Prepare Release

[github-actions]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or setup this action to publish automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to master, this PR will be updated.

Releases

@openzeppelin/[email protected]

Changelog

0.3.2 (2025-11-13)

• Add tokenUri setting for stellar non fungible model (#725)

0.3.1 (2025-11-12)

• Solidity account signer: Add WebAuthn to the list of signers available. (#718)

0.3.0 (2025-11-11)

• Breaking changes: Solidity Stablecoin and RWA: Change custodian option to freezable. Replace ERC20Custodian with ERC20Freezable. (#719)
• Add macros descriptions for Cairo (#703)

0.2.0 (2025-11-03)

• Breaking changes: Solidity Stablecoin and RWA: Change limitations option to restrictions. Replace ERC20Allowlist and ERC20Blocklist with ERC20Restricted. (#715)
• Update @openzeppelin/contracts and @openzeppelin/contracts-upgradeable dependencies to 5.5.0 (#681)
  • Breaking changes:
    • Solidity account signer: ERC7702 option is renamed as EIP7702. Imported contract SignerERC7702 is renamed as SignerEIP7702.
    • Solidity upgradeable contracts: Initializable and UUPSUpgradeable are imported from @openzeppelin/contracts instead of @openzeppelin/contracts-upgradeable.

0.1.2 (2025-10-29)

• Add AI descriptions for AccessControl in Cairo-alpha (#698)

0.1.1 (2025-09-16)

• Update Solidity Account prompt (#609)
• Support decimals customization for ERC20 Cairo contracts (#654)

0.1.0 (2025-08-15)

• Bump minor version for semantic versioning stability (#631)

0.0.3 (2025-08-12)

• Breaking change: Use ERC20Bridgeable from OpenZeppelin Contracts 5.4.0 instead of Community Contracts (#619)

0.0.2 (2025-07-03)

• Stellar: Add Stablecoin with Limitations and Access Control (ownable and roles). (#575)

0.0.1 (2025-06-20)

• Add support for Wizard MCP server. (#569)

@openzeppelin/[email protected]

Changelog

0.4.4 (2025-11-13)

• Add tokenUri setting for stellar non fungible model (#725)

0.4.3 (2025-10-14)

• Set security contact as contract metadata (#679)

0.4.2 (2025-07-25)

• Fix access control dependency import to import from stellar_access instead of stellar_contract_utils (#608)

0.4.1 (2025-07-22)

• Dependencies from crates.io and remove unused imports (#602)
  • Breaking changes:
    • Use OpenZeppelin Stellar Soroban Contracts v0.4.1

0.3.0 (2025-07-03)

• Add Stablecoin with Limitations and Access Control (ownable and roles). (#575)
  • Breaking changes:
    • Use OpenZeppelin Stellar Soroban Contracts v0.3.0

0.2.3 (2025-06-27)

• Add security contact in contract info (#563)

0.2.2 (2025-06-20)

• Add support for Wizard MCP server. (#569)

0.2.1 (2025-06-10)

• Fix missing ContractOverrides import and rename defaultimpl to default_impl. (#566)

0.2.0 (2025-05-13)

• Add NonFungible extension and minor refactorings to Fungible (crate renamings, etc.). (#531)
• Breaking changes:
  • Use OpenZeppelin Stellar Soroban Contracts v0.2.0

0.1.1 (2025-03-03)

• Add a default no_std to all contracts. (#471)

0.1.0 (2025-02-25)

• Initial version. (#460)

@openzeppelin/[email protected]

Changelog

0.4.3 (2025-11-13)

• Add tokenUri setting for stellar non fungible model (#725)
• Updated dependencies [3bb0213]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.4.2 (2025-11-12)

• Solidity account signer: Add WebAuthn to the list of signers available. (#718)
• Updated dependencies [be91f8f]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.4.1 (2025-11-11)

• Breaking changes: Solidity Stablecoin and RWA: Change custodian option to freezable. Replace ERC20Custodian with ERC20Freezable. (#719)
• Updated dependencies [6b8f8f5, c14be02, bec86b5, ce8fbba, 5c1fa0f]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.4.0 (2025-11-03)

• Update @openzeppelin/contracts and @openzeppelin/contracts-upgradeable dependencies to 5.5.0 (#681)

  • Breaking changes:
    • Solidity account signer: ERC7702 option is renamed as EIP7702. Imported contract SignerERC7702 is renamed as SignerEIP7702.
    • Solidity upgradeable contracts: Initializable and UUPSUpgradeable are imported from @openzeppelin/contracts instead of @openzeppelin/contracts-upgradeable.

