Bump the "dev-dependencies" group with 2 updates across multiple ecosystems

[dependabot]

Bumps the dev-dependencies group in /dev with 4 updates: @foundry-rs/anvil, @foundry-rs/cast, @foundry-rs/chisel and @foundry-rs/forge.

Updates @foundry-rs/anvil from 1.7.0 to 1.7.1

Release notes

Sourced from @​foundry-rs/anvil's releases.

v1.7.1

Foundry v1.7.1

A patch release on top of v1.7.0 with cherry-picked correctness fixes for cheatcodes, EVM forking, CLI, forge, and cast, plus further release-pipeline hardening (updated release version string construction, signed archives & SBOMs).

---

Cheatcodes

Reverter-address enforcement for CREATE frames, value transfers for payable mock calls, preserved reverts under expectEmit, and a fix for the spurious solc 0.8.35 error keyword warning.

• fix(cheatcodes): fix solc 0.8.35 error keyword warning (#14509) by @​figtracer
• fix(cheatcodes): transfer value for payable mock calls (#14547) by @​srdtrk
• fix(cheatcodes): enforce expectRevert reverter address for CREATE frames (#14615) by @​mablr
• fix(cheatcodes): preserve reverts with expectEmit (#14619) by @​srdtrk

---

EVM

Correctness fixes for fork state-snapshot lookups and CREATE address preservation in isolation mode.

• fix(evm): query state_snapshot.storage in ForkDbStateSnapshot::storage_ref (#14007) by @​gutonosa
• fix(evm): preserve CREATE address on revert in isolation mode (#14637) by @​mablr

---

Forge

Tempo's forge init template now uses network = "tempo" with populated default rpc_endpoints, forge test ignores ETH_RPC_URL for forking, --fuzz-seed is finally honored by forge coverage, and Tempo creates are encoded as AA calls.

• feat(forge): use network = "tempo" and add rpc_endpoints in tempo template (#14528) by @​zerosnacks
• fix(forge): ignore ETH_RPC_URL for test forking (#14555) by @​figtracer
• fix(forge): encode Tempo creates as AA calls (#14585) by @​figtracer
• fix(forge): --fuzz-seed parameter is not effective in forge coverage (#14610) by @​wtdcode

... (truncated)

Commits

• See full diff in compare view

Updates @foundry-rs/cast from 1.7.0 to 1.7.1

Release notes

Sourced from @​foundry-rs/cast's releases.

v1.7.1

Foundry v1.7.1

A patch release on top of v1.7.0 with cherry-picked correctness fixes for cheatcodes, EVM forking, CLI, forge, and cast, plus further release-pipeline hardening (updated release version string construction, signed archives & SBOMs).

---

Cheatcodes

Reverter-address enforcement for CREATE frames, value transfers for payable mock calls, preserved reverts under expectEmit, and a fix for the spurious solc 0.8.35 error keyword warning.

• fix(cheatcodes): fix solc 0.8.35 error keyword warning (#14509) by @​figtracer
• fix(cheatcodes): transfer value for payable mock calls (#14547) by @​srdtrk
• fix(cheatcodes): enforce expectRevert reverter address for CREATE frames (#14615) by @​mablr
• fix(cheatcodes): preserve reverts with expectEmit (#14619) by @​srdtrk

---

EVM

Correctness fixes for fork state-snapshot lookups and CREATE address preservation in isolation mode.

• fix(evm): query state_snapshot.storage in ForkDbStateSnapshot::storage_ref (#14007) by @​gutonosa
• fix(evm): preserve CREATE address on revert in isolation mode (#14637) by @​mablr

---

Forge

Tempo's forge init template now uses network = "tempo" with populated default rpc_endpoints, forge test ignores ETH_RPC_URL for forking, --fuzz-seed is finally honored by forge coverage, and Tempo creates are encoded as AA calls.

• feat(forge): use network = "tempo" and add rpc_endpoints in tempo template (#14528) by @​zerosnacks
• fix(forge): ignore ETH_RPC_URL for test forking (#14555) by @​figtracer
• fix(forge): encode Tempo creates as AA calls (#14585) by @​figtracer
• fix(forge): --fuzz-seed parameter is not effective in forge coverage (#14610) by @​wtdcode

... (truncated)

Commits

• See full diff in compare view

Updates @foundry-rs/chisel from 1.7.0 to 1.7.1

Release notes

Sourced from @​foundry-rs/chisel's releases.

v1.7.1

Foundry v1.7.1

A patch release on top of v1.7.0 with cherry-picked correctness fixes for cheatcodes, EVM forking, CLI, forge, and cast, plus further release-pipeline hardening (updated release version string construction, signed archives & SBOMs).

---

Cheatcodes

Reverter-address enforcement for CREATE frames, value transfers for payable mock calls, preserved reverts under expectEmit, and a fix for the spurious solc 0.8.35 error keyword warning.

• fix(cheatcodes): fix solc 0.8.35 error keyword warning (#14509) by @​figtracer
• fix(cheatcodes): transfer value for payable mock calls (#14547) by @​srdtrk
• fix(cheatcodes): enforce expectRevert reverter address for CREATE frames (#14615) by @​mablr
• fix(cheatcodes): preserve reverts with expectEmit (#14619) by @​srdtrk

---

EVM

Correctness fixes for fork state-snapshot lookups and CREATE address preservation in isolation mode.

• fix(evm): query state_snapshot.storage in ForkDbStateSnapshot::storage_ref (#14007) by @​gutonosa
• fix(evm): preserve CREATE address on revert in isolation mode (#14637) by @​mablr

---

Forge

Tempo's forge init template now uses network = "tempo" with populated default rpc_endpoints, forge test ignores ETH_RPC_URL for forking, --fuzz-seed is finally honored by forge coverage, and Tempo creates are encoded as AA calls.

• feat(forge): use network = "tempo" and add rpc_endpoints in tempo template (#14528) by @​zerosnacks
• fix(forge): ignore ETH_RPC_URL for test forking (#14555) by @​figtracer
• fix(forge): encode Tempo creates as AA calls (#14585) by @​figtracer
• fix(forge): --fuzz-seed parameter is not effective in forge coverage (#14610) by @​wtdcode

... (truncated)

Commits

• See full diff in compare view

Updates @foundry-rs/forge from 1.7.0 to 1.7.1

Release notes

Sourced from @​foundry-rs/forge's releases.

v1.7.1

Foundry v1.7.1

A patch release on top of v1.7.0 with cherry-picked correctness fixes for cheatcodes, EVM forking, CLI, forge, and cast, plus further release-pipeline hardening (updated release version string construction, signed archives & SBOMs).

---

Cheatcodes

Reverter-address enforcement for CREATE frames, value transfers for payable mock calls, preserved reverts under expectEmit, and a fix for the spurious solc 0.8.35 error keyword warning.

• fix(cheatcodes): fix solc 0.8.35 error keyword warning (#14509) by @​figtracer
• fix(cheatcodes): transfer value for payable mock calls (#14547) by @​srdtrk
• fix(cheatcodes): enforce expectRevert reverter address for CREATE frames (#14615) by @​mablr
• fix(cheatcodes): preserve reverts with expectEmit (#14619) by @​srdtrk

---

EVM

Correctness fixes for fork state-snapshot lookups and CREATE address preservation in isolation mode.

• fix(evm): query state_snapshot.storage in ForkDbStateSnapshot::storage_ref (#14007) by @​gutonosa
• fix(evm): preserve CREATE address on revert in isolation mode (#14637) by @​mablr

---

Forge

Tempo's forge init template now uses network = "tempo" with populated default rpc_endpoints, forge test ignores ETH_RPC_URL for forking, --fuzz-seed is finally honored by forge coverage, and Tempo creates are encoded as AA calls.

• feat(forge): use network = "tempo" and add rpc_endpoints in tempo template (#14528) by @​zerosnacks
• fix(forge): ignore ETH_RPC_URL for test forking (#14555) by @​figtracer
• fix(forge): encode Tempo creates as AA calls (#14585) by @​figtracer
• fix(forge): --fuzz-seed parameter is not effective in forge coverage (#14610) by @​wtdcode

... (truncated)

Commits

• See full diff in compare view

Bumps the dev-dependencies group in /dev with 1 update: pre-commit.

Updates pre-commit from 4.3.0 to 4.6.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.6.0

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

pre-commit v4.5.1

Fixes

• Fix language: python with repo: local without additional_dependencies.
  • #3597 PR by @​asottile.

pre-commit v4.5.0

Features

• Add pre-commit hazmat.
  • #3585 PR by @​asottile.

pre-commit v4.4.0

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Changelog

Sourced from pre-commit's changelog.

4.6.0 - 2026-04-21

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

4.5.1 - 2025-12-16

Fixes

• Fix language: python with repo: local without additional_dependencies.
  • #3597 PR by @​asottile.

4.5.0 - 2025-11-22

Features

• Add pre-commit hazmat.
  • #3585 PR by @​asottile.

4.4.0 - 2025-11-08

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Commits

• f35134b v4.6.0
• 2a51ffc Merge pull request #3662 from pre-commit/hook-impl-optional-hook-dir
• d7dee32 make --hook-dir optional for hook-impl
• 965aeb1 Merge pull request #3661 from pre-commit/hook-impl-required
• 2eacc06 --hook-type is required for hook-impl
• f5678bf Merge pull request #3657 from pre-commit/pre-commit-ci-update-config
• 054cc5b [pre-commit.ci] pre-commit autoupdate
• 5c0f302 Merge pull request #3652 from pre-commit/pre-commit-ci-update-config
• a5d9114 [pre-commit.ci] pre-commit autoupdate
• 129a1f5 Merge pull request #3641 from pre-commit/mxr-patch-1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​foundry-rs/​anvil@​1.7.1
	npm/​@​foundry-rs/​chisel@​1.7.1
	npm/​@​foundry-rs/​forge@​1.7.1
	pypi/​slither-analyzer@​0.11.5
	npm/​@​foundry-rs/​cast@​1.7.1
	pypi/​pre-commit@​4.6.0

View full report

[igorroncevic]

We are removing Foundry as an NPM package

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml