lock versions

[simo6529]

Summary by CodeRabbit

• Chores
  • Updated dependency management configuration to ensure consistent and reproducible installations across environments.

[coderabbitai]

📝 Walkthrough

Walkthrough

Added .npmrc configuration file to enforce exact version pinning, then updated package.json to replace caret version ranges with pinned exact versions across numerous dependencies including React, Next.js, Web3 libraries, and development tooling.

Changes

Cohort / File(s)	Summary
Version Pinning Configuration .npmrc	New configuration file enabling save-exact=true to enforce exact version number writes to package.json.
Dependency Version Pinning package.json	Converted 147 dependency and devDependency version specifiers from caret ranges (^) to exact pinned versions across UI frameworks, runtime libraries (@capacitor, @fortawesome, @headlessui, @reduxjs, @sentry, @tailwindcss, TanStack, React ecosystem, ethers, viem, wagmi), and dev tooling (Jest, Playwright, ESLint, Prettier, TypeScript).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• PR #1647: Also modifies React/Next dependency versions in package.json, indicating parallel or sequential dependency management work.

Poem

🐰 Exact pins in every line,
No more carets, the versions shine!
From React to Web3, locked down tight,
Dependencies precise, forever right! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'lock versions' directly describes the main change: converting package versions from caret ranges to exact pinned versions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch exact-package

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.npmrc:
- Line 1: The .npmrc change enabling save-exact ("save-exact=true") does not
update or lock dependency versions by itself; run npm install locally to
regenerate the package-lock.json so the lockfile reflects the new install
behavior, then add and commit the updated package-lock.json alongside your
.npmrc change; ensure the commit includes both the changed .npmrc and the
updated package-lock.json so CI and other developers get the locked versions.

In `@package.json`:
- Line 163: The dependency `@jest/globals` is mismatched at version 30.3.0 while
the rest of the Jest toolchain (jest, babel-jest, jest-environment-jsdom at
29.7.0 and `@types/jest` at 29.5.14) is on 29.x; update the package.json to align
versions by either (A) downgrading "@jest/globals" to "29.7.0" to match the
existing jest packages, or (B) upgrading all Jest-related packages (jest,
babel-jest, jest-environment-jsdom, `@types/jest`, and `@jest/globals`) to the same
30.x release; ensure all occurrences of "@jest/globals" in package.json are
changed consistently and run package manager install and tests to verify
compatibility.
- Line 88: The package upgrade of `@openapitools/openapi-generator-cli` from
2.13.9 to 2.31.0 is a behavior-changing codegen/schema change, not a simple pin;
run the "generate" npm script locally (the script invoking the OpenAPI
generator) to reproduce code generation, review all changes under
generated/models/ and the updated openapi.yaml to confirm they are intentional,
and either revert the package bump or adjust the generator inputs/config so
regenerated artifacts match expected API surface before merging; reference the
dependency "@openapitools/openapi-generator-cli", the "generate" npm script, the
generated/models/ artifacts, and openapi.yaml when making the adjustments.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d1eef165-e988-4ab4-b3ab-04ff6be376b8

📥 Commits

Reviewing files that changed from the base of the PR and between 2be1edc and 512a7e4.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• .npmrc
• package.json