• Breaking changes: Solidity Stablecoin and RWA: Change limitations option to restrictions. Replace ERC20Allowlist and ERC20Blocklist with ERC20Restricted. (#715)

• Updated dependencies [880b9b8, b49e056]:

  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.3.0 (2025-10-29)

• Breaking changes: Solidity: Use namespaced storage instead of state variables when upgradeability is enabled. (#704)
  • For ERC-20, use namespaced storage for tokenBridge when cross-chain bridging is set to 'custom' and upgradeability is enabled.
  • For ERC-721, use namespaced storage for _nextTokenId when mintable, auto increment IDs, and upgradeability are enabled.
• Updated dependencies [38da80c, 0f0509d]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.2.0 (2025-09-16)

• Add constructors for SignerECDSA, SignerP256, SignerRSA, SignerERC7702, SignerERC7913, MultiSignerERC7913 and MultiSignerERC7913Weighted (#609)
• Enable upgradeability for AccountERC7579, AccountERC7579Hooked, SignerECDSA, SignerP256, SignerRSA, SignerERC7702, SignerERC7913 and MultiSignerERC7913 (#609)
• Breaking change: Use Account, AccountERC7579, AccountERC7579Hooked, ERC7812, ERC7739Utils, ERC7913Utils, AbstractSigner, SignerECDSA, SignerP256, SignerRSA, SignerERC7702, SignerERC7913, MultiSignerERC7913, and MultiSignerERC7913Weighted from OpenZeppelin Contracts 5.4.0 instead of Community Contracts (#609)
• Support decimals customization for ERC20 Cairo contracts (#654)
• Updated dependencies [41d5c74, b9d58dc, 41d5c74, 41d5c74, 41d5c74, 029790c]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.1.1 (2025-09-02)

• Cairo: Support decimals value added to ERC-20 scheme (#654)

0.1.0 (2025-08-15)

• Export functions to register MCP tools (#631)
• Updated dependencies [2bb2a16, c65acb7]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.0.7 (2025-08-12)

• Updated dependencies [f39adfd]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.0.6 (2025-07-29)

• Update Wizard API dependencies (#612)

0.0.5 (2025-07-25)

• Breaking changes: Renamed package from @openzeppelin/wizard-mcp to @openzeppelin/contracts-mcp (#607)

0.0.4 (2025-07-22)

• Updated dependencies [9e61c0f]:
  • @openzeppelin/[email protected]

0.0.3 (2025-07-03)

• Stellar: Add Stablecoin with Limitations and Access Control (ownable and roles). (#575)
  • Potentially breaking changes:
    • Use OpenZeppelin Stellar Soroban Contracts v0.3.0
• Updated dependencies [4b86b07, 4b86b07]:
  • @openzeppelin/[email protected]
  • @openzeppelin/[email protected]

0.0.2 (2025-06-27)

• Add security contact for stellar (#585)
• Updated dependencies [8997a89]:
  • @openzeppelin/[email protected]

0.0.1 (2025-06-20)

• Add support for Wizard MCP server. (#569)

[coderabbitai]

Walkthrough

This PR releases patch versions for three OpenZeppelin packages by bumping versions across common (0.3.1→0.3.2), stellar (0.4.3→0.4.4), and mcp (0.4.2→0.4.3) with corresponding CHANGELOG entries documenting a new tokenUri setting for the Stellar non-fungible model. The associated changeset file was removed.

