Skip to content

chore(deps): bump serialize-javascript and hardhat in /integration_tests/contracts#2084

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/integration_tests/contracts/multi-128655af07
Closed

chore(deps): bump serialize-javascript and hardhat in /integration_tests/contracts#2084
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/integration_tests/contracts/multi-128655af07

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026

Removes serialize-javascript. It's no longer used after updating ancestor dependency hardhat. These dependencies need to be updated together.

Removes serialize-javascript

Updates hardhat from 2.27.1 to 3.5.1

Release notes

Sourced from hardhat's releases.

Hardhat v3.5.1

This is a small release with some quality of life improvements, and a fix to hardhat --init so that it works with pnpm 11.

Changes

💡 The Nomic Foundation is hiring! Check our open positions.

Hardhat v3.5.0

This release has multiple new additions and bug fixes including: support for EIP-712 cheatcodes in Solidity Test, allowing direct project initialization by named template with --init --template \<template-name>, and switching to Typescript 6 for new projects.

Changes

  • #8243 08805db Thanks @​ChristopherDedominici! - Support EIP-712 cheatcodes in Solidity Test.

  • #8188 d48bbfd Thanks @​alcuadrado! - Add --init --template \<template-name> to initialize projects in a non-interactive way. Also add --init --templates to get the list of template names.

  • #8312 76c15ff Thanks @​alcuadrado! - Update the Hardhat 3 TypeScript project templates for TypeScript 6.

  • #8301 793cc84 Thanks @​kanej! - Disable transaction gas cap and block gas limit when running tests under --coverage.

  • #8270 cf2823b Thanks @​schaable! - Solidity test configuration now also accepts { profiles: { default: ... } }. Only the default profile is currently supported, other profile names will be supported in a future release. The previous flat shape continues to work unchanged.

    The resolved HardhatConfig.test.solidity is now profile-keyed: read per-profile fields at hre.config.test.solidity.profiles.default.* instead of hre.config.test.solidity.*. Plugins that read the resolved Solidity test config need to be updated.

  • #8298 83b1ae1 Thanks @​Wodann! - - Fixed a bug when using a test filter where the setUp function would be run for empty test suites

    • Fixed a bug where snapshot cheatcodes would throw an error if names were invalid
    • Fixed coverage instrumentation interfering with the single-call vm.prank cheatcode
    • Added support for instrumentation of Solidity 0.8.35

  • #8264 8452f97 Thanks @​alcuadrado! - Export ./package.json so consumers can import the package's manifest.

  • #8310 9f394ec Thanks @​js360000! - Fix JSON-RPC error.data shape for revert errors (code 3): return the raw revert hex string directly instead of a { message, txHash, data } wrapper object.

  • #8269 045cb8d Thanks @​alcuadrado! - Always load the builtin plugins' type extensions

  • #8301 793cc84 Thanks @​kanej! - Respect user config for allowUnlimitedContractSize when running under --coverage.

  • #8259 1d1204f Thanks @​kanej! - Fixed build overrides not being respected when running compile

  • #8290 3a15b11 Thanks @​gultekinmakif! - Fixed abstract contracts being picked up as test suites by the Solidity test runner (#8203).

  • #8266 325bae1 Thanks @​schaable! - Sanitized snapshot cheatcode group names to avoid issues when persisting them to disk. A warning is shown when a group is renamed suggesting the user to update their snapshot group names to match the on-disk names.

... (truncated)

Changelog

Sourced from hardhat's changelog.

3.5.1

Patch Changes

3.5.0

Minor Changes

  • #8301 793cc84 Thanks @​kanej! - Disable transaction gas cap and block gas limit when running tests under --coverage.

  • #8270 cf2823b Thanks @​schaable! - Solidity test configuration now also accepts { profiles: { default: ... } }. Only the default profile is currently supported, other profile names will be supported in a future release. The previous flat shape continues to work unchanged.

    The resolved HardhatConfig.test.solidity is now profile-keyed: read per-profile fields at hre.config.test.solidity.profiles.default.* instead of hre.config.test.solidity.*. Plugins that read the resolved Solidity test config need to be updated.

