Jun 12, 3-4 PM (38)
Jun 12, 4-5 PM (23)
Jun 12, 5-6 PM (19)
Jun 12, 6-7 PM (26)
Jun 12, 7-8 PM (12)
Jun 12, 8-9 PM (17)
Jun 12, 9-10 PM (5)
Jun 12, 10-11 PM (30)
Jun 12, 11-12 AM (6)
Jun 13, 12-1 AM (6)
Jun 13, 1-2 AM (2)
Jun 13, 2-3 AM (0)
Jun 13, 3-4 AM (3)
Jun 13, 4-5 AM (0)
Jun 13, 5-6 AM (3)
Jun 13, 6-7 AM (7)
Jun 13, 7-8 AM (5)
Jun 13, 8-9 AM (6)
Jun 13, 9-10 AM (14)
Jun 13, 10-11 AM (12)
Jun 13, 11-12 PM (2)
Jun 13, 12-1 PM (23)
Jun 13, 1-2 PM (21)
Jun 13, 2-3 PM (8)
Jun 13, 3-4 PM (1)
Jun 13, 4-5 PM (4)
Jun 13, 5-6 PM (4)
Jun 13, 6-7 PM (3)
Jun 13, 7-8 PM (3)
Jun 13, 8-9 PM (7)
Jun 13, 9-10 PM (16)
Jun 13, 10-11 PM (19)
Jun 13, 11-12 AM (24)
Jun 14, 12-1 AM (18)
Jun 14, 1-2 AM (0)
Jun 14, 2-3 AM (0)
Jun 14, 3-4 AM (0)
Jun 14, 4-5 AM (2)
Jun 14, 5-6 AM (0)
Jun 14, 6-7 AM (2)
Jun 14, 7-8 AM (3)
Jun 14, 8-9 AM (0)
Jun 14, 9-10 AM (1)
Jun 14, 10-11 AM (2)
Jun 14, 11-12 PM (10)
Jun 14, 12-1 PM (8)
Jun 14, 1-2 PM (4)
Jun 14, 2-3 PM (8)
Jun 14, 3-4 PM (2)
Jun 14, 4-5 PM (1)
Jun 14, 5-6 PM (1)
Jun 14, 6-7 PM (0)
Jun 14, 7-8 PM (11)
Jun 14, 8-9 PM (1)
Jun 14, 9-10 PM (13)
Jun 14, 10-11 PM (29)
Jun 14, 11-12 AM (23)
Jun 15, 12-1 AM (8)
Jun 15, 1-2 AM (10)
Jun 15, 2-3 AM (4)
Jun 15, 3-4 AM (4)
Jun 15, 4-5 AM (1)
Jun 15, 5-6 AM (4)
Jun 15, 6-7 AM (6)
Jun 15, 7-8 AM (41)
Jun 15, 8-9 AM (26)
Jun 15, 9-10 AM (11)
Jun 15, 10-11 AM (35)
Jun 15, 11-12 PM (25)
Jun 15, 12-1 PM (40)
Jun 15, 1-2 PM (26)
Jun 15, 2-3 PM (21)
Jun 15, 3-4 PM (24)
Jun 15, 4-5 PM (21)
Jun 15, 5-6 PM (13)
Jun 15, 6-7 PM (13)
Jun 15, 7-8 PM (7)
Jun 15, 8-9 PM (26)
Jun 15, 9-10 PM (20)
Jun 15, 10-11 PM (22)
Jun 15, 11-12 AM (39)
Jun 16, 12-1 AM (11)
Jun 16, 1-2 AM (5)
Jun 16, 2-3 AM (1)
Jun 16, 3-4 AM (9)
Jun 16, 4-5 AM (6)
Jun 16, 5-6 AM (1)
Jun 16, 6-7 AM (16)
Jun 16, 7-8 AM (81)
Jun 16, 8-9 AM (18)
Jun 16, 9-10 AM (28)
Jun 16, 10-11 AM (22)
Jun 16, 11-12 PM (31)
Jun 16, 12-1 PM (37)
Jun 16, 1-2 PM (49)
Jun 16, 2-3 PM (34)
Jun 16, 3-4 PM (28)
Jun 16, 4-5 PM (37)
Jun 16, 5-6 PM (17)
Jun 16, 6-7 PM (26)
Jun 16, 7-8 PM (9)
Jun 16, 8-9 PM (11)
Jun 16, 9-10 PM (4)
Jun 16, 10-11 PM (31)
Jun 16, 11-12 AM (9)
Jun 17, 12-1 AM (8)
Jun 17, 1-2 AM (8)
Jun 17, 2-3 AM (11)
Jun 17, 3-4 AM (4)