Changes

Cohort / File(s)	Summary
Changeset cleanup .changeset/brown-walls-roll.md	Removed changeset file after merge
Common package packages/common/package.json, packages/common/CHANGELOG.md	Version bumped to 0.3.2; added CHANGELOG entry documenting tokenUri setting for Stellar non-fungible model (2025-11-13)
Stellar package packages/core/stellar/package.json, packages/core/stellar/CHANGELOG.md	Version bumped to 0.4.4; added CHANGELOG entry documenting tokenUri setting for Stellar non-fungible model (2025-11-13)
MCP package packages/mcp/package.json, packages/mcp/CHANGELOG.md	Version bumped to 0.4.3; updated dependencies (@openzeppelin/wizard-common@^0.3.2, @openzeppelin/wizard-stellar@^0.4.4); added CHANGELOG entry (2025-11-13)

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• All changes are metadata updates: version bumps and CHANGELOG entries following standard release patterns
• No code logic, exports, or behavioral changes
• Straightforward dependency version pinning in mcp package.json

Possibly related PRs

• Prepare Release #731: Related through similar package metadata updates and version bumps to @openzeppelin/wizard-common and @openzeppelin/wizard-stellar

Suggested labels

ignore-changeset

Suggested reviewers

• ericglau
• CoveMB

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'Prepare Release' is generic and vague, failing to specify which packages are being released or the nature of changes.	Consider using a more specific title like 'Release: Update [email protected], [email protected], and [email protected]' to clearly indicate the packages and versions being released.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description clearly relates to the changeset, explaining the release process, listing affected packages with their version changes, and providing detailed changelogs for all modified packages.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch changeset-release/master

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​nomicfoundation/​hardhat-toolbox@​6.1.0
	@​openzeppelin/​hardhat-upgrades@​3.9.1
	hardhat@​2.26.3 ⏵ 2.26.5	+1		+2	+1

View full report

[socket-security]

