[js] Pin axios to exact 1.7.7 across all workspaces ## Summary - Adds a root-le#514
Open
github-actions[bot] wants to merge 12 commits intomainfrom
Open
[js] Pin axios to exact 1.7.7 across all workspaces
## Summary
- Adds a root-le#514github-actions[bot] wants to merge 12 commits intomainfrom
github-actions[bot] wants to merge 12 commits intomainfrom
Conversation
Update public `js` sources with the latest code from the [public repository](https://github.com/lightsparkdev/js-sdk) main branch. This typically happens when new versions of the SDK are released and version updates need to be synced. The PR should be merged as soon as possible to avoid updates to webdev overwriting the changes in the js-sdk develop branch. --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Corey Martin <coreyn.martin@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Lightspark Eng <engineering@lightspark.com> GitOrigin-RevId: e763d6e6bed19b342e4c7b58a3d91a1a2cc8a71c
## Summary - Adds a root-level `resolutions` field in `js/package.json` to force all axios consumers (direct and transitive) to resolve to exactly `1.7.7` - Pins direct deps in ops, site, and uma-bridge from `^1.7.4` to exact `1.7.7` - Eliminates three separate axios versions (1.6.7, 1.6.8, 1.7.7) that were being installed due to transitive deps from `@slack/webhook`, `plaid`, and `wait-on` ## Why Multiple axios versions cause unpredictable hoisting in the `node-modules` linker — different workspaces could end up with different axios versions at runtime depending on install order. Pinning guarantees a single copy. ## Test plan - [x] `yarn why axios` confirms all 6 consumers resolve to `1.7.7` - [x] `yarn deps:check` (manypkg) passes - [x] `yarn install` succeeds - [x] `yarn format` passes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> GitOrigin-RevId: fbcfeb70e0b84be5b50e9b383ce04acd7e5af635
Contributor
Author
|
The following public packages have changed files:
There are no existing changesets for this branch. If the changes in this PR should result in new published versions for the packages above please add a changeset. Any packages that depend on the planned releases will be updated and released automatically in a separate PR. Each changeset corresponds to an update in the CHANGELOG for the packages listed in the changeset. Therefore, you should add a changeset for each noteable package change that this PR contains. For example, if a PR adds two features - one feature for packages A and B and one feature for package C - you should add two changesets. One changeset for packages A and B and one changeset for package C, with a description of each feature. The feature description will end up being the CHANGELOG entry for the packages in the changeset. No releases planned. Last updated by commit db12e84 |
## Summary - Adds a new **Overview** tab as the first tab on the Payouts page, showing a dashboard of payout metrics for the last 7 days - **Status tables**: two side-by-side cards showing payout counts by status (Completed, Processing, Pending, Rejected, Failed) split by platform vs customer payouts - **Stat + chart cards**: three cards combining headline numbers with Origin `LineChart` trend graphs — total payouts sent, total volume (grouped by sending currency), and completion rate - **Backend**: new `grid_payout_overview_stats` GraphQL query with SQLAlchemy aggregation, 10-second memcache TTL - **Refactored** `sla_metrics_cache` into a generic `grid_dashboard_cache` with configurable namespace and TTL, so both SLA metrics and payout overview share the same caching infrastructure ## Test plan - [ ] Navigate to `/grid/payouts` and verify it redirects to the Overview tab - [ ] Verify status tables show correct counts for platform and customer payouts - [ ] Create new payouts and verify they appear in status tables within ~10 seconds - [ ] Verify line charts show 7-day trends including today's data - [ ] Verify volume card shows per-currency breakdown when multiple currencies are used - [ ] Verify loading spinner shows while data is fetching - [ ] Verify completion rate shows 100% on days with no payouts - [ ] Run backend tests: `env -u QUART_CONFIG uv run pytest sparkcore/graphql/objects/grid_dashboard/tests/test_grid_payout_overview_stats.py -v` <img width="1366" height="753" alt="Screenshot 2026-03-31 at 2 23 05 PM" src="https://github.com/user-attachments/assets/783120df-3576-4d88-91fd-5f5987a6263d" /> 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> GitOrigin-RevId: 72a966c68f12e3c24ed270626abc9b4b1bc80bcc
## Summary - Upgrade Yarn 4.5.0 → 4.13.0 (feature introduced in 4.10.0) - Enable `npmMinimalAgeGate: 720` (12 hours) to block resolution