Skip to content

fix(deps): update dependency viem to v2#8

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/viem-2.x
Open

fix(deps): update dependency viem to v2#8
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/viem-2.x

Conversation

@renovate

@renovate renovate Bot commented Jan 22, 2024

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
viem (source) ^1.18.4^2.0.0 age confidence

Release Notes

wevm/viem (viem)

v2.55.2

Compare Source

Patch Changes

v2.55.1

Compare Source

Patch Changes

v2.55.0

Compare Source

Minor Changes
Patch Changes

v2.54.6

Compare Source

Patch Changes
  • #​4807 f1ac4480d0c1c6f29bf709f116068e903643ecad Thanks @​jxom! - viem/tempo: Supported calling token .call builders without a Client (restores the pre-2.54 call signature). When the Client is omitted, token must be a TIP20 token id or contract address, and formatted amounts require explicit decimals.

v2.54.5

Compare Source

Patch Changes

v2.54.4

Compare Source

Patch Changes

v2.54.3

Compare Source

Patch Changes

v2.54.2

Compare Source

Patch Changes

v2.54.1

Compare Source

Patch Changes

v2.54.0

Compare Source

Minor Changes
  • #​4767 0def05663277a93e645bc28740a78bfc916810ec Thanks @​jxom! - Breaking (viem/tempo): Changed Tempo token balance and allowance reads to return Amount objects.

    -const balance = await client.token.getBalance({ token })
    -// ^? bigint
    +const balance = await client.token.getBalance({ token })
    +// ^? { amount: bigint; decimals: number; formatted: string }
    
    -const allowance = await client.token.getAllowance({ account, spender, token })
    -// ^? bigint
    +const allowance = await client.token.getAllowance({ account, spender, token })
    +// ^? { amount: bigint; decimals: number; formatted: string }
  • #​4767 0def05663277a93e645bc28740a78bfc916810ec Thanks @​jxom! - Breaking (viem/tempo): Changed Tempo token .call helpers to take the client before their action arguments.

    -Actions.token.transfer.call({ token, to, amount })
    +Actions.token.transfer.call(client, { token, to, amount })
    
    -Actions.token.getBalance.call({ account, token })
    +Actions.token.getBalance.call(client, { account, token })
  • #​4767 0def05663277a93e645bc28740a78bfc916810ec Thanks @​jxom! - Breaking: Changed ERC-20 token actions to resolve token symbols from the Client tokens array instead of built-in chain tokens config.

     import { createPublicClient, http } from 'viem'
     import { mainnet } from 'viem/chains'
    +import { usdc } from 'viem/tokens'
    
    -const client = createPublicClient({ chain: mainnet, transport: http() })
    +const client = createPublicClient({
    +  chain: mainnet,
    +  tokens: [usdc],
    +  transport: http(),
    +})
    
     const balance = await client.token.getBalance({ account, token: 'usdc' })
  • #​4767 0def05663277a93e645bc28740a78bfc916810ec Thanks @​jxom! - Added viem/tokens entrypoint.

Patch Changes

v2.53.1

Compare Source

Patch Changes

v2.52.2

Compare Source

Patch Changes

v2.52.0

Compare Source

Minor Changes

v2.51.3

Compare Source

Patch Changes

v2.51.2

Compare Source

Patch Changes

v2.51.0

Compare Source

Minor Changes
Patch Changes

v2.50.4

Compare Source

Patch Changes

v2.50.3

Compare Source

Patch Changes

v2.49.3

Compare Source

Patch Changes

v2.49.2

Compare Source

Patch Changes

v2.49.0

Compare Source

Minor Changes
Patch Changes
  • #​4608 0e282d69d534e7fc277300260e31c07c4d8cb325 Thanks @​jxom! - viem/tempo: Updated Actions.wallet.send parameters to match the latest wallet RPC schema: renamed value to amount, added an optional memo field (UTF-8, max 32 bytes; rejected for non-TIP-20 tokens), and widened token to also accept curated tokenlist symbols.

    await Actions.wallet.send(client, {
    +  amount: '1.5',
    +  memo: 'thanks',
       to: '0x...',
    -  token: '0x...',
    +  token: 'pathUsd',
    -  value: '1.5',
    })

v2.48.11

Compare Source

Patch Changes

v2.48.8

Compare Source

Patch Changes

v2.48.7

Compare Source

Patch Changes

v2.48.6

Compare Source

Patch Changes

v2.48.4

Compare Source

Patch Changes
  • #​4532 cb3206e1039b21e45e4ed17898aa1ff561cdecb4 Thanks @​jxom! - viem/tempo: Added virtual address actions for the TIP-1022 Address Registry precompile: virtualAddress.getMasterAddress, virtualAddress.resolve, virtualAddress.registerMaster, virtualAddress.registerMasterSync. Re-exported VirtualAddress and VirtualMaster from ox/tempo.

