Fixed a dependncy issue with the Privy-react-auth dependency .

[Dprof-in-tech]

Description

The error encountered was because the Privy react-auth packkage we have installed had conflicts with the below modified sub dependencies of itself (we did not explicitly install these ones, they came bundled with the Privy-react-auth package as one ). So all this PR does is to downgrade a particular one of them ( the one with the inconsistency) and everything is fine.

Also installed 2 new lightweight dependencies for the "GlitchTip" monitoring package (@sentry/nextjs) to ensure faster code bundling and runtime error interceptions.

This pull request updates several dependencies and package configurations, primarily focusing on aligning the Solana-related packages to use consistent and compatible versions, and adding new dependencies for enhanced functionality. The main changes include downgrading certain Solana packages to ensure compatibility, updating peer dependencies, and introducing new packages for middleware and Solana integration.

Dependency version alignment and Solana ecosystem updates:

• Downgraded @solana-program/token from 0.9.0 to 0.6.0 and updated all related Solana packages (such as @solana/kit, @solana-program/system, @solana/kit, etc.) to consistently use version ^3.0.3 for better compatibility and to avoid version mismatches. This includes updating peer dependencies and removing references to older or incompatible versions in pnpm-lock.yaml. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]

• Added @solana/kit version ^3.0.3 as a direct dependency in the package.json to ensure it is available throughout the project. [1] [2]

New package additions for middleware and instrumentation:

• Added import-in-the-middle (^2.0.0) and require-in-the-middle (^8.0.1) to the dependencies, which are useful for dynamically intercepting module imports and requires, often used for instrumentation or monitoring. [1] [2] [3] [4]

Next.js configuration update:

• Added rate-limiter-flexible to the serverExternalPackages array in next.config.mjs, allowing this package to be treated as external during server-side bundling, which is often necessary for packages that require native modules or special handling.

Other dependency updates:

• Added @solana-program/token version 0.6.0 as a dependency in package.json and updated its lockfile entry to match the new version and peer dependency requirements. [1] [2]

These changes collectively improve dependency consistency, enhance middleware capabilities, and ensure smoother integration with the Solana ecosystem.

References

Fixes the build error on main branch in production

Testing

Checkout into this branch and run the following commands in your terminal

pnpm install
pnpm run build

you can run additionally this command to test the app on development

pnpm run dev

Checklist

• I have added documentation and tests for new/changed functionality in this PR
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used, if not main

By submitting a PR, I agree to Paycrest's Contributor Code of Conduct and Contribution Guide.

Summary by CodeRabbit

• Performance

  • Optimized image rendering in transfer forms for improved performance and efficiency.

• Infrastructure

  • Updated server configuration and dependencies to enhance platform stability and support additional blockchain functionality.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Next.js config and project dependencies were updated; rate-limiter-flexible was added to serverExternalPackages, three new npm dependencies and a PNPM override were introduced, and a UI image tag in a transfer component was replaced with Next.js Image (width/height added).

Changes

Cohort / File(s)	Change Summary
Configuration next.config.mjs	Added "rate-limiter-flexible" to serverExternalPackages for server-side externalization.
Dependencies / Package manifest package.json	Added dependencies: @solana-program/token@0.6.0, import-in-the-middle@^2.0.0, require-in-the-middle@^8.0.1; added PNPM override: @solana/kit@^3.0.3.
UI component app/components/TransferForm.tsx	Replaced inline <img> with Next.js Image and added explicit width/height; minor formatting and small filter-expression simplification (no functional behavior changes).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify new dependencies are required and compatible with existing Solana-related packages.
• Confirm PNPM override aligns with other package versions.
• Quick review of TransferForm.tsx Image usage and layout props.

Possibly related PRs

• fix: replace img with Image component for better performance in FundWalletForm and TransferForm #252 — also swaps an <img> for Next.js Image in TransferForm.tsx.
• feat: integrate injected wallet support in CopyAddressWarningModal #244 — related recipient-network / injected-wallet filtering changes in TransferForm.
• feat: complete glitchtip integration with sentry wizard #297 — other edits to next.config.mjs (Sentry augmentation) touching the same config file.

Suggested reviewers

• chibie
• jeremy0x

Poem

🐰 I hopped through config and package plots,

Swapped tiny images and added some slots.
Rate limits, Solana, a middleware tune—
I leave carrots and tests under the moon. 🥕✨

Pre-merge checks and finishing touches

❌ Failed checks (3 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title mentions fixing a dependency issue with Privy-react-auth, but the actual changes focus on Solana package version alignment, new middleware packages, and Next.js configuration—not directly on Privy-react-auth itself.	Clarify the title to better reflect the main changes: consider 'Align Solana dependencies and add instrumentation packages' or similar to accurately convey the primary modifications.
Linked Issues check	❓ Inconclusive	The PR description mentions 'Fixes the build error on main branch in production' with a screenshot but does not explicitly reference a linked GitHub issue number (e.g., 'Fixes #123').	Add an explicit GitHub issue reference (e.g., 'Fixes #XXX' or 'Closes #XXX') to clearly link this PR to the related build error issue.
Out of Scope Changes check	❓ Inconclusive	The PR mixes multiple concerns: dependency version alignment, new package additions for instrumentation, Next.js configuration changes, and minor component refactoring (Image component replacement), which could benefit from clearer scope separation.	Consider whether all changes are necessary to fix the primary build error, or if some (e.g., Image component updates) should be in a separate PR for better review focus.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description provides comprehensive detail about dependency changes, testing instructions, and reasoning, but contains typos ('dependncy', 'packkage') and the explanation of Privy-react-auth conflicts could be clearer given the extensive Solana-focused changes documented.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-build-error-on-production-privy-dependency

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5c3f132 and 91d0128.