of recently-published npm packages, mitigating typosquatting, account takeover, and dependency confusion attacks - Preapprove `@lightsparkdev/*` packages via `npmPreapprovedPackages` so internal workspace dependencies are unaffected Mirrors lightsparkdev/spark#5955 for the webdev JS monorepo. ## Test plan - [x] `yarn config get npmMinimalAgeGate` returns `720` - [x] `yarn config get npmPreapprovedPackages` returns `["@lightsparkdev/*"]` - [x] `yarn install` succeeds with all current lockfile packages (all >12h old) - [x] `yarn --version` returns `4.13.0` - [x] Pre-commit hooks pass (install + format) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> GitOrigin-RevId: ab033a03d7899b8c962e396f9e175b3f08f2fded
## Summary Merges the `gql-codegen` turbo invocation into the main checks turbo run, allowing it to execute in parallel with `format`, `circular-deps`, `package:checks`, and the `^build` dependencies that `lint`/`test` need. Also adds explicit `gql-codegen` as a `dependsOn` for `lint`, `test`, `types`, and `circular-deps` in turbo.json to ensure correctness — these tasks need the generated files from codegen. **Before:** ``` yarn deps:check && turbo gql-codegen && turbo run lint format test circular-deps package:checks ``` gql-codegen (~56s) blocks everything — format, circular-deps, package:checks all wait. **After:** ``` yarn deps:check && turbo run gql-codegen lint format test circular-deps package:checks ``` Turbo schedules all tasks optimally. Tasks that need codegen (lint, test, types, circular-deps) explicitly depend on it in turbo.json. Tasks that don't (format, package:checks) start immediately. ## Local benchmarks (interleaved, 10 pairs) Fair A/B comparison — each pair runs sequential then parallel back-to-back under identical cache conditions: | Pair | Sequential | Parallel | Saved | |------|-----------|----------|-------| | 1 | 3m 58s | 3m 31s | 26s | | 2 | 3m 57s | 3m 15s | 42s | | 3 | 4m 28s | 3m 36s | 51s | | 4 | 3m 58s | 2m 51s | 1m 07s | | 5 | 3m 41s | 3m 01s | 40s | | 6 | 3m 36s | 2m 36s | 59s | | 7 | 3m 28s | 2m 35s | 52s | | 8 | 4m 06s | 3m 08s | 58s | | 9 | 3m 50s | 3m 03s | 47s | | 10 | 3m 44s | 2m 59s | 44s | | **mean** | **3m 52s** | **3m 03s** | **49s (21%)** | | **median** | **3m 57s** | **3m 03s** | **51s** | **Parallel wins 10/10 pairs.** Also more consistent (1m range vs 1m 33s). ## CI validation (2 runs on 8-core ARM) | Metric | Sequential baseline | Parallel | |--------|-------------------|----------| | yarn checks | 3m 35s | 2m 43s | | check job | 5m 25s | 4m 21s | ## Test plan - [x] `yarn checks` passes in CI - [x] gql generated code check still passes - [x] Verified via `--dry` that lint/test/types/circular-deps depend on gql-codegen in correct workspaces - [x] Verified via verbose build that ops:gql-codegen completes before ops:lint starts - [x] Local interleaved benchmark: 10/10 pairs faster, mean 49s saved 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> GitOrigin-RevId: 311c089549739aea21310be574d328069eef79ae
GitOrigin-RevId: 956a78dde007ff4fd85723fd55b7a9e6d39546ee
## Summary - Increases `npmMinimalAgeGate` in `.yarnrc.yml` from 720 minutes (12 hours) to 1440 minutes (24 hours) - This raises the minimum time-since-publish safety gate for npm packages to 24 hours ## Test plan - [x] `yarn install` succeeds with the new config value - [x] Formatting checks pass 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> GitOrigin-RevId: 7df42c1fcc23f73b5a31f8cf6ae892740e9f34d2
## Reason The JS workspace was still using `tsup` in several packages. This change standardizes those packages on `tsdown` and fixes the runtime export mismatches that `tsup` had been tolerating so the built packages continue to work correctly under the new bundler. ## Overview - replace `tsup` with `tsdown` in `@lightsparkdev/core`, `@lightsparkdev/lightspark-sdk`, `@lightsparkdev/oauth`, and `@lightsparkdev/ui` - add `tsdown` config and script updates for build/watch workflows - migrate the `ui` SVG handling to a `tsdown`-compatible plugin and add CSS bundling support - remove the leftover unused `tsup` dependency from `private/ui` - convert type-shaped barrel exports in `core` and `lightspark-sdk` to type-only exports where needed so downstream runtime imports stay valid ## Test Plan - `cd js && yarn checks` - `cd js && yarn test` GitOrigin-RevId: f732e95176144ec33101eb4a4363efb6591c0dc2
…n enum additions (#25988) ## Summary - Replace `CurrencyConfig`, `CurrencyConversionConfig`, and `NetworkCurrencyConfig` ent entities with frozen Python `@dataclass` types in `sparklib/money/currency_config_types.py` - Configs are backed by Quart `current_app.config` via a centralized `_app_config()` helper (single `current_app` import point) - Classmethod API: `CurrencyConfig.get(unit)`, `CurrencyConversionConfig.get(from, to)`, `CurrencyConversionConfig.is_supported(from, to)` - Synchronous `currency_service.py` wrapper in paycore accepts `CurrencyUnit | str` and implements config-then-fallback pattern (check CurrencyConfig first, fall back to CurrencyUnit enum methods) - `quote_utils.py` exchange rate logic now uses `CurrencyUnit.X.value` enum constants instead of raw strings - Fold non-ent-schema changes from #25494: USDB currency, SPARK_TESTNET → SPARK_REGTEST rename, new flow/settlement types ## Test plan - [x] 16 unit tests in `test_currency_config_types.py` covering all dataclass helpers - [x] Updated `test_create_send_quote_v2.py` for new currency code handling - [x] Full paycore test suite passes Fixes SP-2735 --- 🤖 *bonded-keystone-2* | [Dashboard](https://zeus.dev.dev.sparkinfra.net/#/instance?id=bonded-keystone-2) | [Feedback](https://zeus.dev.dev.sparkinfra.net/feedback) GitOrigin-RevId: 3a71bc7c836e1190b7a41fb5459afa7db4698818
…s (#26191) Adds ARS as a currency unit and creates mock payment links for sandbox REAL_TIME_FUNDED quotes for COL and ARS. GitOrigin-RevId: dfee12693d78433772b2f7da22b86d7a557d3529
## Reason Closes [AT-4792](https://lightspark.atlassian.net/browse/AT-4792). The network selector in the payout flow showed text-only options (Solana, Ethereum, Base, Polygon), which made the dropdown harder to scan and felt visually thin next to the rest of the form. Adding brand-mark chain icons gives the field the same instant-recognition affordance our peer products use. ## Overview - New shared primitive at `packages/ui/src/icons/chains/`: - One brand-mark SVG component per supported network (`Solana`, `Ethereum`, `Base`, `Polygon`) — the "branded" web3icons variant: each chain's native mark with no full-bleed background tile. - `ChainIcon` dispatcher renders the chain's native silhouette directly. No circular wrapper — the marks read better as themselves (Base in particular is a rounded blue square; wrapping it added visual noise). - `EnterAmountPanel` network selector now uses `formatOptionLabel` to render `ChainIcon + label`: - **24px** in the open menu — comfortable browse size. - **16px** in the trigger (selected state) — keeps the field height aligned with sibling Currency/Amount inputs and avoids a size jump when the menu closes. - Trigger gap tightens from `sm` → `xs` to match the smaller tile. - `NetworkOption` gains a typed `chain` field so the option → icon mapping is enforced at construction. - Network options now sort alphabetically (Base → Ethereum → Polygon → Solana). Predictable, future-proof, no implicit "default by position" bias. ### Intentionally out of scope - **Mainnet vs testnet visual differentiation.** The four icons cover all eight `cryptoNetwork` values; testnet variants render the same brand mark today (matches web3icons behavior). If we want a "T" badge or muted treatment later, the right move is to flip `ChainIcon`'s prop from a brand-level `Chain` to a network-level `CryptoNetwork` and switch on it in the dispatcher — captured for a follow-up. - **Sensible default network.** Considered, deferred. Auto-selecting carries real downside in crypto (irreversibility), and picking *which* default ("most-used", "recipient-derived", "last-used", "currency-driven") needs product input. Ticket stays narrowly scoped. - **`uma-nage` `Select` polish.** A few places this PR uses inline `formatOptionLabel`/styled wrappers could move into the wrapper later; out of scope here. - **OpenAPI `cryptoNetwork` is typed as a free-form string** despite being a closed enum in `sparkcore`. Filed as [AT-4989](https://lightspark.atlassian.net/browse/AT-4989). ## Test Plan - `yarn typecheck` and lint pass on `@lightsparkdev/ui` and `@lightsparkdev/site`. - Visual verification (pending dev server restart): network dropdown shows correct brand icon for each option in both prod and sandbox modes; trigger height matches sibling Currency input; icons stay vertically centered; selecting a network from the menu transitions cleanly to the 16px trigger state; options appear in alphabetical order. [AT-4792]: https://lightspark.atlassian.net/browse/AT-4792?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ [AT-4989]: https://lightspark.atlassian.net/browse/AT-4989?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ GitOrigin-RevId: e1e973389c3b306c9feb728121033a2a562c4383
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
If this change should result in new package versions please add a changeset before merging. You can do so by clicking the link provided by changeset bot below.