devop: prep release 2.15

[kvhnuke]

Summary by CodeRabbit

• New Features

  • Wallet restriction UI and flows: restricted addresses show a notice, block connect/send actions, and allow switching to an unrestricted address.

• Chores

  • Updated many dev and runtime dependency versions across packages for maintenance and compatibility.

• Revert

  • Removed support for Shiden, Shiden EVM and Bitrock networks across the extension, token lists, activity endpoints and hardware wallet mappings.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

💼 Build Files
chrome: enkrypt-chrome-6223570e.zip
firefox: enkrypt-firefox-6223570e.zip

💉 Virus total analysis
chrome: 6223570e
firefox: 6223570e

[coderabbitai]

Walkthrough

Removes Shiden/ShidenEVM/Bitrock network definitions and related mappings; adds wallet-address restriction checks and UI flows across the extension (App, Restricted view, connect/send components); updates global env typings; small json-tree-view API rename; many dependency version bumps.

Changes

Cohort / File(s)	Summary
Dependency / devtool version bumps package.json, packages/extension-bridge/package.json, packages/extension/package.json, packages/hw-wallets/package.json, packages/keyring/package.json, packages/name-resolution/package.json, packages/request/package.json, packages/signers/bitcoin/package.json, packages/signers/ethereum/package.json, packages/signers/kadena/package.json, packages/signers/massa/package.json, packages/signers/polkadot/package.json, packages/storage/package.json, packages/swap/package.json, packages/types/package.json, packages/utils/package.json	Minor/patch upgrades of many devDependencies and selective runtime bumps (e.g., @polkadot/*, @polkadot/util, viem, vite). No functional code changes.
Network modules & enum removals (Shiden / ShidenEVM / Bitrock) packages/extension/src/providers/ethereum/networks/bitrock.ts, packages/extension/src/providers/ethereum/networks/sdn.ts, packages/extension/src/providers/polkadot/networks/astar/shiden.ts, packages/extension/src/providers/ethereum/networks/index.ts, packages/extension/src/providers/polkadot/networks/index.ts, packages/types/src/networks.ts	Deleted Bitrock and Shiden/ShidenEVM network modules and removed their imports/exports; removed NetworkNames and CoingeckoPlatform enum members for Shiden/ShidenEVM/Bitrock.
Network-related mappings / endpoints / token lists packages/extension/src/libs/dapp-list/index.ts, packages/extension/src/providers/ethereum/libs/activity-handlers/providers/etherscan/configs.ts, packages/extension/src/providers/polkadot/libs/activity-handlers/providers/subscan/configs.ts, packages/extension/src/providers/ethereum/libs/assets-handlers/assetinfo-mew.ts, packages/extension/src/providers/ethereum/libs/assets-handlers/token-lists.ts, packages/extension/src/providers/ethereum/libs/assets-handlers/types/tokenbalance-mew.ts	Removed mappings/endpoints/token-list entries for Shiden/ShidenEVM and Bitrock; updated exported objects/types to no longer include those network keys.
HW wallet supported paths update packages/hw-wallets/src/ledger/ethereum/configs.ts, packages/hw-wallets/src/trezor/ethereum/configs.ts	Removed NetworkNames.ShidenEVM entries from supportedPaths for Ledger and Trezor configs.
Address restriction: application-level checks & UI packages/extension/src/ui/action/App.vue, packages/extension/src/ui/action/views/restricted/index.vue	Added isAddressRestricted state and checkAddress(activeAccount) flow, switchToUnrestrictedAddress() helper; Restricted view gained props is-address-restricted, restricted-address and event restricted:switch-account; App.vue wiring changed to gate network/address changes when restricted.
Address restriction: Ethereum connect & send flows packages/extension/src/providers/ethereum/ui/eth-connect-dapp.vue, packages/extension/src/providers/ethereum/ui/send-transaction/index.vue	Added isRestricted state and async isWalletRestricted checks on mount/account change; UI shows restricted notices and disables Connect/Send when address is restricted; validation (isValidSend/errorMsg) updated to consider restrictions.
Global typings update packages/extension/env.d.ts	Removed custom NodeJS.ProcessEnv shape (BROWSER, MINIFY) and added interface Window { readonly __PACKAGE_VERSION__: string } (top-level declare let __PACKAGE_VERSION__ remains).
Minor UI adaptation / API rename packages/extension/src/libs/json-tree-view/JsonTreeViewItem.vue	Replaced .default(...) with .otherwise(...) in the value color resolution switch to align with an API rename.
Activity handler conditional enabling packages/extension/src/providers/ethereum/networks/skale/skale-base.ts	Use Etherscan activity wrapper only when NetworkEndpoints contains an entry; otherwise provide a noop activity handler resolving to an empty array.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant App as App.vue (Action UI)
participant Restricted as Restricted View
participant WalletCheck as isWalletRestricted service
participant Flow as Connect/Send components

