingore list to analytics (#1293)
• 42e8c44 Integrate sdk-analytics with SDK (#1289)
• bfa5fbb Release 110.0.0 (#1235)
• See full diff in compare view

Updates nuxt from 3.16.0 to 3.19.0

Release notes

Sourced from nuxt's releases.

v3.19.0

👀 Highlights

Please see the release notes for Nuxt v4.1 for full details on the features and fixes in Nuxt v3.19.

✅ Upgrading

As usual, our recommendation for upgrading is to run:

npx nuxt upgrade --dedupe

This will refresh your lockfile and pull in all the latest dependencies that Nuxt relies on, especially from the unjs ecosystem.

👉 Changelog

compare changes

🚀 Enhancements

• kit: Add ignore option to resolveFiles (#32858)
• kit: Add onInstall and onUpgrade module hooks (#32397)
• nuxt,vite: Add experimental support for rolldown-vite (#31812)
• nuxt: Extract defineRouteRules to page rules property (#32897)
• nuxt,vite: Use importmap to increase chunk stability (#33075)
• nuxt: Lazy hydration macros without auto-imports (#33037)
• kit,nuxt,schema: Allow modules to specify dependencies (#33063)
• kit,nuxt: Add getLayerDirectories util and refactor to use it (#33098)

🔥 Performance

• nuxt: Clear inline route rules cache when pages change (#32877)
• nuxt: Stop watching app manifest once a change has been detected (#32880)

🩹 Fixes

• nuxt: Handle satisfies in page augmentation (#32902)
• nuxt: Type response in useFetch hooks (#32891)
• nuxt: Add TS parenthesis and as expression for page meta extraction (#32914)
• nuxt: Use correct unit thresholds for relative time (#32893)
• nuxt: Handle uncached current build manifests (#32913)
• kit: Resolve directories in resolvePath and normalize file extensions (#32857)
• schema,vite: Bump requestTimeout + allow configuration (#32874)
• nuxt: Deep merge extracted route meta (#32887)
• nuxt: Do not expose app components until fully resolved (#32993)
• kit: Only exclude node_modules/ if no custom srcDir (#32987)
• nuxt: Compare final matched routes when syncing route object (#32899)
• nuxt: Make vue server warnings much less verbose in dev mode (#33018)
• schema: Allow disabling cssnano/autoprefixer postcss plugins (#33016)
• kit: Ensure local layers are prioritised alphabetically (#33030)
• kit,nuxt: Expose global types to vue compiler (#33026)
• nuxt: Support config type inference for defineNuxtModule().with() (#33081)
• nuxt: Search for colliding names in route children (31a9282c2)
• nuxt: Delete nuxtApp._runningTransition on resolve (#33025)
• nuxt: Add validation for nuxt island reviver key (#33069)

... (truncated)

Commits

• 8956505 v3.19.0
• 9a3b445 test: update test for app creation
• ae8b0d2 fix(kit): prioritise local layers over extended layers
• 2fd3bc2 feat(kit,nuxt): add getLayerDirectories util and refactor to use it (#33098)
• 6cc79dd feat(kit,nuxt,schema): allow modules to specify dependencies (#33063)
• 78153ba fix(nuxt): add validation for nuxt island reviver key (#33069)
• f4e38b7 fix(nuxt): delete nuxtApp._runningTransition on resolve (#33025)
• 31a9282 fix(nuxt): search for colliding names in route children
• 10fd012 refactor(kit,nuxt,ui-templates,vite): address deprecations + improve regexp p...
• 04dda84 feat(nuxt): lazy hydration macros without auto-imports (#33037)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nuxt since your current version.

Updates @nuxt/devtools from 2.4.1 to 2.7.0

Release notes

Sourced from @​nuxt/devtools's releases.

v2.7.0

   🐞 Bug Fixes

• devtools: Use vite plugin for env-specific config  -  by @​danielroe in nuxt/devtools#899 (0c258)

    View changes on GitHub

v2.6.5

   🐞 Bug Fixes

• Ensure path resolve is safe  -  by @​antfu (1fabb)

    View changes on GitHub

v2.6.4

   🐞 Bug Fixes

• Using textContent instead of innerHtml for auth pagechore: update lock  -  by @​antfu (7cadb)

    View changes on GitHub

v2.6.3

No significant changes

    View changes on GitHub

v2.6.2

   🐞 Bug Fixes

• Panel dragging issue, close #874, close #871, close #873  -  by @​antfu in nuxt/devtools#874, nuxt/devtools#871 and nuxt/devtools#873 (619de)

    View changes on GitHub

v2.6.1

   🐞 Bug Fixes

• deps: Do not depend on @nuxt/schema  -  by @​danielroe in nuxt/devtools#872 (62443)

    View changes on GitHub

v2.6.0

   🚀 Features

• Update deps  -  by @​antfu (eef2c)

   🐞 Bug Fixes

• Timing labels wrapping  -  by @​DallasHoff in nuxt/devtools#866 (fd01e)

    View changes on GitHub

... (truncated)

Changelog

Sourced from @​nuxt/devtools's changelog.

2.7.0 (2025-10-26)

Bug Fixes

• devtools: use vite plugin for env-specific config (#899) (0c258d4)

2.6.5 (2025-09-20)

Bug Fixes

• ensure path resolve is safe (1fabb49)

2.6.4 (2025-09-19)

Bug Fixes

• using textContent instead of innerHtml for auth pagechore: update lock (7cadbbe)

2.6.3 (2025-08-22)

2.6.2 (2025-07-02)

Bug Fixes

• panel dragging issue, close #874, close #871, close #873 (619de37)

2.6.1 (2025-07-01)

Bug Fixes

• deps: do not depend on @nuxt/schema (#872) (62443ec)

2.6.0 (2025-06-29)

... (truncated)

Commits

• e62257b chore: release v2.7.0
• d80924b chore: update deps
• 0c258d4 fix(devtools): use vite plugin for env-specific config (#899)
• 2cd1e2c chore: release v2.6.5
• 191eb3f refactor: unified all error messages
• 1fabb49 fix: ensure path resolve is safe
• 39a0677 chore: release v2.6.4
• 7cadbbe fix: using textContent instead of innerHtml for auth pagechore: update lock
• 27f80d0 chore: release v2.6.3
• d602a81 chore: release v2.6.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​nuxt/devtools since your current version.