Jun 17, 4-5 AM (1)
Jun 17, 5-6 AM (6)
Jun 17, 6-7 AM (99)
Jun 17, 7-8 AM (33)
Jun 17, 8-9 AM (22)
Jun 17, 9-10 AM (56)
Jun 17, 10-11 AM (18)
Jun 17, 11-12 PM (19)
Jun 17, 12-1 PM (57)
Jun 17, 1-2 PM (28)
Jun 17, 2-3 PM (37)
Jun 17, 3-4 PM (26)
Jun 17, 4-5 PM (19)
Jun 17, 5-6 PM (16)
Jun 17, 6-7 PM (10)
Jun 17, 7-8 PM (14)
Jun 17, 8-9 PM (12)
Jun 17, 9-10 PM (37)
Jun 17, 10-11 PM (29)
Jun 17, 11-12 AM (14)
Jun 18, 12-1 AM (12)
Jun 18, 1-2 AM (8)
Jun 18, 2-3 AM (5)
Jun 18, 3-4 AM (11)
Jun 18, 4-5 AM (11)
Jun 18, 5-6 AM (11)
Jun 18, 6-7 AM (9)
Jun 18, 7-8 AM (19)
Jun 18, 8-9 AM (83)
Jun 18, 9-10 AM (45)
Jun 18, 10-11 AM (51)
Jun 18, 11-12 PM (23)
Jun 18, 12-1 PM (67)
Jun 18, 1-2 PM (14)
Jun 18, 2-3 PM (53)
Jun 18, 3-4 PM (44)
Jun 18, 4-5 PM (64)
Jun 18, 5-6 PM (24)
Jun 18, 6-7 PM (21)
Jun 18, 7-8 PM (13)
Jun 18, 8-9 PM (17)
Jun 18, 9-10 PM (23)
Jun 18, 10-11 PM (30)
Jun 18, 11-12 AM (26)
Jun 19, 12-1 AM (13)
Jun 19, 1-2 AM (9)
Jun 19, 2-3 AM (5)
Jun 19, 3-4 AM (2)
Jun 19, 4-5 AM (11)
Jun 19, 5-6 AM (4)
Jun 19, 6-7 AM (92)
Jun 19, 7-8 AM (18)
Jun 19, 8-9 AM (36)
Jun 19, 9-10 AM (39)
Jun 19, 10-11 AM (27)
Jun 19, 11-12 PM (30)
Jun 19, 12-1 PM (53)
Jun 19, 1-2 PM (58)
Jun 19, 2-3 PM (22)
Jun 19, 3-4 PM (0)
3,155 commits this week Jun 12, 2026 - Jun 19, 2026
Alenar
Alenar · · mithril
chore: upgrade crate versions and `openapi.yaml` version 
* mithril-aggregator-client from `0.2.2` to `0.2.3`
* mithril-aggregator-discovery from `0.1.8` to `0.1.9`
* mithril-protocol-config from `0.1.9` to `0.1.10`
* mithril-aggregator from `0.9.9` to `0.9.10`
* mithril-client-cli from `0.13.16` to `0.13.17`
* mithril-common from `0.7.7` to `0.7.8`
* mithril-end-to-end from `0.5.1` to `0.5.2`
* openapi.yaml from `0.1.66` to `0.1.67`
4d675fe9 · djo/3332/support_unknown_signed_entity · 11/22 ++ 22 --
qnikst
qnikst · · ouroboros-consensus
Peras: Add asserts in the implForgeCert 
There is a chance that incompatible ordering functions may be
passed to the `verifyCert`. And we need to catch this problem
sooner and prevent from building incorrect cert with mismatched
amount of votes, so we add a check that the size of the deduplicated
voters and certs is the same.

See https://github.com/tweag/cardano-peras/issues/240 for the
deeper discussion.
d3571085 · pull/2038/head · 3/69 ++ 24 --
actions-user
actions-user · · capkgs
Update 2026-06-19T15:23:55Z 
added:
* github:input-output-hk/mithril/d1d2daecaf866293e1544a6b84caa25bb0d3648f#mithril-client-cli
* github:input-output-hk/mithril/d1d2daecaf866293e1544a6b84caa25bb0d3648f#mithril-signer
removed:
* github:input-output-hk/mithril/5b335c5e8fc109f8ca63c06ab281501d53e2f8d0#mithril-client-cli
* github:input-output-hk/mithril/5b335c5e8fc109f8ca63c06ab281501d53e2f8d0#mithril-signer
c4d97ba0 · main · 1/116 ++ 116 --
rhyslbw
rhyslbw · · cardano-js-sdk
chore(deps): drop abandoned mock-browser to remove [email protected] 
mock-browser (last published 2022) pulled an ancient chain
mock-browser -> [email protected] -> [email protected] -> [email protected], the source
of the form-data unsafe-random-boundary alert (GHSA-fjxv-7rqg-78g4) that the
~2.3.2 range could not relock past.

- Removed the unused mock-browser devDependency from e2e and wallet.
- Replaced its single real use in dapp-connector's injectGlobal test with a
  minimal inline window stub (injectGlobal only touches window.cardano; the
  test only reads window.location.hostname) and dropped the module .d.ts shim.

Result: mock-browser, jsdom@9, request and [email protected] are all removed;
the only remaining form-data is the patched 4.0.6. dapp-connector tests
green (44/44); full build green.

Resolves #1703.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
0be72b0d · chore/drop-mock-browser · 6/39 ++ 503 --
rhyslbw
rhyslbw · · cardano-js-sdk
chore(deps): bump artillery 2.0.0-35 → ^2.0.33 to eliminate vm2 
Replaces the early-2020 artillery prerelease pin in packages/e2e with the
current 2.0.33 release. This drops the legacy libhoney → superagent-proxy →
proxy-agent@5 → pac-resolver@5 → degenerator@3 → vm2 chain entirely, and
moves jsonpath-plus and fast-xml-parser onto patched lines.

Result (yarn.lock):
- vm2: REMOVED from the tree (closes the ~18 critical + high/medium vm2 alerts)
- jsonpath-plus: 7.2.0 → 10.4.0 (RCE advisory, GHSA-pppg-cpfq-h7wr et al.)
- fast-xml-parser: 4.2.5 → 5.x (entity-injection advisories)

artillery is a dev/e2e-only load-testing tool (not imported by SDK code).
Validated: `yarn build` green across all 21 workspaces; artillery CLI loads.
The e2e artillery scripts (artillery:stake-pool-query, artillery:wallet-restoration)
should be exercised in CI/e2e against a running stack.

Resolves #1702.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
65c6f087 · chore/bump-artillery-drop-vm2 · 2/2,696 ++ 2,454 --
dependabot[bot]
dependabot[bot] · · cardano-js-sdk
build: bump the security-updates group across 1 directory with 2 updates 
Bumps the security-updates group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [vm2](https://github.com/patriksimek/vm2).


Updates `axios` from 1.11.0 to 1.16.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.11.0...v1.16.0)

Updates `vm2` from 3.9.18 to 3.11.5
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.18...v3.11.5)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.16.0
  dependency-type: direct:production
  dependency-group: security-updates
- dependency-name: vm2
  dependency-version: 3.11.5
  dependency-type: indirect
  dependency-group: security-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
7cefd662 · pull/1711/head · 1/41 ++ 24 --
dependabot[bot]
dependabot[bot] · · cardano-js-sdk
build: bump the npm_and_yarn group across 6 directories with 2 updates 
Bumps the npm_and_yarn group with 1 update in the /packages/cardano-services directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /packages/core directory: [ip-address](https://github.com/beaugunderson/ip-address).
Bumps the npm_and_yarn group with 1 update in the /packages/e2e directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /packages/projection-typeorm directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /packages/wallet directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /packages/web-extension directory: [uuid](https://github.com/uuidjs/uuid).


Updates `uuid` from 10.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0)

Updates `ip-address` from 9.0.5 to 10.2.0
- [Commits](https://github.com/beaugunderson/ip-address/compare/v9.0.5...v10.2.0)

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0)

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0)

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v10.0.0...v14.0.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ip-address
  dependency-version: 10.2.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
5407afd8 · pull/1710/head · 6/6 ++ 6 --
Showing 25 of 3155 recent commits.