feat: injected button e2e test

[sidmorizon]

Summary by CodeRabbit

• 新特性

  • 增加了对 Node.js 环境的支持。
  • 新增了多个 E2E 测试用例，涵盖 Bing 搜索、去中心化应用 (dApp) 测试等。
  • 新增了环境变量设置功能。
  • 引入了新的配置文件以支持 Playwright 测试。
  • 新增了 connectButtonData 导出常量，整合了站点配置和钱包 ID 创建功能。
  • 新增了 webpack-bundle-analyzer 依赖，用于生成静态报告。

• 文档

  • 更新了 README 文件，增加了初始化、开发和测试的详细说明。

• 依赖更新

  • 新增了对 lodash-es 的依赖。
  • 更新了多个包的版本号，特别是 @types/node 的版本。

• 修复

  • 改进了错误处理的注释，提供了更清晰的上下文。

[coderabbitai]

概述

演练

这次更新涉及多个包和配置文件的修改，主要集中在 E2E 测试、依赖管理和代码质量改进上。新增了 E2E 测试套件，更新了 Playwright 配置，并对多个包的依赖和导入进行了调整。版本号从 2.2.2 更新到 2.2.6，并引入了新的测试脚本和站点配置。

变更

文件	变更摘要
.eslintrc.js	添加 node 环境，为 .cjs 文件禁用特定 ESLint 规则
README.md	新增初始化、开发和测试说明
package.json	添加 E2E 测试脚本，更新依赖
packages/core/src/versionInfo.ts	版本号更新至 2.2.6
packages/e2e/	新增 E2E 测试相关文件和配置
packages/e2e/.gitignore	更新以忽略生成的测试文件和目录
packages/e2e/dotEnvInit.js	新增环境变量初始化文件
packages/e2e/playwright.config.ts	新增 Playwright 测试配置
packages/e2e/tests/	新增多个 E2E 测试文件
packages/providers/	多个提供者包更新 Lodash 导入和依赖
packages/example/package.json	更新 @types/node 依赖版本
packages/injected/package.json	新增 webpack-bundle-analyzer 依赖
packages/providers/inpage-providers-hub/package.json	移除 Playwright 依赖，新增 Lodash 依赖
packages/providers/onekey-cosmos-provider/package.json	新增 Lodash 依赖
packages/providers/onekey-tron-provider/package.json	新增 Lodash 依赖

序列图

由于变更较为复杂且分散，不适合生成单一序列图。

Tip

CodeRabbit's docstrings feature is now available as part of our Early Access Program! Simply use the command @coderabbitai generate docstrings to have CodeRabbit automatically generate docstrings for your pull request. We would love to hear your feedback on Discord.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary or Summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Critical CVE	npm/@babel/[email protected]	CVE: GHSA-67hx-6x53-jw92 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code (CRITICAL) Affected versions: < 7.23.2 Patched version: 7.23.2	packages/example/yarn.lock	⚠︎

View full report↗︎

Next steps

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@babel/[email protected]

[coderabbitai]

Actionable comments posted: 27

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e2eb8ea and cb11a26.

⛔ Files ignored due to path filters (4)

• packages/e2e/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• packages/providers/inpage-providers-hub/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• packages/providers/onekey-cosmos-provider/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• packages/providers/onekey-tron-provider/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (28)

• .eslintrc.js (1 hunks)
• README.md (2 hunks)
• package.json (1 hunks)
• packages/core/src/versionInfo.ts (1 hunks)
• packages/e2e/.gitignore (1 hunks)
• packages/e2e/dotEnvInit.js (1 hunks)
• packages/e2e/package.json (1 hunks)
• packages/e2e/playwright.config.ts (1 hunks)
• packages/e2e/tests/bing.e2e.ts (1 hunks)
• packages/e2e/tests/connectButton/fixtures/withChromeExtension.ts (1 hunks)
• packages/e2e/tests/connectButton/universal.e2e.ts (6 hunks)
• packages/e2e/tests/dapp.e2e.ts (1 hunks)
• packages/e2e/tests/example.e2e.ts (1 hunks)
• packages/e2e/tsconfig.json (1 hunks)
• packages/example/server/wrappers/walletsData.ts (1 hunks)
• packages/injected/webpack.config.cjs (1 hunks)
• packages/providers/inpage-providers-hub/package.json (1 hunks)
• packages/providers/inpage-providers-hub/src/connectButtonHack/hackConnectButton.ts (1 hunks)
• packages/providers/inpage-providers-hub/src/connectButtonHack/sites/aave.ts (1 hunks)
• packages/providers/inpage-providers-hub/src/connectButtonHack/universal/config.ts (3 hunks)
• packages/providers/inpage-providers-hub/src/connectButtonHack/universal/utils.ts (1 hunks)
• packages/providers/inpage-providers-hub/src/index.ts (1 hunks)
• packages/providers/onekey-cosmos-provider/package.json (1 hunks)
• packages/providers/onekey-cosmos-provider/src/OnekeyCosmosProvider.ts (1 hunks)
• packages/providers/onekey-tron-provider/@types/tronweb.d.ts (1 hunks)
• packages/providers/onekey-tron-provider/package.json (1 hunks)
• packages/providers/onekey-tron-provider/src/ProviderTron.ts (1 hunks)
• packages/providers/onekey-tron-provider/src/types.ts (1 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