App->>WalletCheck: checkAddress(selectedAccount)
WalletCheck-->>App: { isRestricted: true/false }
alt restricted
App->>Restricted: render restricted UI (props: is-address-restricted, restricted-address)
Restricted-->>App: emits restricted:switch-account
App->>App: switchToUnrestrictedAddress() → onSelectedAddressChanged(newAccount)
App->>WalletCheck: checkAddress(newAccount)
WalletCheck-->>App: { isRestricted: false }
App->>Flow: enable normal connect/send for newAccount
else unrestricted
App->>Flow: allow normal connect/send flows
Flow->>WalletCheck: optional re-check on account change
WalletCheck-->>Flow: allowed → enable actions
end

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

• Attention areas:
  • App.vue & Restricted view: props/events, gating logic, and side effects when switching addresses.
  • Send/connect components: async isWalletRestricted calls and potential race conditions on rapid account changes.
  • Network removals: search for remaining references to Shiden/ShidenEVM/Bitrock and update consumers.
  • Env typings: verify any code relying on BROWSER/MINIFY typings.
  • Token lists / activity endpoints: ensure services gracefully handle missing network entries.

Possibly related PRs

• feat: enhance restricted address handling in App.vue and index.vue #775 — Overlapping wallet-restriction UI/state changes (App.vue, Restricted view, env.d.ts, send/connect flows).
• Feat/restricted popup #771 — Related restricted popup work affecting the same Restricted UI flow.
• feat: bitrock network + fraxtal network #566 — Directly related network changes (adds/removes Bitrock and related network definitions).

Suggested reviewers

• gamalielhere
• NickKelly1

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'devop: prep release 2.15' is directly related to the main change: preparing for version 2.15 release with dependency updates and network removals.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch devop/package-updates-2-15

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 121732d and 6223570.

📒 Files selected for processing (1)

• packages/extension/package.json (7 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/extension/package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: buildAll
• GitHub Check: test
• GitHub Check: test

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/name-resolution/package.json (1)

45-45: Repository URL contains placeholder.

Line 45 contains a placeholder URL <FILL_IT> in the repository field, which should be corrected to the actual repository path.

-    "url": "git+https://github.com/<FILL_IT>"
+    "url": "git+https://github.com/enkryptcom/enKrypt/tree/main/packages/name-resolution"

♻️ Duplicate comments (7)

packages/swap/package.json (1)

58-58: Inconsistent version specifier for typescript-eslint (same as packages/request).

Line 58 uses 8.49.0 (pinned) while surrounding packages use ^8.49.0 (flexible).

packages/extension-bridge/package.json (1)

64-64: Inconsistent version specifier for typescript-eslint.

Line 64 uses 8.49.0 (pinned) while other packages use ^8.49.0 (flexible).

packages/signers/bitcoin/package.json (1)

49-49: Inconsistent version specifier for typescript-eslint.

Line 49 uses 8.49.0 (pinned) while other packages use ^8.49.0 (flexible).

packages/hw-wallets/package.json (2)

25-25: @types/node major version mismatch (same issue as packages/signers/bitcoin).

This package uses ^24.10.2 while the majority of packages use ^22.19.2. Verify if this is intentional.

