Cardano Updates

Bumps [eslint](https://github.com/eslint/eslint) from 9.39.2 to 10.3.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.39.2...v10.3.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) from 4.2.2 to 4.2.4.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.4/packages/tailwindcss)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-version: 4.2.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* static-nix-tools: patch cabal-install to pin unit-id OS via env var

`hashedInstalledPackageId` selects between Long / Short / VeryShort
unit-id formats based on `buildOS` — the OS where cabal-install is
currently executing.  For haskell.nix that's the *eval* platform of
the plan-nix derivation, not the *build* platform where cabal will
later actually do the compile.  When the two differ (e.g. evaluating
on Darwin while building x86_64-linux derivations), plan-nix unit-ids
diverge from the unit-ids slice cabal v2-build computes — every slice
then tries to rebuild every dep from source.

Add a `CABAL_INSTALLED_PACKAGE_ID_OS` env var that overrides
`buildOS` for unit-id format selection.  haskell.nix sets it to the
build platform's OS when invoking `make-install-plan`.

* update nix-tools-static.nix

---------

Co-authored-by: Auto Update Bot <[email protected]>

- jest.config.js: add legacyDecorator and useDefineForClassFields=false to
  @swc/jest transform so MobX 5 decorators work correctly with SWC 1.10+
- storybook/main.ts: same SWC decorator fix, plus add dgram:false fallback
  for @trezor/transport which imports the Node.js dgram UDP module
- hardware-wallets.types.ts: move import after type declarations to top to
  fix ESLint import/first error

Skip the electron-chromedriver binary download during node_modules install
(mirrors the existing Linux skip: v12 package downloads v12 chromedriver,
mismatching our electron v41; the binary is provided via darwinSpecificCaches).

Also fix SHASUMS256.txt, electron zip, and chromedriver zip hashes for
both x64 and arm64, derived from the official Electron 41.3.0 release.

Update electronShaSums, electronChromedriverShaSums (SHASUMS256.txt),
electron zip, and chromedriver zip hashes for both x64 and arm64.
Hashes derived from the official Electron 41.3.0 SHASUMS256.txt.

usb uses node-gyp-build (searches usb/build/Release/*.node), node-hid uses
pkg-prebuilds (searches node-hid/build/Release/HID.node), and usb-detection
uses bindings (patched to search DAEDALUS_INSTALL_DIRECTORY). Previously all
three were copied to the install root from build/Debug, which only worked for
bindings-based modules and used unoptimised debug builds.

- Use electron-packager's electronZipDir to bypass @electron/get cache/network entirely
- Fix electron-headers extraction (flat tarball layout in Electron 41)
- Switch Wine Windows version to win10 (Node.js 20+ requires it)
- Use Node.js 20.20.2 for native module rebuilds (Node.js 24 OOMs under Wine 8.0)
- Run @electron/rebuild via node.exe directly instead of npm.cmd (avoids Wine hang)
- Update findVisualStudio stub for node-gyp 12.x async API
- Fix ESM-incompatible require("fs") call in @electron/rebuild patch
- Fix return→exit in shell script (can't return outside a function)
- Add mkdir -p for scoped package parent dirs in installPhase
- Fix NSIS LoadLanguage → LoadLanguageFile for makensis 3.10+
- Update electron zip and node.lib hashes for Electron 41.3.0

Remove the daedalus-installer Haskell executable (which required a GHC
version removed from nixpkgs-25.11) and generate the two NSIS scripts
(daedalus.nsi, uninstaller.nsi) directly as Nix writeText derivations.
All inputs are known at eval time so no build-time Haskell tool is needed.

- Remove darwin.apple_sdk.frameworks.{CoreServices,AppKit} and
  darwin.libobjc from buildInputs in any-darwin.nix and devshells.nix;
  darwin.apple_sdk (aliased to apple_sdk_11_0) was removed as a legacy
  compatibility stub — the default Darwin stdenv SDK provides all
  frameworks automatically
- Update ghc8107 → ghc810 in installers/default.nix; ghc8107 was
  removed from nixpkgs-25.11 (closest available: ghc810)

Update Electron to 41.3.0 and adapt all affected layers:

