Bump viem from 2.51.3 to 2.53.1#19
Conversation
Bumps [viem](https://github.com/wevm/viem) from 2.51.3 to 2.53.1. - [Release notes](https://github.com/wevm/viem/releases) - [Commits](https://github.com/wevm/viem/compare/viem@2.51.3...viem@2.53.1) --- updated-dependencies: - dependency-name: viem dependency-version: 2.53.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
dependabot
Bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![mesa-dot-dev[bot]](https://avatars.githubusercontent.com/in/1050077?s=60&v=4){kind=small}
There was a problem hiding this comment.
Performed full review of 1ac54a4...f682552
Analysis
• New viem API surface (admin/access-key, witness, and receivePolicy actions) creates exposure risk if the codebase uses dynamic action dispatching or RPC passthrough—unintended privileged methods could be exposed without explicit allowlisting in place.
• Transitive dependency updates (ox, tinyglobby, @napi-rs/wasm-runtime) introduce subtle behavioral changes in crypto/encoding and WASM runtime that may have undocumented effects on blockchain operations; integration tests for read, write, gas estimation, and event decoding are required before merge.
• Missing architectural isolation—if viem is scattered across the codebase rather than centralized behind a service layer, the blast radius of any incompatibility or unintended method exposure becomes significantly harder to control and debug.
• Default chain/transport initialization in new Tempo createClient could cause environment mismatches (staging vs. production) if not explicitly overridden—requires verification that chain IDs and RPC endpoints are not relying on library defaults.
Tip
Help
Slash Commands:
/review- Request a full code review/review latest- Review only changes since the last review/describe- Generate PR description. This will update the PR body or issue comment depending on your configuration/help- Get help with Mesa commands and configuration options
0 files reviewed | 0 comments | Edit Agent Settings • Read Docs
Mesa DescriptionTL;DRBumps What changed?
Description generated by Mesa. Update settings |
Bumps viem from 2.51.3 to 2.53.1.
Release notes
Sourced from viem's releases.
Commits
006c801chore: version package (#4749)7e42156fix: stabilize post-merge ci (#4750)ed55a13feat(tempo): add createClient factory to viem/tempo (#4748)6d7ecb5revert: "feat(tempo): attach default chain via tempoActions()" (#4747)21bcc49chore: version package (#4730)a609e6efix: keep changesets compatible withjs-yamloverride (#4746)60e388bdocs: add Deno to install instructions (#4744)f603eb5feat(tempo): attach default chain via tempoActions() (#4745)4003721docs: add Arc to chain examples (#4735)753b75bchore: update dependency audit overrides (#4736)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)