packages/e2e/dotEnvInit.js

[error] 2-2: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

---

[error] 3-3: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

packages/e2e/tests/connectButton/fixtures/withChromeExtension.ts

[error] 3-3: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

packages/e2e/tests/connectButton/universal.e2e.ts

[error] 6-6: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

packages/e2e/tests/dapp.e2e.ts

[error] 1-1: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

---

[error] 2-2: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

🪛 Markdownlint (0.37.0)

README.md

13-13: null
Multiple top-level headings in the same document

(MD025, single-title, single-h1)

---

51-51: Expected: 1; Actual: 2
Multiple consecutive blank lines

(MD012, no-multiple-blanks)

---

39-39: null
Multiple top-level headings in the same document

(MD025, single-title, single-h1)

---

45-45: null
Multiple top-level headings in the same document

(MD025, single-title, single-h1)

---

52-52: null
Multiple top-level headings in the same document

(MD025, single-title, single-h1)

---

54-54: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

77-77: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

83-83: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

🔇 Additional comments (24)

packages/providers/inpage-providers-hub/src/index.ts (1)

1-8: 把 sitesConfig 和 createWalletId 导出为 connectButtonData 很直观。请确保在使用处也进行对应更新。

packages/e2e/dotEnvInit.js (1)

5-19: 此函数简单明了，能在出错时抛出异常。测试启动时应检查 .env 文件是否存在并包含足够的配置。

.eslintrc.js (1)

27-27: 已启用 Node 环境
为 Node.js 相关代码提供全局变量支持。这是好设置。

packages/injected/webpack.config.cjs (1)

19-22: 新增 alias 解决 TronWeb 引用
别忘了在其他模块需同一方式访问 tronweb，保证引用一致。

packages/e2e/tests/connectButton/universal.e2e.ts (5)

2-2: 导入 '@playwright/test' 看起来正常。
此修改与原本用途一致，不存在明显问题。

---

8-9: 成功引入 connectButtonData。
此导入语句与后续逻辑相匹配，看起来都没问题。

---

17-17: 将 sitesConfig 与 createWalletId 解构出十分简洁。
代码风格清晰，方便后续使用。

---

63-64: 保留注释以防 eslint 警告；逻辑没问题。
这种情况下是合理的，但最好尽量减少无类型检查的区域。

---

28-31: 取消之前对可用站点的数组切片处理。
现在直接将 sitesConfig 分配给 availableSites。没有逻辑风险，但请留意是否影响特定测试场景（如只测试部分站点）。

✅ Verification successful

Let me gather more information about the test file and its dependencies to verify if removing the array slicing logic could impact any test scenarios.

---

Let me check the content of connectButtonData to understand the structure of sitesConfig.

---

Let me check the inpage-providers-hub for the connectButtonData definition.

---

Let me check the config file to understand the sitesConfig structure.

---

取消数组切片处理是安全的

代码检查显示，sitesConfig 数组的顺序和完整性对测试流程没有特殊要求。移除切片处理不会影响测试用例的执行。

🏁 Scripts executed

The following scripts were executed for the analysis:

Error: No shell scripts found

---

Script:

#!/bin/bash
# Check the content of the test file and surrounding context
rg -B 5 -A 10 "sitesConfig" packages/e2e/tests/connectButton/universal.e2e.ts

# Look for other test files that might be using sitesConfig
rg "sitesConfig" packages/e2e/tests/

# Check the definition and structure of sitesConfig
fd sitesConfig

Length of output: 2706

---

Script:

#!/bin/bash
# Find and check the content of connectButtonData
fd -e ts -e js connectButtonData
rg -l "connectButtonData.*=" 
cat packages/e2e/tests/connectButton/data.ts || true

Length of output: 245

---

Script:

#!/bin/bash
# Check the content of the index.ts file that contains connectButtonData
cat packages/providers/inpage-providers-hub/src/index.ts

# Also search for any other potential locations of the data
rg -A 5 "connectButtonData" --type ts

Length of output: 2591

---

Script:

#!/bin/bash
# Check the content of the config file
cat packages/providers/inpage-providers-hub/src/connectButtonHack/universal/config.ts

# Also check if there are any test configurations that might depend on the order
rg -A 5 "app.vesper.finance" --type ts

Length of output: 123885

packages/providers/inpage-providers-hub/src/connectButtonHack/universal/config.ts (3)

Line range hint 227-239: 新增 app.turbos.finance 配置。
配置清晰，建议在注释中明确 only: true 注释的作用用途，以免混淆。

---

Line range hint 240-264: 新增 app.defisaver.com 配置。
此段使用了 findIconAndNameByIcon 函数，逻辑和其他站点保持一致，无明显问题。

---

Line range hint 265-279: 新增 haedal.xyz 配置。
结构统一，字段命名规范一致。无明显问题。

packages/e2e/.gitignore (1)

1-5: 务必确认 .gitignore 的新增条目有效。
忽略这些自动生成的目录和文件，能保持仓库整洁。

packages/core/src/versionInfo.ts (1)

2-2: 版本更新已确认！

版本号从 2.2.2 更新到 2.2.6，变更正确。

packages/providers/onekey-tron-provider/package.json (1)

36-42: 依赖更新看起来不错！

新增的依赖项版本选择合适，并且包含了相应的类型定义。

packages/providers/inpage-providers-hub/src/connectButtonHack/sites/aave.ts (1)

4-4: 导入更改符合预期！

从 lodash 切换到 lodash-es 的更改与项目向 ES 模块迁移的方向一致。

packages/e2e/package.json (2)

39-44: 验证 Playwright 版本兼容性

开发依赖中的 Playwright 相关包版本需要保持同步：

• @playwright/test: ^1.49.1
• playwright: ^1.49.1

✅ Verification successful

Playwright 版本兼容性验证通过

@playwright/test 和 playwright 包的版本都是 1.49.1，完全匹配，不存在版本兼容性问题。

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# 检查 Playwright 相关包的最新稳定版本
curl -s https://registry.npmjs.org/@playwright/test/latest | jq '.version'
curl -s https://registry.npmjs.org/playwright/latest | jq '.version'

Length of output: 161

---

33-38: 🧹 Nitpick (assertive)

检查依赖版本一致性

依赖包版本需要保持一致：

• @onekeyfe/* 包都使用了固定版本 2.2.6
• lodash-es 使用了 ^4.17.21

建议考虑将所有依赖都固定到特定版本，以确保构建的一致性。

packages/providers/onekey-tron-provider/src/types.ts (1)

2-2: 验证 TronWeb 导入路径变更的兼容性

导入路径的简化可能会影响模块解析。请确保：

1. 新路径在所有环境中都能正确解析
2. 包版本与新的导入路径兼容

✅ Verification successful

导入路径变更是安全的

tronweb v5.3.2 版本支持直接从 'tronweb' 导入。代码库中的两处导入已统一使用新路径，不会造成兼容性问题。

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# 检查项目中所有 TronWeb 的导入情况
rg -l "from ['\"](tronweb|tronweb/dist/TronWeb)['\"]"

Length of output: 172

---

Script:

#!/bin/bash
# 检查 package.json 中的 tronweb 依赖版本
cat packages/providers/onekey-tron-provider/package.json | jq '.dependencies.tronweb'

# 检查两个文件中的具体导入用法
rg "from ['\"](tronweb|tronweb/dist/TronWeb)['\"]" -A 2 packages/providers/onekey-tron-provider/src/types.ts packages/providers/onekey-tron-provider/src/ProviderTron.ts

Length of output: 883

package.json (1)

26-28: 新增的 E2E 测试脚本配置正确

脚本配置清晰明确，遵循了项目现有的命名规范。

packages/providers/onekey-tron-provider/@types/tronweb.d.ts (1)

60-60: 模块声明路径更新看起来不错！

简化后的导入路径更清晰，符合现代 ES 模块规范。

packages/providers/inpage-providers-hub/src/connectButtonHack/hackConnectButton.ts (1)

6-6: 导入路径更新正确！

从 'lodash' 切换到 'lodash-es' 是个好的改进，使用 ES 模块版本可以获得更好的 tree-shaking 支持。

packages/providers/onekey-tron-provider/src/ProviderTron.ts (2)

4-4: TronWeb 导入路径更新正确！

简化的导入路径与类型定义文件的更改保持一致。

---

6-6: lodash-es 导入路径更新正确！

使用 lodash-es 替代 lodash，保持了与其他文件的一致性。

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cb11a26 and c583e3d.