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. It is recommended to resolve "Warn" alerts too. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		High CVE: Axios is vulnerable to DoS attack through lack of data size check CVE: GHSA-4hjh-wcwx-xvwj Axios is vulnerable to DoS attack through lack of data size check (HIGH) Affected versions: >= 1.0.0 < 1.12.0; < 0.30.2 Patched version: 1.12.0 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm amdefine is 100.0% likely to have a medium risk anomaly Notes: The code implements a global module loader hook that prepends a require('amdefine')(module) shim to nearly all .js modules before they are compiled. This is not directly overtly malicious, but it is a high-impact supply-chain/style modification: it alters every module load, can obscure behavior from static analysis, and increases attack surface if an attacker can modify this package or the amdefine module. Use of this module should be considered a risk in environments that require strict control of execution semantics or provenance; review and pin amdefine and this loader carefully. No clear evidence of direct data exfiltration or backdoor in this fragment. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm asynckit is 100.0% likely to have a medium risk anomaly Notes: The analyzed code is a standard wrapper/adapter for long-signature iterators in a streaming context. It includes proper handling to avoid duplicate callbacks, emits errors correctly, and finalizes the stream appropriately. There is no indication of malicious behavior, data exfiltration, or backdoor-like mechanisms. The risk is minimal and primarily relates to correct usage by downstream code (e.g., ensuring stream object has the expected properties). Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm axios is 100.0% likely to have a medium risk anomaly Notes: The code appears to be a standard, well-scoped progress-event utility used to report progress (upload/download) to a consumer listener. It reads input from the event object and computes metrics, then forwards a structured payload to a listener. A minor data exposure risk exists due to passing the raw event object to the listener; mitigations include sanitizing the payload or removing the event object before emission. Overall security risk remains modest, with malware likelihood negligible in this isolated module. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm axios is 100.0% likely to have a medium risk anomaly Notes: The code is a legitimate, self-contained throttling transformer designed for Axios-like streaming workflows. It throttles data output based on maxRate and timeWindow, preserves data integrity by splitting chunks when necessary, and emits optional progress telemetry. No malicious activity or data leakage is detected in this fragment. Security risk remains moderate due to throttling complexity and potential misconfiguration in real deployments, but the module itself does not introduce obvious security flaws. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm chalk is 100.0% likely to have a medium risk anomaly Notes: This is a conventional Chalk-like color-styling module. It exhibits expected behavior for terminal styling, uses environment checks for compatibility, and does not demonstrate malicious activity, data leakage, or external communications. Security risk is low in isolation; the primary considerations are safe usage in environments where ANSI sequences could affect log readability or concealment, and ensuring trusted template renderingCode integrity. Overall, the component appears benign within its described scope. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm fs-extra is 100.0% likely to have a medium risk anomaly Notes: The copy.js module appears to be a legitimate and secure filesystem copy utility with appropriate safeguards and options. No malicious activity detected, and typical supply-chain risk is limited to the general risk of filesystem operations. The code is suitable for inclusion in a package like fs-extra with normal risk expectations. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm node-addon-api is 100.0% likely to have a medium risk anomaly Notes: The script is a legitimate formatting helper within a Node.js project. It orchestrates clang-format via git-clang-format, supports fix and diff modes, and provides actionable feedback to the developer. While operational dependencies exist, no malicious activity or data leakage is evident based on the provided code and typical usage. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@openzeppelin/[email protected] → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm pbkdf2 is 72.0% likely to have a medium risk anomaly Notes: The code is a straightforward and correct PBKDF2 implementation using HMAC with support for multiple digests and standard input handling. No malicious behavior detected. Security risk mainly derives from correct usage (encodings, salt handling, and proper key length) and from the absence of explicit side-channel hardening within the function. Recommendations focus on careful integration and memory hygiene, and optional refinements for side-channel resilience in high-assurance contexts. Confidence: 0.72 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@openzeppelin/[email protected] → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm sc-istanbul is 100.0% likely to have a medium risk anomaly Notes: No direct malicious actions (network exfiltration, reverse shells, or hard-coded credentials) are present in this fragment. However, the module intentionally monkeypatches Node's module loader and VM APIs to transform and execute code at load time. Those capabilities are high-risk: if a malicious transformer/matcher is supplied (or if the package itself is replaced with a malicious version), it can inject arbitrary code into any loaded module, enabling supply-chain attacks, data theft, or backdoors. Reviewers should treat usage of this module as a high-privilege operation, ensure transformers are trusted, and limit hook usage to controlled environments. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm undici is 100.0% likely to have a medium risk anomaly Notes: The analyzed code appears to implement a standard in-memory cache batch operation flow (put/delete) with careful handling of response bodies by buffering and storing bytes for caching. No signs of malware, data exfiltration, backdoors, or obfuscated behavior were found. The primary security considerations relate to memory usage from buffering potentially large response bodies and ensuring robust validation within batch operations to prevent cache state corruption. Overall risk is moderate, driven by in-memory data handling rather than external communication. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/upgradeable/package-lock.json → npm/@openzeppelin/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm viem is 100.0% likely to have a medium risk anomaly Notes: The code implements a cross-chain deposit flow with proper validations, artifact reads, and on-chain interactions. There is no evidence of hidden backdoors, data exfiltration, or malware. The main security considerations relate to token approval logic and correct configuration of flags to avoid granting excessive allowances. Overall, the module appears legitimate for a bridge deposit flow, with moderate risk primarily around configuration of approvals and correct handling of gas/fees. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm ws is 100.0% likely to have a medium risk anomaly Notes: The code implements a standard EventTarget-like mixin for wrapping event listeners and dispatching events to user callbacks. There are no suspicious patterns such as dynamic code execution, hardcoded secrets, or network activity. The risk is contingent on what the consumer does inside their handlers; the snippet itself does not introduce malware or data leakage mechanisms beyond normal event dispatch. Overall security risk is low in isolation. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@openzeppelin/[email protected] → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): npm ws is 100.0% likely to have a medium risk anomaly Notes: The code implements a standard EventTarget-like mixin for wrapping event listeners and dispatching events to user callbacks. There are no suspicious patterns such as dynamic code execution, hardcoded secrets, or network activity. The risk is contingent on what the consumer does inside their handlers; the snippet itself does not introduce malware or data leakage mechanisms beyond normal event dispatch. Overall security risk is low in isolation. Confidence: 1.00 Severity: 0.60 From: packages/core/solidity/src/environments/hardhat/package-lock.json → npm/@nomicfoundation/[email protected] → npm/@nomicfoundation/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm buffer is 96.0% likely obfuscated Confidence: 0.96 Location: Package overview From: packages/core/solidity/src/environments/hardhat/upgradeable/package-lock.json → npm/@openzeppelin/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[coderabbitai]

Actionable comments posted: 3

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3bb0213 and f659835.