Nix packaging:
- Rebuild electron headers derivation for 41.3.0
- Update patchelf/rpath/interpreter handling for new binary layout
- Expand runtime-nodejs-deps.json to include transitive closure (~445 packages)
- Add ELECTRON_SKIP_BINARY_DOWNLOAD=1 to prevent install script fetching
- Migrate nixpkgsJs compat shim to nixpkgs-25.11 nodejs_22; drop glibc-electron-loader.patch

JS dependencies (yarn.lock / package.json):
- @ledgerhq/hw-transport-node-hid 6.33.0, @trezor/connect 9.7.2
- @cardano-foundation/ledgerjs-hw-app-cardano 7.1.4
- @electron/rebuild 4.0.4, @swc/core 1.10.18, webpack 5.106.2
- node-hid 3.3.0, node-forge 1.4.0, moment 2.30.1, ws 8.18.2, axios 1.7.7

Renderer / MobX compatibility (SWC 1.10):
- Set legacyDecorator: true and useDefineForClassFields: false in swc-loader
  options so MobX 5 prototype setters intercept observable class field
  initialisation (SWC 1.3+ changed decorator defaults)
- Relax MobX enforceActions to 'observed' (was 'always'); 'always' blocked
  constructor initialisation routed through setters outside any action

Main process / Electron 41 API fixes:
- safeExitWithCode: app.exit() → process.exit() — app.exit() triggers
  Chromium teardown that causes SIGABRT when renderer is still alive
- CardanoNode._handleCardanoNodeExit: return early when state is STOPPING
  or STOPPED so stop() exclusively owns the shutdown sequence; prevents a
  double broadcastStateChange(STOPPED) IPC call that crashes Chromium
- mainErrorHandler: 'gpu-process-crashed' → 'child-process-gone' (Electron 23+)
- windows/main: 'crashed' → 'render-process-gone' (Electron 23+); remove
  event parameter from 'closed' handler (listener takes no arguments)
- webpack.config (dev): exit webpack watcher when Electron closes cleanly
- package.json dev script: --kill-others --success first so concurrently
  stops all processes when Electron exits

TypeScript fixes (updated @trezor/connect 9.x API):
- Define BridgeInfo/UdevInfo locally (removed from public exports)
- Add required appName field to Trezor manifest
- type: 'warning' as const for dialog MessageBoxOptions
- Cast devicePath to DeviceUniquePath branded type
- Make node-hid-incompatible Device fields optional in local types
- Remove non-existent onLearnMoreClick prop from StakingRewards story

Bumps [github.com/blinklabs-io/gouroboros](https://github.com/blinklabs-io/gouroboros) from 0.165.3 to 0.166.1.
- [Release notes](https://github.com/blinklabs-io/gouroboros/releases)
- [Changelog](https://github.com/blinklabs-io/gouroboros/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/blinklabs-io/gouroboros/compare/v0.165.3...v0.166.1)

---
updated-dependencies:
- dependency-name: github.com/blinklabs-io/gouroboros
  dependency-version: 0.166.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

`NIX_GHC` is needed for `doctest`

Bumps [github.com/blinklabs-io/gouroboros](https://github.com/blinklabs-io/gouroboros) from 0.165.3 to 0.166.1.
- [Release notes](https://github.com/blinklabs-io/gouroboros/releases)
- [Changelog](https://github.com/blinklabs-io/gouroboros/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/blinklabs-io/gouroboros/compare/v0.165.3...v0.166.1)

---
updated-dependencies:
- dependency-name: github.com/blinklabs-io/gouroboros
  dependency-version: 0.166.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/utxorpc/go-codegen](https://github.com/utxorpc/go-codegen) from 0.18.1 to 0.19.0.
- [Release notes](https://github.com/utxorpc/go-codegen/releases)
- [Commits](https://github.com/utxorpc/go-codegen/compare/v0.18.1...v0.19.0)

---
updated-dependencies:
- dependency-name: github.com/utxorpc/go-codegen
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Documents how to build WebAssembly packages with haskell.nix using a
Nix flake, covering the flake setup, build commands, test execution,
dev shell usage, the overlay stack, and known limitations.

docs/wasm: macOS (aarch64-darwin) is also a supported build host

Fixes incorrect claim that WASM cross-compilation only works on Linux.
aarch64-darwin is known to work; x86_64-darwin is untested.

(cherry picked from commit c314d1654fffd7a83d379366f9685a43afa2c447)

Signed-off-by: Chris Guiney <[email protected]>