Patch Changes

  • #8298 83b1ae1 Thanks @​Wodann! - - Fixed a bug when using a test filter where the setUp function would be run for empty test suites

    • Fixed a bug where snapshot cheatcodes would throw an error if names were invalid
    • Fixed coverage instrumentation interfering with the single-call vm.prank cheatcode
    • Added support for instrumentation of Solidity 0.8.35

  • #8264 8452f97 Thanks @​alcuadrado! - Export ./package.json so consumers can import the package's manifest.

  • #8310 9f394ec Thanks @​js360000! - Fix JSON-RPC error.data shape for revert errors (code 3): return the raw revert hex string directly instead of a { message, txHash, data } wrapper object. This matches the geth/anvil/EVM-node convention that client tooling (viem, ethers, web3.js) relies on when decoding custom errors. Closes #8075.

  • #8269 045cb8d Thanks @​alcuadrado! - Always load the builtin plugins' type extensions

  • #8243 08805db Thanks @​ChristopherDedominici! - Support EIP-712 cheatcodes in Solidity Test.

  • #8301 793cc84 Thanks @​kanej! - Respect user config for allowUnlimitedContractSize when running under --coverage.

  • #8259 1d1204f Thanks @​kanej! - Fixed build overrides not being respected when running compile

  • #8188 d48bbfd Thanks @​alcuadrado! - Add --init --template \<template-name> to initialize projects in a non-interactive way. Also add --init --templates to get the list of template names.

  • #8290 3a15b11 Thanks @​gultekinmakif! - Fixed abstract contracts being picked up as test suites by the Solidity test runner (#8203).

  • #8266 325bae1 Thanks @​schaable! - Sanitized snapshot cheatcode group names to avoid issues when persisting them to disk. A warning is shown when a group is renamed suggesting the user to update their snapshot group names to match the on-disk names.

  • #8312 76c15ff Thanks @​alcuadrado! - Update the Hardhat 3 TypeScript project templates for TypeScript 6.

  • Updated dependencies:

    • @​nomicfoundation/hardhat-errors@​3.0.13

... (truncated)

Commits
  • 2e834e0 Version Packages
  • f3d09ae Merge pull request #8302 from NomicFoundation/suppress-solidity-compilation-w...
  • 3cb4934 Merge pull request #8316 from NomicFoundation/pnpm-11-init
  • 86bf9cb Merge pull request #8315 from NomicFoundation/migration-error-messages
  • 977ed89 Merge pull request #8306 from NomicFoundation/refactor/create-tmp-dir
  • 489d6db address copilot's suggestions
  • 975180d fix spellcheck
  • aa83aa0 refactor(test): route useTestProjectTemplate through workspace-local tmp dirs
  • da2f657 refactor(test): migrate special-case tmp-dir tests to createTmpDir
  • 7a08794 refactor(test): migrate scenario A/B tmp-dir tests to createTmpDir
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump serialize-javascript and hardhat
e00b11c 
Removes [serialize-javascript](https://github.com/yahoo/serialize-javascript). It's no longer used after updating ancestor dependency [hardhat](https://github.com/NomicFoundation/hardhat/tree/HEAD/packages/hardhat). These dependencies need to be updated together.


Removes `serialize-javascript`

Updates `hardhat` from 2.27.1 to 3.5.1
- [Release notes](https://github.com/NomicFoundation/hardhat/releases)
- [Changelog](https://github.com/NomicFoundation/hardhat/blob/main/packages/hardhat/CHANGELOG.md)
- [Commits](https://github.com/NomicFoundation/hardhat/commits/hardhat@3.5.1/packages/hardhat)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-version:
  dependency-type: indirect
- dependency-name: hardhat
  dependency-version: 3.5.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 22, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 22, 2026 01:33
@dependabot dependabot Bot requested review from calvinaco and songgaoye and removed request for a team May 22, 2026 01:33
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 22, 2026
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 22, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​hardhat@​2.27.1 ⏵ 3.5.199 +710082 -996100 +20

View full report

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 26, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/integration_tests/contracts/multi-128655af07 branch May 26, 2026 01:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thomas-nguy thomas-nguy thomas-nguy approved these changes

@calvinaco calvinaco Awaiting requested review from calvinaco calvinaco is a code owner automatically assigned from crypto-org-chain/cronos-dev

@songgaoye songgaoye Awaiting requested review from songgaoye songgaoye is a code owner automatically assigned from crypto-org-chain/cronos-dev

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thomas-nguy