feat: upgrade packages and introduce custom rpc url

[nghaninn]

Summary

What is the background of this pull request?

Changes

• What are the changes made in this pull request?
• Change this and that, etc...

Issues

What are the related issues or stories?

Summary by CodeRabbit

• New Features

  • Added support for specifying a custom Ethereum RPC URL via a new command-line option, allowing users to override the default network provider for blockchain operations.

• Documentation

  • Updated README with a new section detailing how to use the custom RPC URL option, including usage notes and example commands.

• Tests

  • Enhanced and expanded test coverage to verify correct handling of custom RPC URLs and improved file system mocking in test suites.

• Chores

  • Updated several dependencies to their latest versions for improved stability and compatibility.

[coderabbitai]

Walkthrough

This update introduces support for specifying a custom Ethereum RPC URL via a new --rpc-url command-line option, affecting both code and documentation. Dependency versions are updated, and extensive tests are added or enhanced to verify the new RPC URL functionality and improve file system mocking for related utilities.

Changes

Cohort / File(s)	Change Summary
Dependency Updates package.json	Updated several @tradetrust-tt and @trustvc dependencies to newer versions.
Documentation README.md	Added a section documenting the new --rpc-url option for blockchain commands, with usage examples.
Command Option & Type Enhancements src/commands/shared.ts	Introduced RpcUrlOption type, type guard, and withRpcUrlOption handler; updated withNetworkAndWalletSignerOption to support the new option.
Wallet Utility Logic src/implementations/utils/wallet.ts	Modified getWalletOrSigner to accept and use a custom RPC URL when provided.
Wallet Utility Tests src/implementations/utils/__tests__/wallet.test.ts	Added comprehensive mocking and tests to verify custom RPC URL handling in wallet creation.
Deploy Document Store Tests src/implementations/deploy/document-store/document-store.test.ts	Added tests to ensure document store deployment uses the custom RPC URL when specified.
File System Mocking in Wrap/Unwrap Tests src/__tests__/wrap.test.ts, src/__tests__/unwrap.test.ts	Enhanced file system and disk utility mocking for more robust and realistic test environments.

Sequence Diagram(s)

sequenceDiagram
    participant CLI_User
    participant CLI_Command
    participant WalletUtil
    participant Provider

    CLI_User->>CLI_Command: Run command with --rpc-url option
    CLI_Command->>WalletUtil: getWalletOrSigner({ ..., rpcUrl })
    WalletUtil->>Provider: new JsonRpcProvider(rpcUrl)
    Provider-->>WalletUtil: Provider instance
    WalletUtil-->>CLI_Command: Wallet/Signer using custom provider
    CLI_Command-->>CLI_User: Executes blockchain operation via custom RPC URL

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested labels

released

Poem

A rabbit hops through code so neat,
With custom RPC at its feet.
Now blockchain calls can swiftly run,
On URLs chosen one by one.
Docs and tests both shine anew—
The garden’s grown for all of you!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 48584a1 and de62f18.

📒 Files selected for processing (2)

• src/__tests__/unwrap.test.ts (1 hunks)
• src/__tests__/wrap.test.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• src/tests/wrap.test.ts
• src/tests/unwrap.test.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Tests / Run Tests

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/upgrade-packages

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1eb413c and 92da8ac.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Tests / Run Tests

🔇 Additional comments (1)

package.json (1)

75-80: Switch to Node 18.x and validate end-to-end after bumping internal packages

The bumps raise the minimum allowed versions for all internal @tradetrust-tt/* and @trustvc/trustvc packages, but the install failed with an EBADENGINE error (requires Node 18.x). Once you’ve switched your environment to Node 18.x, please re-run:

• npm ci # install with a clean lockfile
• npm ls --depth=1 # check for unsatisfied peer dependencies
• npm audit --production # surface new CVEs (23 vulnerabilities found, including SSRF in axios, RCE in form-data, critical elliptic issues)
• npm test # execute the Jest suite (currently not found due to the failed install)

After that, do a smoke-run on sample documents to confirm the CLI behaves correctly before publishing.

[coderabbitai]

🛠️ Refactor suggestion

Consider committing the regenerated lockfile

package-lock.json (or pnpm-lock.yaml / yarn.lock) is not included in this PR. Without it, CI and downstream consumers may resolve different patch versions than you validated locally, defeating the purpose of the controlled upgrade. Commit the updated lockfile to guarantee deterministic installs.

🤖 Prompt for AI Agents

In package.json around lines 75 to 80, the updated dependencies are listed but
the corresponding lockfile (such as package-lock.json, pnpm-lock.yaml, or
yarn.lock) is missing from the commit. To fix this, regenerate the lockfile by
running the package manager install command locally, then commit the updated
lockfile alongside package.json to ensure consistent and deterministic
dependency resolution in CI and downstream environments.

Dismiss

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (5)

src/__tests__/wrap.test.ts (5)

19-28: Remove debug console.log statements.

The console.log statements should be removed as they will clutter test output and are not necessary for the test functionality.

-      jest.spyOn(fs, "lstatSync").mockImplementation((): any => {
-        console.log("🚀 ~ isDirectory:");
-        return {
-          isDirectory: (): boolean => {
-            console.log("🚀 ~ isDirectory:");
-            return true;
-          },
-        };
-      });
+      jest.spyOn(fs, "lstatSync").mockImplementation((): any => {
+        return {
+          isDirectory: (): boolean => {
+            return true;
+          },
+        };
+      });

---

30-34: Remove debug console.log statements.

The console.log statement should be removed to keep test output clean.

-      jest.spyOn(fs, "readdirSync").mockImplementation((): any => {
-        console.log("🚀 ~ fs ~ readdirSync:");
-        return ["file_1.json", "file_2.json", "file_3.json"];
-      });
+      jest.spyOn(fs, "readdirSync").mockImplementation((): any => {
+        return ["file_1.json", "file_2.json", "file_3.json"];
+      });

---

37-53: Consider simplifying the fs.readdir mock implementation.

While the comprehensive callback handling is thorough, the implementation might be overly complex for test purposes. The debug console.log statements should also be removed.

-      const mockReaddirImpl = jest.fn().mockImplementation((path: any, options: any, callback: any) => {
-        console.log("🚀 ~ DIRECT fs.readdir called with path:", path);
-
-        // Handle both callback style and promisified style
-        if (typeof options === "function") {
-          callback = options;
-          options = undefined;
-        }
-
-        if (callback) {
-          // Ensure callback is called asynchronously to better simulate real behavior
-          process.nextTick(() => {
-            callback(null, ["file_1.json", "file_2.json", "file_3.json"]);
-          });
-        }
-        return undefined;
-      });
+      const mockReaddirImpl = jest.fn().mockImplementation((path: any, options: any, callback: any) => {
+        // Handle both callback style and promisified style
+        if (typeof options === "function") {
+          callback = options;
+          options = undefined;
+        }
+
+        if (callback) {
+          process.nextTick(() => {
+            callback(null, ["file_1.json", "file_2.json", "file_3.json"]);
+          });
+        }
+        return undefined;
+      });

---

59-68: Remove debug console.log statements from util.promisify mock.

The console.log statements should be removed to keep test output clean.

       jest.spyOn(util, "promisify").mockImplementation((fn) => {
-        console.log("🚀 ~ promisify:");
         if (fn === fs.readdir) {
-          console.log("🚀 ~ promisifying fs.readdir");
           return jest.fn().mockResolvedValue(["file_1.json", "file_2.json", "file_3.json"]);
         }
         // Fall back to original for other functions
         // @ts-ignore
         return jest.requireActual("util").promisify(fn);
       });

---

76-76: Remove debug console.log statement.

The console.log statement should be removed to keep test output clean.

       jest.spyOn(fs, "readFileSync").mockImplementation((path) => {
-        console.log("🚀 ~ readFileSync:", path);
         // @ts-ignore

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 609af79 and 48584a1.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• package.json (1 hunks)
• src/__tests__/unwrap.test.ts (3 hunks)
• src/__tests__/wrap.test.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Tests / Run Tests

🔇 Additional comments (5)

src/__tests__/unwrap.test.ts (3)

9-9: LGTM! Improved test isolation with explicit disk utility import.

Adding the explicit import for the disk utility module enables more targeted mocking of the documentsInDirectory method, improving test reliability and isolation.

---

37-37: LGTM! Enhanced mocking strategy for better test control.

Directly mocking disk.documentsInDirectory provides more precise control over the file discovery logic, complementing the existing fs module mocks. This ensures the test focuses on the unwrapping logic rather than file system traversal details.

---

83-85: LGTM! Consistent multi-file mocking approach.

The multi-line mock setup for documentsInDirectory follows the same pattern as the single-file test, ensuring consistency in the test suite's mocking strategy.

src/__tests__/wrap.test.ts (2)

4-6: LGTM! Proper imports for enhanced mocking capabilities.

The addition of disk utility and util module imports enables more comprehensive mocking of both file system operations and Node.js utility functions.

---

71-73: LGTM! Consistent disk utility mocking approach.

The direct mocking of disk.documentsInDirectory aligns with the approach used in the unwrap tests and provides better test isolation.

[github-actions]

🎉 This PR is included in version 3.2.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