v2.48.3

Compare Source

Patch Changes

v2.48.2

Compare Source

Patch Changes

v2.48.1

Compare Source

Patch Changes

v2.48.0

Compare Source

Minor Changes

v2.47.19

Compare Source

Patch Changes

v2.47.18

Compare Source

Patch Changes

v2.47.17

Compare Source

Patch Changes

v2.47.16

Compare Source

Patch Changes

v2.47.15

Compare Source

Patch Changes

v2.47.14

Compare Source

Patch Changes

v2.47.12

Compare Source

Patch Changes

v2.47.11

Compare Source

Patch Changes

v2.47.10

Compare Source

Patch Changes

v2.47.6

Compare Source

Patch Changes

v2.47.5

Compare Source

Patch Changes

v2.47.4

Compare Source

Patch Changes

v2.47.2

Compare Source

Patch Changes

v2.47.1

Compare Source

Patch Changes

v2.47.0

Compare Source

Minor Changes
  • 1adb83804d5f6c3f36d5f293de88532330d52dc7 Thanks @​jxom! - Breaking (viem/tempo): chainId is now required when signing access key authorizations with signKeyAuthorization. It is recommended to use client.accessKey.signAuthorization instead for inferred chain ID.

    import { client } from './viem.config'
    import { Account } from 'viem/tempo'
    
    const account = Account.from({ privateKey: '0x...' })
    const accessKey = Account.fromP256(generatePrivateKey(), {
      access: account,
    })
    
    - const keyAuthorization = await account.signKeyAuthorization(accessKey)
    + const keyAuthorization = await client.accessKey.signAuthorization({
    +   account,
    +   accessKey,
    + })
Patch Changes

v2.46.3

Compare Source

Patch Changes

v2.46.2

[Compare Source](https://redirect.github.com/wevm/viem/compare/viem@2.46.1..

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
renovate Bot requested a review from a team as a code owner January 22, 2024 03:26
@socket-security

socket-security Bot commented Jan 22, 2024

Copy link
Copy Markdown

@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from e632f03 to 94673fa Compare July 28, 2025 15:09
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from d45e288 to b75a69a Compare August 10, 2025 09:41
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from b75a69a to cc5e9f9 Compare August 19, 2025 12:12
@socket-security

socket-security Bot commented Aug 19, 2025

Copy link
Copy Markdown

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Block Low
viem@2.37.5 is a AI-detected potential code anomaly.

Notes: The code appears to be a legitimate, feature-rich Ethereum call utility with support for deployless calls and multicall scheduling. No hardcoded credentials or malicious backdoors are evident. The dynamic require in the error path (ccip.js) is a legitimate pattern for CCIP workflows but represents a dynamic dependency surface that should be monitored. Overall, the module shows standard security-risk characteristics for a blockchain-facing library, with a moderate risk due to complexity and dynamic module loading, but no direct malware indicators.

Confidence: 1.00

Severity: 0.60

From: package.jsonnpm/viem@2.37.5

ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/viem@2.37.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block Low
viem@2.37.5 is a AI-detected potential code anomaly.

Notes: The code implements a cross-chain deposit flow with proper validations, artifact reads, and on-chain interactions. There is no evidence of hidden backdoors, data exfiltration, or malware. The main security considerations relate to token approval logic and correct configuration of flags to avoid granting excessive allowances. Overall, the module appears legitimate for a bridge deposit flow, with moderate risk primarily around configuration of approvals and correct handling of gas/fees.

Confidence: 1.00

Severity: 0.60

From: package.jsonnpm/viem@2.37.5

ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/viem@2.37.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from cc5e9f9 to ef75c96 Compare August 27, 2025 23:54
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from 83e3103 to 9ce1ca4 Compare September 10, 2025 11:13
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from c75f4ba to 23b11d7 Compare September 23, 2025 07:03
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from a0099e3 to da4bd9d Compare October 6, 2025 06:52
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 0529fc0 to d75d914 Compare October 15, 2025 22:49
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from d75d914 to b20fb35 Compare October 17, 2025 06:43
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 91a44a3 to 1b1ea0d Compare October 31, 2025 13:49
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from 1b1ea0d to 86d0abf Compare November 4, 2025 09:40
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from 7861f95 to 1faf3af Compare November 21, 2025 02:59
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from c79675f to 8827d94 Compare December 3, 2025 15:03
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from 8827d94 to b7fac7d Compare December 5, 2025 22:03
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from b7fac7d to 8f9abf1 Compare December 17, 2025 05:03
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 7a56ff9 to 8d33efb Compare February 18, 2026 07:27
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from f799297 to a33c80b Compare March 5, 2026 16:55
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 429e4a7 to 2a0ec8c Compare March 15, 2026 02:39
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 2b6a5e8 to 71d0ebf Compare March 24, 2026 10:53
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from 660627c to 9f4810c Compare April 13, 2026 02:55
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from f4e5748 to 03bb6bb Compare April 18, 2026 06:55
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from 03bb6bb to a6206b4 Compare April 24, 2026 03:13
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from b78276a to 1f133c4 Compare May 10, 2026 22:28
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from 9c1528c to 233e2a7 Compare May 22, 2026 02:53
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 88b1524 to edf1a99 Compare June 2, 2026 00:14
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from edf1a99 to b3b017a Compare June 7, 2026 18:47
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from b3b017a to d648066 Compare June 23, 2026 08:45
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 3 times, most recently from f055d1f to b44676a Compare July 9, 2026 07:39
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch 2 times, most recently from 85059fc to b91fa34 Compare July 15, 2026 08:35
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
renovate Bot force-pushed the renovate/viem-2.x branch from b91fa34 to 5bb0113 Compare July 17, 2026 03:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants