chore(deps): bump @x402/fetch from 2.12.0 to 2.14.0 in /agent-sdk#85
chore(deps): bump @x402/fetch from 2.12.0 to 2.14.0 in /agent-sdk#85dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [@x402/fetch](https://github.com/x402-foundation/x402) from 2.12.0 to 2.14.0. - [Commits](https://github.com/x402-foundation/x402/compare/npm-@x402/fetch@v2.12.0...npm-@x402/fetch@v2.14.0) --- updated-dependencies: - dependency-name: "@x402/fetch" dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
The latest updates on your projects. Learn more about Vercel for GitHub. 1 Skipped Deployment
|
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| "@x402/core": "^2.12.0", | ||
| "@x402/evm": "^2.12.0", | ||
| "@x402/fetch": "^2.12.0", | ||
| "@x402/fetch": "^2.14.0", |
There was a problem hiding this comment.
🔴 Lockfile not updated after @x402/fetch version bump
The package.json bumps @x402/fetch from ^2.12.0 to ^2.14.0, but agent-sdk/pnpm-lock.yaml was not regenerated. The lockfile still records specifier ^2.12.0 and resolves to version 2.12.0 (agent-sdk/pnpm-lock.yaml:17-19). This mismatch means pnpm install --frozen-lockfile will fail inside agent-sdk/, and without the lockfile update the actual resolved version installed remains 2.12.0 — the bump has no practical effect.
Prompt for agents
The pnpm-lock.yaml in agent-sdk/ was not regenerated after bumping @x402/fetch in package.json. Run `cd agent-sdk && pnpm install` (or the equivalent pnpm command to update the lockfile) so that pnpm-lock.yaml reflects the new specifier (^2.14.0) and resolves to a 2.14.x version. Then commit the updated lockfile alongside the package.json change.
Was this helpful? React with 👍 or 👎 to provide feedback.
| "@x402/core": "^2.12.0", | ||
| "@x402/evm": "^2.12.0", | ||
| "@x402/fetch": "^2.12.0", | ||
| "@x402/fetch": "^2.14.0", |
There was a problem hiding this comment.
🚩 Potential version skew across @x402/ packages*
After this bump, @x402/fetch would be at ^2.14.0 while @x402/core and @x402/evm remain at ^2.12.0. In agent-sdk/payVendor.js:2-4, all three packages are imported together — @x402/core/client, @x402/evm/exact/client, and @x402/fetch. If @x402/fetch@2.14.x expects a @x402/core peer at >=2.14.0 (or uses new APIs from it), this could cause runtime errors. Without access to the npm registry metadata for these packages, I cannot confirm whether this is a real incompatibility, but it's worth verifying that the @x402/fetch@2.14.x release is compatible with @x402/core@2.12.x.
Was this helpful? React with 👍 or 👎 to provide feedback.
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
mandate402 | c9d2d46 | Commit Preview URL Branch Preview URL |
Jun 01 2026, 11:41 AM |
1 participant
Bumps @x402/fetch from 2.12.0 to 2.14.0.
Commits
45d81d4chore(go): release v2.13.0 (#2515)cf407e2Release/typescript 2026 05 29 (#2516)c0cdc00chore: version python package (#2514)10e59e1auth-capture client scheme (TypeScript) (#2486)087922adocs(spec): Concordium exact review fixes (#2389)be788e0Bazaar service metadata plumbing (#2496)ba2eb68chore(svm): add changeset for #1527 smart wallet verification (#2505)27553c7feat(svm): add simulation-based smart wallet verification (#1527)bb21c71Update Python service metadata docs for RouteConfig (#2490)51f889bfix: erc-6492 factory call was server driven (#2480)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)