---

39-39: Inconsistent version specifier for typescript-eslint.

Line 39 uses 8.49.0 (pinned) while other packages use ^8.49.0 (flexible).

packages/name-resolution/package.json (1)

39-39: Inconsistent version specifier for typescript-eslint.

Line 39 uses 8.49.0 (pinned) while other packages use ^8.49.0 (flexible).

packages/storage/package.json (1)

44-44: Inconsistent version specifier for typescript-eslint.

Line 44 uses 8.49.0 (pinned) while other packages use ^8.49.0 (flexible).

🧹 Nitpick comments (1)

packages/request/package.json (1)

48-48: Use consistent version specifier for typescript-eslint.

Line 48 uses 8.49.0 (pinned) while lines 35–36 use ^8.49.0 (flexible). For consistency within this file, add the caret prefix to match the @typescript-eslint packages.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ad6990d and 85de644.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (19)

• package.json (1 hunks)
• packages/extension-bridge/package.json (1 hunks)
• packages/extension/package.json (6 hunks)
• packages/extension/src/providers/ethereum/networks/bitrock.ts (0 hunks)
• packages/extension/src/providers/ethereum/networks/index.ts (0 hunks)
• packages/hw-wallets/package.json (2 hunks)
• packages/keyring/package.json (1 hunks)
• packages/name-resolution/package.json (1 hunks)
• packages/request/package.json (1 hunks)
• packages/signers/bitcoin/package.json (1 hunks)
• packages/signers/ethereum/package.json (1 hunks)
• packages/signers/kadena/package.json (1 hunks)
• packages/signers/massa/package.json (1 hunks)
• packages/signers/polkadot/package.json (1 hunks)
• packages/storage/package.json (1 hunks)
• packages/swap/package.json (1 hunks)
• packages/types/package.json (1 hunks)
• packages/types/src/networks.ts (0 hunks)
• packages/utils/package.json (1 hunks)

💤 Files with no reviewable changes (3)

• packages/extension/src/providers/ethereum/networks/bitrock.ts
• packages/types/src/networks.ts
• packages/extension/src/providers/ethereum/networks/index.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: buildAll
• GitHub Check: test

🔇 Additional comments (15)

package.json (1)

35-37: ✓ Minor devDependency bumps look appropriate.

The version updates to commitlint and @swc/core are incremental and low-risk.

packages/signers/bitcoin/package.json (1)

35-35: ⚠️ @types/node major version inconsistency across monorepo signers and hw-wallets packages.

This package uses ^24.10.2 alongside packages/signers/ethereum, packages/signers/kadena, packages/signers/polkadot, and packages/hw-wallets. Most other packages (extension-bridge, extension, keyring, name-resolution, request, signers/massa, storage, swap, types, utils) use ^22.19.2. Different major versions of @types/node in a monorepo workspace can cause type conflicts and build failures.

Verify if the v24 versions for these five packages are intentional or should be aligned with the rest of the monorepo.

packages/name-resolution/package.json (1)

40-40: No action required. The viem dependency update from 2.39.3 to 2.41.2 contains no breaking changes—both releases are minor/patch updates with only additive features (chain-specific transaction nonce preference in 2.41.2 and chain.prepareTransactionRequest config in 2.41.1). The update is safe within semver constraints and poses no risk to name resolution functionality.

packages/hw-wallets/package.json (1)

55-68: Dependency updates appear compatible with current codebase usage patterns.

The specified versions do exist and have been analyzed:

• @zondax/ledger-substrate v2.0.0 removed the legacy API, but the codebase uses only the modern constructor-based API (newAcalaApp, newKusamaApp, etc.), so compatibility is maintained.
• @ledgerhq/hw-app-btc v10.13.0 and @ledgerhq/hw-app-eth v6.47.1 show no documented breaking changes.
• @polkadot/types v16.5.4 usages (TypeRegistry, Metadata, ExtrinsicPayload, SignerPayloadJSON) are all standard stable interfaces with no breaking changes detected.

All imports across the codebase follow standard API patterns and should work without issues.

packages/types/package.json (1)

26-42: Dev tooling updates are safe and consistent.

Minor and patch version updates to development dependencies (TypeScript ESLint, Prettier, Node types) across all tooling packages. No runtime impact.

packages/signers/massa/package.json (1)

34-53: Dev tooling updates are consistent and safe.

All changes are minor/patch version updates to development dependencies, with no runtime impact.

packages/utils/package.json (2)

32-49: Dev tooling updates are safe.

Minor/patch version updates to development dependencies with no runtime impact.

---

27-27: Verify that all cryptography-related tests pass with @polkadot/util-crypto 14.x.

This is a major version bump of a critical runtime dependency. The upgrade affects functions actively used in crypto operations (encodeAddress, blake2AsU8a, base64Decode/Encode, u8aWrapBytes). Ensure all signing and hashing tests validate correct output with the new version, especially substrate message signing which uses u8aWrapBytes—any behavioral change in this utility would alter signature values.

packages/signers/kadena/package.json (2)

31-31: Major version upgrade for @polkadot/util-crypto also appears here.

This mirrors the upgrade in packages/utils/package.json. Ensure the breaking changes are documented and tested across dependent packages.

---

29-48: Other dev tooling updates are consistent and safe.

Minor/patch version updates to development dependencies with no runtime impact.

packages/keyring/package.json (1)

37-53: Dev tooling updates are safe.

Minor/patch version updates to development dependencies with no runtime impact.

packages/signers/polkadot/package.json (3)

25-25: @commitlint/cli is listed as a runtime dependency.

This is typically a development-time linting tool and should usually be in devDependencies rather than dependencies. Verify this is intentional, or consider moving it to devDependencies.

---

27-29: Verify @PolkaDot packages major version compatibility.

Multiple @PolkaDot packages updated to 14.x versions (util, util-crypto, wasm-crypto). Ensure they're released together and compatible. Check that any code changes required for these major version upgrades have been applied.

---

32-49: Other dev tooling updates are safe.

Minor/patch version updates to development dependencies with no runtime impact.

packages/signers/ethereum/package.json (1)

32-50: Dev tooling updates are consistent and safe.

All changes are minor/patch version updates to development dependencies with no runtime impact.

[coderabbitai]

Actionable comments posted: 6

🧹 Nitpick comments (3)

packages/extension/src/providers/ethereum/ui/eth-connect-dapp.vue (1)

36-52: Consider adding a loading state during the restriction check.

There's a race condition where the UI renders with isRestricted = false before the async isWalletRestricted check completes. During this window, restricted users might see the normal "Connect" UI briefly before it switches to the restricted message.

Consider adding a loading state:

+const isCheckingRestriction = ref(true);
 const isRestricted = ref(false);

 // In onBeforeMount:
+isCheckingRestriction.value = true;
 isWalletRestricted(displayAddress.value)
   .then(res => {
     isRestricted.value = res;
   })
+  .finally(() => {
+    isCheckingRestriction.value = false;
+  });

 // In template:
-<div v-if="!isRestricted" class="provider-connect-dapp__info">
+<div v-if="!isCheckingRestriction && !isRestricted" class="provider-connect-dapp__info">

packages/extension/src/ui/action/views/restricted/index.vue (1)

10-14: Consider truncating or formatting the restricted address for readability.

The full address is displayed inline in the message. For long addresses (like Ethereum addresses), this might make the text hard to read.

Consider truncating the address:

-      Your wallet address [{{ restrictedAddress }}] is associated with suspect
+      Your wallet address [{{ restrictedAddress.slice(0, 6) }}...{{ restrictedAddress.slice(-4) }}] is associated with suspect

Or use a monospace font for better readability (add to the <style> section):

.blocked-page p {
  code {
    font-family: monospace;
    background-color: rgba(0, 0, 0, 0.05);
    padding: 2px 4px;
    border-radius: 3px;
  }
}

Then in the template:

<code>{{ restrictedAddress }}</code>

packages/extension/src/ui/action/App.vue (1)

463-491: Consider refactoring the deeply nested logic in onSelectedAddressChanged.