📒 Files selected for processing (7)

• .changeset/brown-walls-roll.md (0 hunks)
• packages/common/CHANGELOG.md (1 hunks)
• packages/common/package.json (1 hunks)
• packages/core/stellar/CHANGELOG.md (1 hunks)
• packages/core/stellar/package.json (1 hunks)
• packages/mcp/CHANGELOG.md (1 hunks)
• packages/mcp/package.json (2 hunks)

💤 Files with no reviewable changes (1)

• .changeset/brown-walls-roll.md

🧰 Additional context used

🧠 Learnings (6)

📓 Common learnings

Learnt from: ericglau
Repo: OpenZeppelin/contracts-wizard PR: 663
File: packages/core/cairo_alpha/src/custom.test.ts.md:12-12
Timestamp: 2025-09-12T15:07:08.673Z
Learning: In the OpenZeppelin contracts-wizard cairo_alpha package changelog (packages/core/cairo_alpha/CHANGELOG.md), each alpha version gets its own separate entry under the "Unreleased" section rather than updating a single entry. This allows tracking of changes across different alpha releases (e.g., v3.0.0-alpha.0, v3.0.0-alpha.1, v3.0.0-alpha.2 all have separate entries).

Learnt from: ernestognw
Repo: OpenZeppelin/contracts-wizard PR: 609
File: .changeset/sour-hats-grow.md:2-6
Timestamp: 2025-08-15T22:49:25.653Z
Learning: In OpenZeppelin contracts-wizard, breaking changes that have concrete migration paths (like dependency migrations from Community Contracts to OpenZeppelin Contracts) can be handled as minor version bumps instead of major bumps, per maintainer ernestognw's versioning policy.

📚 Learning: 2025-09-12T15:07:08.673Z

Learnt from: ericglau
Repo: OpenZeppelin/contracts-wizard PR: 663
File: packages/core/cairo_alpha/src/custom.test.ts.md:12-12
Timestamp: 2025-09-12T15:07:08.673Z
Learning: In the OpenZeppelin contracts-wizard cairo_alpha package changelog (packages/core/cairo_alpha/CHANGELOG.md), each alpha version gets its own separate entry under the "Unreleased" section rather than updating a single entry. This allows tracking of changes across different alpha releases (e.g., v3.0.0-alpha.0, v3.0.0-alpha.1, v3.0.0-alpha.2 all have separate entries).

Applied to files:

• packages/core/stellar/CHANGELOG.md
• packages/mcp/CHANGELOG.md
• packages/common/package.json
• packages/common/CHANGELOG.md
• packages/mcp/package.json

📚 Learning: 2025-08-15T22:49:25.653Z

Learnt from: ernestognw
Repo: OpenZeppelin/contracts-wizard PR: 609
File: .changeset/sour-hats-grow.md:2-6
Timestamp: 2025-08-15T22:49:25.653Z
Learning: In OpenZeppelin contracts-wizard, breaking changes that have concrete migration paths (like dependency migrations from Community Contracts to OpenZeppelin Contracts) can be handled as minor version bumps instead of major bumps, per maintainer ernestognw's versioning policy.

Applied to files:

• packages/core/stellar/CHANGELOG.md
• packages/mcp/CHANGELOG.md
• packages/core/stellar/package.json
• packages/common/package.json
• packages/common/CHANGELOG.md
• packages/mcp/package.json

📚 Learning: 2025-08-19T15:21:06.991Z

Learnt from: ericglau
Repo: OpenZeppelin/contracts-wizard PR: 638
File: packages/core/cairo_alpha/src/account.test.ts.md:18-18
Timestamp: 2025-08-19T15:21:06.991Z
Learning: In the OpenZeppelin contracts-wizard repository, the cairo_alpha package (packages/core/cairo_alpha) and the stable cairo package (packages/core/cairo) are separate implementations that do not need to have the same code or matching dependency versions. The cairo_alpha package targets dependencies that are either newer than or the same as the stable cairo package, allowing it to test and support newer Cairo/Scarb/OpenZeppelin versions while the stable version maintains compatibility with stable releases.

Applied to files:

• packages/common/package.json
• packages/mcp/package.json

📚 Learning: 2025-09-18T20:18:23.799Z

Learnt from: ericglau
Repo: OpenZeppelin/contracts-wizard PR: 652
File: packages/ui/api/ai-assistant/function-definitions/confidential.ts:32-38
Timestamp: 2025-09-18T20:18:23.799Z
Learning: In OpenZeppelin Wizard, the AI Assistant defines its own function definitions separately and does not use the MCP tools. This means the AI Assistant function definitions and MCP schemas can have different shapes without causing validation conflicts.

Applied to files:

• packages/mcp/package.json

📚 Learning: 2025-09-12T20:50:43.101Z

Learnt from: CoveMB
Repo: OpenZeppelin/contracts-wizard PR: 644
File: packages/ui/api/services/open-ai.ts:43-56
Timestamp: 2025-09-12T20:50:43.101Z
Learning: In the OpenZeppelin contracts-wizard project, the current streaming implementation in packages/ui/api/services/open-ai.ts intentionally handles text deltas and function_calls with different formats (raw text chunks vs JSON objects). While this can cause JSON.parse issues, harmonizing the response format is considered outside scope of dependency updates as it requires UI refactoring to handle unified streaming responses.

Applied to files:

• packages/mcp/package.json

🪛 LanguageTool

packages/core/stellar/CHANGELOG.md

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

packages/mcp/CHANGELOG.md

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

packages/common/CHANGELOG.md

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: boostsecurity - boostsecurityio/semgrep-pro
• GitHub Check: semgrep-cloud-platform/scan

🔇 Additional comments (5)

packages/common/package.json (1)

3-3: Version bump is correct and aligned with feature addition.

The patch version bump from 0.3.1 to 0.3.2 is appropriate for adding the tokenUri setting for the Stellar non-fungible model.

packages/core/stellar/package.json (1)

3-3: Version bump is correct and consistent across the release.

The patch version bump from 0.4.3 to 0.4.4 aligns with the feature addition and is consistent with the common package version strategy.

packages/mcp/CHANGELOG.md (1)

7-9: Dependency documentation is accurate and complete.

The updated dependencies section correctly lists the bumped versions of @openzeppelin/[email protected] and @openzeppelin/[email protected], which aligns with the version updates in packages/mcp/package.json.

packages/mcp/package.json (2)

3-3: Version bump is correct and consistent with release strategy.

The patch version bump from 0.4.2 to 0.4.3 aligns with the feature addition across the release.

---

29-29: Dependency updates are correctly aligned with released package versions.

The bumps to @openzeppelin/wizard-common@^0.3.2 and @openzeppelin/wizard-stellar@^0.4.4 align with the version updates in those packages and the changelog documentation in this file.

Also applies to: 32-32

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphenation in changelog entry.

Use a hyphen to join the compound adjective: "non-fungible" instead of "non fungible".

- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
+ Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
	- Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

🧰 Tools

🪛 LanguageTool

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In packages/common/CHANGELOG.md around line 6, update the changelog entry to use
correct hyphenation: replace "non fungible" with "non-fungible" so the line
reads "Add tokenUri setting for stellar non-fungible model
([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))".

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphenation in changelog entry.

Use a hyphen to join the compound adjective: "non-fungible" instead of "non fungible".

- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
+ Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
	- Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

🧰 Tools

🪛 LanguageTool

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In packages/core/stellar/CHANGELOG.md around line 6, the changelog entry uses
"non fungible" without a hyphen; update the text to "non-fungible" so the
compound adjective is correctly hyphenated (i.e., change "stellar non fungible
model" to "stellar non-fungible model") and ensure spacing and punctuation
remain consistent.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix hyphenation in changelog entry.

Use a hyphen to join the compound adjective: "non-fungible" instead of "non fungible".

- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
+ Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- Add tokenUri setting for stellar non fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))
	- Add tokenUri setting for stellar non-fungible model ([#725](https://github.com/OpenZeppelin/contracts-wizard/pull/725))

🧰 Tools

🪛 LanguageTool

[grammar] ~6-~6: Use a hyphen to join words.
Context: ... - Add tokenUri setting for stellar non fungible model ([#725](https://github.co...

(QB_NEW_EN_HYPHEN)

🤖 Prompt for AI Agents

In packages/mcp/CHANGELOG.md around line 6, the changelog entry uses "non
fungible" which should be hyphenated as "non-fungible"; edit that line to read
"Add tokenUri setting for stellar non-fungible model (#725)" (preserving the
link and citation format) so the compound adjective is correctly hyphenated.