📒 Files selected for processing (4)

• package.json (2 hunks)
• packages/e2e/tests/bing.e2e.ts (1 hunks)
• packages/e2e/tests/dapp.e2e.ts (1 hunks)
• packages/example/package.json (1 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

packages/e2e/tests/dapp.e2e.ts

[error] 1-1: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

---

[error] 2-2: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

🔇 Additional comments (8)

packages/e2e/tests/dapp.e2e.ts (2)

16-16: 慎用 console.log
此行在之前评论中也已提及，可能会泄露信息或增加日志噪音。请视情况在生产环境中移除。

---

1-2: 🛠️ Refactor suggestion

建议使用 node: 协议导入 Node.js 内置模块
这样做更明确地表明模块来源，也符合官方推荐。

-import * as fs from 'fs';
-import * as path from 'path';
+import * as fs from 'node:fs';
+import * as path from 'node:path';

Likely invalid or redundant comment.

🧰 Tools

🪛 Biome (1.9.4)

[error] 1-1: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

---

[error] 2-2: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

packages/e2e/tests/bing.e2e.ts (3)

1-8: 全局接口声明可能会和其他地方冲突，命名要留意，避免重复。

---

25-31: 高亮搜索结果的逻辑很简单明了，但要注意若页面结构变动可能会导致定位失效。

---

62-63: 这行 page.pause() 仅用于调试，本地可用，但别提交到生产或 CI 流程。

package.json (2)

27-28: 新的 E2E 测试脚本添加合理，配合二级目录测试流程更清晰。

---

37-37: 升级 @types/node 版本需要注意项目兼容性，建议先在本地或测试环境跑一下确认无误。

packages/example/package.json (1)

121-121: 更新 @types/node 版本与主项目一致，能减少类型冲突，做得好。

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c583e3d and 7b7c046.

⛔ Files ignored due to path filters (2)

• packages/example/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (2)

• package.json (2 hunks)
• packages/example/package.json (2 hunks)

🔇 Additional comments (4)

package.json (2)

27-28: 新增端到端测试脚本

新增的测试脚本能提升项目的测试覆盖率，这是个很好的改进。

---

37-37: Node类型定义版本升级

将@types/node版本升级到^20.12.7与项目的Node引擎要求（^16 || ^18 || ^20）相匹配。

✅ Verification successful

@types/node版本升级验证通过

package.json中声明的Node.js引擎要求为"^16 || ^18 || ^20"，与@types/node ^20.12.7版本完全兼容。这个升级是安全的。

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# 检查项目中的Node.js版本兼容性

# 检查package.json中声明的Node.js版本范围
echo "检查Node.js版本要求："
rg "\"node\":" -A 1

Length of output: 199

packages/example/package.json (2)

20-20: 锁定bfc.js依赖版本

将@benfen/bfc.js的版本从^0.2.7改为0.2.7可以提高依赖的稳定性，避免自动更新带来的潜在问题。

---

122-122: 更新Node类型定义版本

Node类型定义版本升级到^20.12.7，与主包保持一致，这是个好的实践。

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7b7c046 and 23d7e4f.

⛔ Files ignored due to path filters (2)

• packages/injected/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (4)

• package.json (3 hunks)
• packages/injected/package.json (1 hunks)
• packages/injected/webpack.config.cjs (4 hunks)
• packages/providers/inpage-providers-hub/package.json (1 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

packages/injected/webpack.config.cjs

[error] 4-4: A Node.js builtin module should be imported with the node: protocol.

Using the node: protocol is more explicit and signals that the imported module belongs to Node.js.
Unsafe fix: Add the node: protocol.

(lint/style/useNodejsImportProtocol)

🔇 Additional comments (8)

packages/injected/package.json (1)

38-38: 很好的改进！

添加 webpack-bundle-analyzer 有助于监控和优化打包体积，这是一个很好的开发实践。

packages/providers/inpage-providers-hub/package.json (2)

51-51: 推荐使用 lodash-es

使用 lodash-es 替代 lodash 是个好选择，它支持更好的 tree-shaking，可以减小最终的打包体积。

---

56-57: 类型定义版本统一

很好！已经将 @types/node 版本更新到 ^20.12.7，保持了与其他包的一致性。

package.json (2)

37-37: 依赖更新合理

1. 更新 @types/node 到 ^20.12.7 保持版本一致性
2. 添加 lodash-es 作为开发依赖，有利于构建优化

Also applies to: 53-53

---

27-28: 验证 E2E 测试配置

新增了 E2E 测试脚本，但需要确保相关配置正确。

✅ Verification successful

E2E 测试配置已正确设置

根据验证结果，E2E 测试环境配置完整且正确：

• packages/e2e 目录存在
• package.json 中的测试命令与根目录的脚本配置相匹配
• 包含了所需的测试模式：标准测试、有界面测试和 UI 调试模式

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# 验证 e2e 测试目录和配置是否存在
if [ -d "./packages/e2e" ]; then
  echo "E2E 目录存在"
  if [ -f "./packages/e2e/package.json" ]; then
    echo "E2E package.json 内容："
    cat "./packages/e2e/package.json" | grep -A 2 "\"test\":"
  fi
else
  echo "错误：E2E 目录不存在"
fi

Length of output: 369

packages/injected/webpack.config.cjs (3)

14-20: 很好的重构！创建了可重用的 bundle 分析器配置

createAnalyzer 函数的实现清晰简洁，便于在不同的构建配置中复用。

---

70-70: 插件数组过滤是个好习惯

使用 filter(Boolean) 来清理插件数组是个好做法，可以避免 undefined 或 null 值导致的问题。

---

95-95: Bundle 分析器配置清晰

为不同的构建目标分别配置了 bundle 分析器，有助于分别监控各个构建产物的大小。

Also applies to: 111-111

[socket-security]

Report too large to display inline

View full report↗︎

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 23d7e4f and 3631716.

⛔ Files ignored due to path filters (1)

• packages/example/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (5)

• packages/example/components/chains/benfen/example.tsx (3 hunks)
• packages/example/components/chains/solana/example.tsx (1 hunks)
• packages/example/components/chains/suiStandard/example.tsx (3 hunks)
• packages/example/components/chains/ton/params.ts (2 hunks)
• packages/example/components/walletConnect/ClientContext.tsx (1 hunks)

🔇 Additional comments (8)

packages/example/components/chains/ton/params.ts (2)

23-23: 返回值格式清晰。

逻辑看起来没问题，保持简单明了即可。

---

3-3: 保留警告：请关注兼容性。

此 require 引用可以正常工作，但确保在编译配置或runtime环境中不发生冲突。

✅ Verification successful

The provided review comment mentions a require statement and compatibility concerns, but I need to see:

1. The actual require statement in the file
2. TypeScript configuration that might affect it
3. Runtime dependencies that could cause conflicts
4. The broader context of how this code is used

Let me execute these scripts to gather the necessary information for a proper verification.

---

我需要检查:

1. TypeScript 配置中的模块设置
2. TON 相关包的依赖关系
3. 其他文件中对这些包的使用情况

这将帮助我确定是否存在潜在的兼容性问题。

---

配置和依赖检查完成：无兼容性问题。

项目已正确配置：

• TypeScript 配置启用了 esModuleInterop
• @ton/core 和 @ton/ton 包已在依赖中明确声明版本
• 项目中其他文件也使用相同的导入方式

🏁 Scripts executed

The following scripts were executed for the analysis:

Error: No shell scripts found

---

Script:

#!/bin/bash
# Check the file content to understand the context
cat packages/example/components/chains/ton/params.ts

# Search for require statements in the file
rg "require\(" packages/example/components/chains/ton/params.ts -A 2

# Look for any TypeScript configuration files
fd tsconfig.json

# Check for any runtime dependencies in package.json
fd package.json --exec cat {}

Length of output: 47567

---

Script:

#!/bin/bash
# Check TypeScript configuration for module settings
cat packages/example/tsconfig.json

# Check if @ton/core and @ton/ton are listed in dependencies
rg '"@ton/(core|ton)"' packages/example/package.json

# Look for other files using these TON packages
rg '@ton/(core|ton)' --type ts

Length of output: 1527

packages/example/components/chains/benfen/example.tsx (3)

290-290: 解构增加了类型标注。

这样做能减少类型推断的歧义。不错！

---

326-326: 校验时显式声明。

解析后强类型更安全，减少潜在错误。

---

343-343: 重复使用相同的模式。

对可变参数时，强制声明类型极大提升可读性。

packages/example/components/chains/suiStandard/example.tsx (3)

452-452: 类型声明更严谨。

赋予 from、to、amount、token 确切类型，便于维护。

---

488-488: 结果解析更直观。

将 transactionBlockBytes、signature 声明为特定字段，利于后续安全检查。

---

505-505: 同一写法，保持一致性。

此处与前面逻辑相同，一致的类型方式更易理解。