The function now has significant nesting with the restriction check gating the rest of the logic. Consider extracting the post-restriction logic into a separate function for better readability.

Example refactor:

+const handleUnrestrictedAddressChange = async (newAccount: EnkryptAccount) => {
+  const accountStates = {
+    [ProviderName.ethereum]: EVMAccountState,
+    [ProviderName.bitcoin]: BTCAccountState,
+    [ProviderName.solana]: SolAccountState,
+  };
+  if (Object.keys(accountStates).includes(currentNetwork.value.provider)) {
+    const AccountState = new accountStates[
+      currentNetwork.value.provider as keyof typeof accountStates
+    ]();
+    const domain = await domainState.getCurrentDomain();
+    AccountState.addApprovedAddress(newAccount.address, domain);
+  }
+  await domainState.setSelectedAddress(newAccount.address);
+  await sendToBackgroundFromAction({
+    message: JSON.stringify({
+      method: InternalMethods.sendToTab,
+      params: [
+        {
+          method: MessageMethod.changeAddress,
+          params: [currentNetwork.value.displayAddress(newAccount.address)],
+        },
+      ],
+    }),
+    provider: currentNetwork.value.provider,
+    tabId: await domainState.getCurrentTabId(),
+  });
+};
+
 const onSelectedAddressChanged = async (newAccount: EnkryptAccount) => {
   accountHeaderData.value.selectedAccount = newAccount;
   await checkAddress(newAccount);
   if (!isAddressRestricted.value.isRestricted) {
-    const accountStates = {
-      [ProviderName.ethereum]: EVMAccountState,
-      [ProviderName.bitcoin]: BTCAccountState,
-      [ProviderName.solana]: SolAccountState,
-    };
-    if (Object.keys(accountStates).includes(currentNetwork.value.provider)) {
-      const AccountState = new accountStates[
-        currentNetwork.value.provider as keyof typeof accountStates
-      ]();
-      const domain = await domainState.getCurrentDomain();
-      AccountState.addApprovedAddress(newAccount.address, domain);
-    }
-    await domainState.setSelectedAddress(newAccount.address);
-    await sendToBackgroundFromAction({
-      message: JSON.stringify({
-        method: InternalMethods.sendToTab,
-        params: [
-          {
-            method: MessageMethod.changeAddress,
-            params: [currentNetwork.value.displayAddress(newAccount.address)],
-          },
-        ],
-      }),
-      provider: currentNetwork.value.provider,
-      tabId: await domainState.getCurrentTabId(),
-    });
+    await handleUnrestrictedAddressChange(newAccount);
   }
 };

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 85de644 and 8a95a34.

📒 Files selected for processing (6)

• packages/extension/env.d.ts (1 hunks)
• packages/extension/src/libs/json-tree-view/JsonTreeViewItem.vue (1 hunks)
• packages/extension/src/providers/ethereum/ui/eth-connect-dapp.vue (5 hunks)
• packages/extension/src/providers/ethereum/ui/send-transaction/index.vue (5 hunks)
• packages/extension/src/ui/action/App.vue (6 hunks)
• packages/extension/src/ui/action/views/restricted/index.vue (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: buildAll
• GitHub Check: test
• GitHub Check: test

🔇 Additional comments (3)

packages/extension/env.d.ts (1)

17-20: LGTM! Good TypeScript hygiene.

Adding the Window interface declaration improves type safety for the __PACKAGE_VERSION__ property while maintaining consistency with the existing top-level declaration.

packages/extension/src/ui/action/views/restricted/index.vue (1)

100-117: LGTM! Props and events properly defined.

The new props and event emitter are well-typed and follow Vue 3 composition API best practices.

packages/extension/src/libs/json-tree-view/JsonTreeViewItem.vue (1)

103-103: Verify the switch-ts library version supports .otherwise().

The code currently uses .otherwise() with switch-ts@^2.0.0 (version 2.0.0 installed). No other usages of .default() exist in the codebase. However, official API documentation for switch-ts 2.0.0 could not be accessed to confirm that this version supports .otherwise() as the replacement method for .default().