Updates devalue from 5.1.1 to 5.6.1

Release notes

Sourced from devalue's releases.

v5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

v5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

v5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

v5.4.2

Patch Changes

• 5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers

v5.4.1

Patch Changes

• ca3c7b6: chore: Remove impossible void type from replacer's uneval

v5.4.0

Minor Changes

• 9306d09: feat: pass uneval to replacer, for handling nested custom types

Patch Changes

• b617c7c: perf: shrink uneval output with null-proto objects

v5.3.2

Patch Changes

• 0623a47: fix: disallow array method access when parsing
• 0623a47: fix: disallow __proto__ properties on objects

v5.3.1

Patch Changes

• ae904c5: fix: correctly differentiate between +0 and -0

v5.3.0

Minor Changes

• 2896e7b: feat: support Temporal

... (truncated)

Changelog

Sourced from devalue's changelog.

5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

5.4.2

Patch Changes

• 5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers

5.4.1

Patch Changes

• ca3c7b6: chore: Remove impossible void type from replacer's uneval

5.4.0

Minor Changes

• 9306d09: feat: pass uneval to replacer, for handling nested custom types

Patch Changes

• b617c7c: perf: shrink uneval output with null-proto objects

5.3.2

Patch Changes

• 0623a47: fix: disallow array method access when parsing
• 0623a47: fix: disallow __proto__ properties on objects

5.3.1

... (truncated)

Commits

• 5e07a67 Version Packages (#129)
• aa09604 Bump js-yaml from 3.14.1 to 3.14.2 (#125)
• 2161d44 fix: add hasOwn check before calling reviver (#128)
• 83de81d Version Packages (#127)
• a3d09d4 Add value and root properties in DevalueError instances (#126)
• f4b37f3 Version Packages (#124)
• 828fa1c Enable support for custom reducer/reviver for "function" values (#123)
• 6f4eb8b Version Packages (#119)
• 5c26c0d fix: allow custom revivers to revive things serialized by buitin reducers (#118)
• 8b0c28d Version Packages (#117)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for devalue since your current version.

Updates @metamask/sdk from 0.32.1 to 0.33.1

Changelog

Sourced from @​metamask/sdk's changelog.

[0.33.1]

Fixed

• chore: pin debug package to 4.3.4 due to npm compromise (#1342)

[0.33.0]

Added

• Add rpc ingore list to analytics (#1293)
• Integrate sdk-analytics with SDK (#1289)

Fixed

• Updates and Fixes to Analytics (#1294)

Commits

• 7eb3e16 Release 115.0.0 (#1345)
• f5a8457 fix: Rollback Release 115.0.0 and fix issue (#1344)
• 0cd04ee Release 115.0.0 (#1343)
• baa185c chore: pin debug package to exact version due to npm compromise (#1342)
• e1764d4 Release 114.0.0 (#1296)
• b005ef2 Updates and Fixes to Analytics (#1294)
• 40440e3 Add rpc ingore list to analytics (#1293)
• 42e8c44 Integrate sdk-analytics with SDK (#1289)
• bfa5fbb Release 110.0.0 (#1235)
• See full diff in compare view

Updates next from 15.2.4 to 15.4.10

Release notes

Sourced from next's releases.

v15.4.10

Please see the Next.js Security Update for information about this security patch.

v15.4.8

Please see CVE-2025-66478 for additional details about this release.

v15.3.8

Please see the Next.js Security Update for information about this security patch.

v15.3.6

Please see CVE-2025-66478 for additional details about this release.

Commits

• 43cb546 v15.4.10
• 6129673 Backport facebook/react#35351 for 15.4.9 (#87087)
• d1449e5 v15.4.9
• 596f513 Update React Version (#42)
• 2ff781e Update React Version (#31)
• d0edaac Backport Next.js changes to v15.4.9 (#24)
• bd84546 lock binaries
• 4966847 v15.4.8
• bf8d31c update version script
• bed530f Update React Version for Next.js 15.4.8 (#9)
• Additional commits viewable in compare view

Updates next from 15.3.3 to 15.4.10

Release notes

Sourced from next's releases.

v15.4.10

Please see the Next.js Security Update for information about this security patch.

v15.4.8

Please see CVE-2025-66478 for additional details about this release.

v15.3.8

Please see the Next.js Security Update for information about this security patch.

v15.3.6

Please see CVE-2025-66478 for additional details about this release.

Commits

• 43cb546 v15.4.10
• 6129673 Backport facebook/react#35351 for 15.4.9 (#87087)
• d1449e5 v15.4.9
• 596f513 Update React Version (#42)
• 2ff781e Update React Version (#31)
• d0edaac Backport Next.js changes to v15.4.9 (#24)
• bd84546 lock binaries
• 4966847 v15.4.8
• bf8d31c update version script
• bed530f Update React Version for Next.js 15.4.8 (#9)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
sequence-js-docs	Ready	Preview, Comment	Dec 26, 2025 7:12pm
sequence-js-web	Ready	Preview, Comment	Dec 26, 2025 7:12pm
sequence.js	Canceled		Dec 26, 2025 7:12pm
wagmi-project	Canceled		Dec 26, 2025 7:12pm

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.