Skip to content

build(deps): bump @solana/addresses from 3.0.3 to 5.0.0 #8392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump @solana/addresses from 3.0.3 to 5.0.0 #8392

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2025
edited by pr-codex bot
Loading

Bumps @solana/addresses from 3.0.3 to 5.0.0.

Release notes

Sourced from @​solana/addresses's releases.

v5.0.0

@​solana/kit

v5.0.0 (2025-10-23)

Major Changes

  • [@solana/errors, @solana/rpc-types] #974 0fed638 Thanks @​joncinque! - BorshIoErrors from the RPC no longer contain an encodedData property. This property used to hold the underlying error from the serialization library used on the server. This message was always subject to changes in the version of that library, or changes in the choice of library itself. New versions of the server no longer throw the underlying error, so for consistency it has been removed everywhere in Kit.

v4.0.0

@​solana/kit

v4.0.0 (2025-10-08)

Major Changes

  • [@solana/react, @solana/signers] #927 c035ab8 Thanks @​mcintyre94! - Update the signer API to return Transaction & TransactionWithLifetime

    The modifyAndSignTransactions function for a TransactionModifyingSigner must now return a Transaction & TransactionWithLifetime & TransactionWithinSizeLimit. Previously it technically needed to return a type derived from the input TransactionMessage, but this wasn't checked.

    If you have written a TransactionModifyingSigner then you should review the changes to useWalletAccountTransactionSigner in the React package for guidance. You may need to use the new getTransactionLifetimeConstraintFromCompiledTransactionMessage function to obtain a lifetime for the transaction being returned.

    If you are using a TransactionModifyingSigner such as useWalletAccountTransactionSigner, then you will now receive a transaction with TransactionWithLifetime when you would previously have received a type with a lifetime matching the input transaction message. This was never guaranteed to match at runtime, but we incorrectly returned a stronger type than can be guaranteed. You may need to use the new isTransactionWithBlockhashLifetime or isTransactionWithDurableNonceLifetime functions to check the lifetime type of the returned transaction. For example, if you want to pass it to a function returned by sendAndConfirmTransactionFactory then you must use isTransactionWithBlockhashLifetime or assertIsTransactionWithBlockhashLifetime to check its lifetime first.

  • [@solana/rpc-graphql, @solana/rpc-subscriptions-api, @solana/rpc-types] #550 ce7f91c Thanks @​steveluscher! - Removed rentEpoch from the AccountInfoBase type. This property is no longer relevant post SIMD-215. Developers whose applications rely on this property being numeric should either eliminate it or hardcode it to 18_446_744_073_709_551_615n.

Minor Changes

Patch Changes

  • [@solana/codecs-core, @solana/errors] #944 22f18d0 Thanks @​mcintyre94! - Add a function to create a decoder that checks the size of the input bytes

  • [@solana/compat] #906 eabeb3a Thanks @​guibescos! - Fixed a bug where calling fromVersionedTransaction() with a VersionedTransaction that uses address table lookups would result in a runtime fatal

  • [@solana/errors, @solana/transactions] #918 5408f52 Thanks @​mcintyre94! - Add a function to extract the lifetime from a CompiledTransactionMessage

  • [@solana/errors, @solana/transaction-messages, @solana/transactions] #871 cb11699 Thanks @​mcintyre94! - Do not allow decoding transactions with an unsupported version

  • [@solana/errors] #873 9fa8465 Thanks @​steveluscher! - When you use the @solana/errors CLI you will now always get version 5.6.2 of chalk and version 14.0.0 of commander, which themselves are zero-dependency.

  • [@solana/errors, @solana/react] #919 c87cada Thanks @​mcintyre94! - Update useWalletAccountTransactionSigner to return a LifetimeConstraint for the updated transaction

  • [@solana/keys] #901 f591dea Thanks @​guibescos! - Added assertion (assertIsSignatureBytes), guard (isSignatureBytes), and coercion (signatureBytes) methods to make it easier to work with callsites that demand a SignatureBytes type

  • [@solana/kit] #521 98bde94 Thanks @​tao-stones! - Add loadedAccountsDataSize to simulateTransaction response

  • [@solana/rpc-subscriptions] #904 9e8bfe4 Thanks @​steveluscher! - yExported all of the channel creators that form part of createDefaultSolanaRpcSubscriptionsChannelCreator() so that developers can configure their own custom channels

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

PR-Codex overview

This PR updates various dependencies in the package.json and pnpm-lock.yaml files, including major version upgrades for @solana/addresses, @babel/core, and @smithy packages, ensuring compatibility and incorporating new features or fixes.

Detailed summary

  • Updated @solana/addresses from ^3.0.0 to ^5.0.0.
  • Updated @babel/core from 7.28.4 to 7.28.5.
  • Updated @smithy packages to newer versions (e.g., @smithy/fetch-http-handler, @smithy/core, etc.).
  • Adjusted dependency versions in pnpm-lock.yaml for consistency and compatibility.

The following files were skipped due to too many changes: pnpm-lock.yaml

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

@dependabot
build(deps): bump @solana/addresses from 3.0.3 to 5.0.0
030ee32 
Bumps [@solana/addresses](https://github.com/anza-xyz/kit) from 3.0.3 to 5.0.0.
- [Release notes](https://github.com/anza-xyz/kit/releases)
- [Commits](anza-xyz/kit@v3.0.3...v5.0.0)

---
updated-dependencies:
- dependency-name: "@solana/addresses"
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 10, 2025
@changeset-bot
Copy link

changeset-bot bot commented Nov 10, 2025

⚠️ No Changeset found

Latest commit: 030ee32

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel
Copy link

vercel bot commented Nov 10, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
docs-v2 Ready Ready Preview Comment Nov 10, 2025 8:20pm
nebula Ready Ready Preview Comment Nov 10, 2025 8:20pm
thirdweb_playground Error Error Nov 10, 2025 8:20pm
thirdweb-www Ready Ready Preview Comment Nov 10, 2025 8:20pm
wallet-ui Ready Ready Preview Comment Nov 10, 2025 8:20pm

@graphite-app
Copy link
Contributor

graphite-app bot commented Nov 10, 2025

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • merge-queue - adds this PR to the back of the merge queue
  • hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 10, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@socket-security
Copy link

socket-security bot commented Nov 10, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​solana/​addresses@​5.0.010010010096100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code packages

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant