Skip to content

chore(deps): bump @cashu/cashu-ts from 3.6.3 to 4.2.1#29

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/cashu/cashu-ts-4.2.1
Closed

chore(deps): bump @cashu/cashu-ts from 3.6.3 to 4.2.1#29
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/cashu/cashu-ts-4.2.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Bumps @cashu/cashu-ts from 3.6.3 to 4.2.1.

Release notes

Sourced from @​cashu/cashu-ts's releases.

v4.2.1

This release is technically a breaking change to the public type BatchMintRequest (and by extension, BatchMintPreview), but treating as a patch as batch minting is new and experimental, not widely supported or used, the payload is short lived, and the primary consumer is this library.

In the unlikely event you were using these types, please update quote_amounts from bigint[] to Amount[] in your code.

What's Changed

Full Changelog: cashubtc/cashu-ts@v4.2.0...v4.2.1

v4.2.0

What's Changed

Full Changelog: cashubtc/cashu-ts@v4.1.0...v4.2.0

v4.1.0

What's Changed

Full Changelog: cashubtc/cashu-ts@v4.0.0...v4.1.0

v4.0.0

Version 4 is a major step forward for Cashu TS: It adds precision-safe amounts across the API, first-class proof serialization utilities, custom mint/melt methods, NUT-29 batch minting, and stronger security and rate-limit handling throughout the stack.

New features include:

  • Exact amount handling with Amount and bigint support across the API, eliminating silent precision loss (eg large millisat amounts).
  • Generic mint/melt APIs for custom payment methods, so apps can integrate new rails without waiting on library-specific support.
  • NUT-29 batch minting support for more efficient multi-quote mint workflows.
  • Better production resilience with explicit 429 handling, Retry-After parsing, and response metadata for rate-limit-aware clients.
  • Stronger security defaults via DLEQ verification hardening, optional strict signature enforcement, and tighter P2PK validation.
  • Improved privacy and compatibility through hardened request fingerprinting behavior and more flexible request-header overrides.
  • Slimmer ESM only package (ESM can finally be loaded from common.js on node)

Migration Guide

... (truncated)

Changelog

Sourced from @​cashu/cashu-ts's changelog.

4.2.1 (2026-05-06)

Bug Fixes

  • batch minting: type BatchMintRequest.quote_amounts was incorrect - now Amount[] (#646) (c8a181c)

4.2.0 (2026-05-05)

Features

  • replace sanitizeUrl with normalizeUrl for mint URL validation (#632) (4f02d8b)

Bug Fixes

  • gate User-Agent override outside browser-like runtimes (cfbb09f)
  • harden mint URL normalization (#637) (c72caa5)
  • only set User-Agent override in non-browserlike runtimes (#640) (cfbb09f)

4.1.0 (2026-04-16)

Features

  • add createEphemeralCounterSource function (#630) (12fe7b1)
  • widen selectProofsToSend and groupProofsByState to accept ProofLike[] (#631) (87b4be4)

Bug Fixes

  • typedocs were not running on release-please. Now just v4. releases without hyphen (#626) (a3cbb49)

4.0.0 (2026-04-14)

⚠ BREAKING CHANGES

  • utils: restrict internal functions from public API surface (#570)
  • remove handleTokens from public API (#569)
  • p2pk: add normalizeP2PKOptions (#564)
  • remove v3 token encoding; accept raw proofs in receive flows (#558)
  • generic mint/melt methods for custom payment types (#544)
  • multi-unit KeyChain, cache API cleanup, deprecation removal (#540)
  • Add bigint support to CBOR for creqA payment requests (#538)
  • Proof.amount → bigint, strip crypto primitives, consolidate melt (#537)
  • tighten mint/melt API; remove MeltBlanks and prefer_async (#534)
  • migrate amount-bearing APIs to use Amount VO (#533)
  • remove support for CJS build (#524)

... (truncated)

Commits
  • b55e064 chore(main): release 4.2.1 (#647)
  • c8a181c fix(batch minting): type BatchMintRequest.quote_amounts was incorrect - now A...
  • c76b829 chore(main): release 4.2.0 (#634)
  • 1e9950f chore(version): adjust workflow for npm trusted publishing (#643)
  • cfbb09f fix: only set User-Agent override in non-browserlike runtimes (#640)
  • aa18cf5 test: run browser suites across playwright engines (#639)
  • c72caa5 fix: harden mint URL normalization (#637)
  • 38aab0a chore: update Noble deps to v2.2.0. Update dev deps (#635)
  • 4f02d8b feat: replace sanitizeUrl with normalizeUrl for mint URL validation (#632)
  • c2df2fd chore(main): release 4.1.0 (#627)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​cashu/cashu-ts since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump @cashu/cashu-ts from 3.6.3 to 4.2.1
ef3bbcb 
Bumps [@cashu/cashu-ts](https://github.com/cashubtc/cashu-ts) from 3.6.3 to 4.2.1.
- [Release notes](https://github.com/cashubtc/cashu-ts/releases)
- [Changelog](https://github.com/cashubtc/cashu-ts/blob/main/CHANGELOG.md)
- [Commits](cashubtc/cashu-ts@v3.6.3...v4.2.1)

---
updated-dependencies:
- dependency-name: "@cashu/cashu-ts"
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 11, 2026
@dependabot dependabot Bot mentioned this pull request May 11, 2026
Closed
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

Superseded by #33.

@dependabot dependabot Bot closed this May 18, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/cashu/cashu-ts-4.2.1 branch May 18, 2026 06:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants