From 8c33043e69861908311c260a1e2167a04152fcc7 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Feb 2026 13:50:16 +0000 Subject: [PATCH 1/3] Initial plan From 2cddc04ed6ed3ca1e5a8477fc3edf8d0d0023265 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Feb 2026 13:59:40 +0000 Subject: [PATCH 2/3] Apply security fixes from scaling-computing-machine PR #4 to onchain-app-template/package.json Co-authored-by: Deejae69 <179696940+Deejae69@users.noreply.github.com> --- onchain-app-template/package.json | 60 +++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 onchain-app-template/package.json diff --git a/onchain-app-template/package.json b/onchain-app-template/package.json new file mode 100644 index 0000000000000..c84bd3e1805ae --- /dev/null +++ b/onchain-app-template/package.json @@ -0,0 +1,60 @@ +{ + "name": "onchain-app-template", + "private": true, + "version": "0.0.0", + "scripts": { + "build": "next build", + "check": "biome check --write .", + "ci:check": "biome ci --formatter-enabled=false --linter-enabled=false", + "ci:format": "biome ci --linter-enabled=false --organize-imports-enabled=false", + "ci:lint": "biome ci --formatter-enabled=false --organize-imports-enabled=false", + "dev": "NODE_OPTIONS='--inspect' next dev", + "format": "biome format --write .", + "lint": "biome lint --write .", + "lint:unsafe": "biome lint --write --unsafe .", + "start": "next start", + "test": "vitest run", + "test:coverage": "vitest run --coverage" + }, + "dependencies": { + "@coinbase/onchainkit": "^0.35.6", + "next": "^14.2.35", + "permissionless": "^0.1.26", + "react": "^18", + "react-dom": "^18", + "siwe": "^2.3.2" + }, + "devDependencies": { + "@biomejs/biome": "^1.8.0", + "@testing-library/jest-dom": "^6.4.6", + "@testing-library/react": "^14.2.0", + "@types/node": "^20.11.8", + "@types/react": "^18.2.48", + "@types/react-dom": "^18.2.7", + "@vitest/coverage-v8": "^3.0.5", + "@vitest/ui": "^3.0.5", + "@wagmi/cli": "2.10.0", + "autoprefixer": "^10.4.19", + "bufferutil": "^4.0.7", + "encoding": "^0.1.13", + "jsdom": "^24.1.0", + "lokijs": "^1.5.12", + "pino-pretty": "^10.2.0", + "postcss": "^8.4.38", + "supports-color": "^9.4.0", + "tailwindcss": "^3.4.0", + "typescript": "^5.3.3", + "utf-8-validate": "^6.0.3", + "vitest": "^3.0.5" + }, + "resolutions": { + "cross-spawn": "^7.0.5", + "sha.js": "^2.4.12", + "node-forge": "^1.3.3", + "bn.js": "^5.2.3", + "glob": "^10.5.0", + "h3": "^1.15.5", + "lodash": "^4.17.23", + "minimatch": "^10.2.1" + } +} From 8b64354afaa9bf1b4b3fe079b09171615dda88ce Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Feb 2026 14:02:41 +0000 Subject: [PATCH 3/3] Update next to ^15.2.9 to fix HTTP request deserialization DoS vulnerability Co-authored-by: Deejae69 <179696940+Deejae69@users.noreply.github.com> --- onchain-app-template/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/onchain-app-template/package.json b/onchain-app-template/package.json index c84bd3e1805ae..88d6aa04420ad 100644 --- a/onchain-app-template/package.json +++ b/onchain-app-template/package.json @@ -18,7 +18,7 @@ }, "dependencies": { "@coinbase/onchainkit": "^0.35.6", - "next": "^14.2.35", + "next": "^15.2.9", "permissionless": "^0.1.26", "react": "^18", "react-dom": "^18",