Skip to content

🔒 Update example lockfiles #1908

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
layerzero-bot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🔒 Update example lockfiles #1908

layerzero-bot wants to merge 1 commit into from

Conversation

@layerzero-bot
Copy link
Collaborator

@layerzero-bot layerzero-bot commented Jan 20, 2026

Automated update of example lockfiles after package publishing.

⚠️ Version packages PRs should be merged first.

@layerzero-bot layerzero-bot self-assigned this Jan 20, 2026
@cursor
Copy link

cursor bot commented Jan 20, 2026
edited
Loading

PR Summary

Updates example lockfiles to reflect newly published package versions.

  • Bumps @layerzerolabs/devtools-solana to 3.0.6 in examples/oapp-solana and examples/oft-solana lockfiles
  • Aligns dependent entries to reference the new version (e.g., protocol-devtools-solana, ua-devtools-solana)
  • Updates a transitive @layerzerolabs/lz-v2-utilities entry to 3.0.150 (within oft-v2-solana-sdk), plus integrity hashes

Written by Cursor Bugbot for commit 63ce60a. This will update automatically on new commits. Configure here.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 20, 2026

Auto-approved: This PR from layerzero-bot only contains package.json, lockfile, changeset, or CHANGELOG updates.

cursor[bot]
cursor bot reviewed Jan 20, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 2 potential issues.

examples/oft-solana/pnpm-lock.yaml
'@layerzerolabs/lz-definitions': ^3.0.75
'@layerzerolabs/devtools': ~2.0.4
'@layerzerolabs/io-devtools': ~0.3.2
'@layerzerolabs/lz-definitions': ^3.0.148
Copy link

@cursor cursor bot Jan 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Peer dependency mismatch in oft-solana lockfile update

Medium Severity

The lockfile update for @layerzerolabs/devtools-solana@3.0.6 introduces peer dependency mismatches. The package requires @layerzerolabs/devtools ~2.0.4, @layerzerolabs/io-devtools ~0.3.2, and @layerzerolabs/lz-definitions ^3.0.148, but the resolved dependencies provide versions 2.0.3, 0.3.1, and 3.0.142 respectively—none of which satisfy the declared requirements. This could cause runtime errors if the new package version relies on APIs only available in the newer peer dependency versions.

Additional Locations (1)

Fix in Cursor Fix in Web

examples/oapp-solana/pnpm-lock.yaml
/@layerzerolabs/devtools-solana@3.0.5(@layerzerolabs/devtools@2.0.4)(@layerzerolabs/io-devtools@0.3.2)(@layerzerolabs/lz-definitions@3.0.145)(@solana/web3.js@1.95.8)(bn.js@5.2.2)(fastestsmallesttextencoderdecoder@1.0.22)(fp-ts@2.16.11)(typescript@5.9.3)(zod@3.25.76):
resolution: {integrity: sha512-O+6F668yAL7pD8y+Z9F6XSW2oTBpOnrn/kqpU9XSEA7dkvv6MxvJI9GZkZbM2nJ7Tu0xRHa5R2u7bFbXVL0VRw==}
/@layerzerolabs/devtools-solana@3.0.6(@layerzerolabs/devtools@2.0.4)(@layerzerolabs/io-devtools@0.3.2)(@layerzerolabs/lz-definitions@3.0.145)(@solana/web3.js@1.95.8)(bn.js@5.2.2)(fastestsmallesttextencoderdecoder@1.0.22)(fp-ts@2.16.11)(typescript@5.9.3)(zod@3.25.76):
resolution: {integrity: sha512-QOcEIkof5BfAsRM3HiBlqieELA7rbQg5K+wDQJp6uk0OBkJtxWMBNDBYh58fwVMxILjKT1gKf49ElZYI7Sty8A==}
Copy link

@cursor cursor bot Jan 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Peer dependency version mismatch in oapp-solana lockfile

Low Severity

The @layerzerolabs/devtools-solana@3.0.6 package in the oapp-solana lockfile declares a peer dependency of @layerzerolabs/lz-definitions ^3.0.148, but the resolved version is 3.0.145 which doesn't satisfy this requirement (3.0.145 < 3.0.148). This could cause runtime issues if the new devtools-solana version relies on features or fixes only present in lz-definitions@3.0.148 or later.

Fix in Cursor Fix in Web

@github-actions
Copy link
Contributor

github-actions bot commented Jan 20, 2026

🧪 E2E Test Status

E2E tests are non-blocking and validate real blockchain interactions. Failures may occur due to network issues, RPC rate limits, or external service downtime.

Test Runs (Newest First):

  • Run #6593 - Passed - 2026-01-20 21:05 (UTC)

@nazreen nazreen added this pull request to the merge queue Jan 21, 2026
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jan 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@nazreen nazreen nazreen approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@layerzero-bot layerzero-bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@layerzero-bot @nazreen