📒 Files selected for processing (1)

• app/components/TransferForm.tsx (4 hunks)

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2025-10-10T16:44:32.125Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 244
File: app/components/CopyAddressWarningModal.tsx:48-52
Timestamp: 2025-10-10T16:44:32.125Z
Learning: In the CopyAddressWarningModal component (app/components/CopyAddressWarningModal.tsx), selectedNetwork from useNetwork() is always defined and does not require null safety checks when accessing its properties like selectedNetwork.chain.name.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-11-06T07:37:39.036Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 231
File: app/components/recipient/RecipientDetailsForm.tsx:539-552
Timestamp: 2025-11-06T07:37:39.036Z
Learning: In RecipientDetailsForm (app/components/recipient/RecipientDetailsForm.tsx), when isRecipientNameEditable is true (verification failed/returned "Ok"), the recipient safety alert should display when: isRecipientNameEditable && recipientName && !errors.recipientName && !recipientNameError. The !isFetchingRecipientName check is redundant because recipientName is cleared at fetch start and only populated after fetching completes or when the user manually enters it.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-11-06T07:37:39.036Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 231
File: app/components/recipient/RecipientDetailsForm.tsx:539-552
Timestamp: 2025-11-06T07:37:39.036Z
Learning: In RecipientDetailsForm (app/components/recipient/RecipientDetailsForm.tsx), when isRecipientNameEditable is false (verification succeeded), the recipient safety alert should display when: !isRecipientNameEditable && recipientName && !recipientNameError. The !errors.recipientName check is unnecessary because in non-editable mode the recipient name is displayed as read-only text (not an input field), so form validation errors cannot occur.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-07-23T07:30:23.720Z

Learnt from: jeremy0x
Repo: paycrest/noblocks PR: 177
File: app/utils.ts:179-196
Timestamp: 2025-07-23T07:30:23.720Z
Learning: The `normalizeNetworkName` function in app/utils.ts has been updated to be dynamic and scalable, converting any network identifier to sentence case with hyphens replaced by spaces and proper handling of acronyms like "BNB".

Applied to files:

• app/components/TransferForm.tsx

🧬 Code graph analysis (1)

app/components/TransferForm.tsx (1)

app/mocks.ts (1)

• networks (44-88)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build (20.x)

🔇 Additional comments (2)

app/components/TransferForm.tsx (2)

82-83: LGTM: Formatting adjustment.

The minor spacing change improves readability without altering functionality.

---

97-97: LGTM: Celo exclusion logic is correct.

The filter correctly excludes Celo for smart wallets while allowing all networks for injected wallets.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a628ef1 and 5c3f132.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (2)

• next.config.mjs (1 hunks)
• package.json (4 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build (20.x)

🔇 Additional comments (3)

package.json (2)

44-44: Solana package version pinned correctly.

The explicit version pinning (without caret) for @solana-program/token at 0.6.0 aligns with the PR objective to resolve Solana package version conflicts.

---

118-118: Remove unsubstantiated verification requirements for @solana/kit override.

The override for @solana/kit to ^3.0.3 exists only in the pnpm overrides section and appears to control a transitive dependency. However, there are no direct imports or usage of @solana/kit or @solana-program/token anywhere in the codebase, making the verification for "Solana-related functionality" unnecessary. The PR objective and rationale for this override should be clarified before approval.

Likely an incorrect or invalid review comment.

next.config.mjs (1)

56-56: Verified: rate-limiter-flexible is used in the codebase.

The package is imported and used in app/lib/rate-limit.ts (line 2), where RateLimiterMemory is instantiated. The addition to serverExternalPackages is correct and necessary for proper server-side bundling.

[Dprof-in-tech]

THE CI/CD PIPELINE HERE IS FAILING BECAUSE OF MISSING ENV VARIABLES IN THE PIPELINE SETUP

NOT FROM ANY FAULT OF THE CODE SO PLEASE, CHECK TO SEE WHAT ENV VARIABLES ARE MISSING AND PROVIDE THEM.

OVERALL, THE CODE NOW BUILDS CORRECTLY ON LOCAL.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

app/components/TransferForm.tsx (1)

414-420: Optimize image dimensions for performance.

The width={500} and height={500} props load an unnecessarily large image that gets scaled down to 24×24 pixels (via className h-6 w-6). This wastes bandwidth and degrades performance.

For consistency and optimal performance, match the sizing approach used in the dropdown items below (lines 458-464), which correctly specify width={24} and height={24}.

🔎 Apply this diff to optimize the image dimensions:

-              <Image
-                width={500}
-                height={500}
+              <Image
+                width={24}
+                height={24}
                 src={recipientNetworkImageUrl}
                 alt={recipientNetwork}
                 className="h-6 w-6 rounded-full"
               />

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5c3f132 and 91d0128.

📒 Files selected for processing (1)

• app/components/TransferForm.tsx (4 hunks)

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2025-10-10T16:44:32.125Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 244
File: app/components/CopyAddressWarningModal.tsx:48-52
Timestamp: 2025-10-10T16:44:32.125Z
Learning: In the CopyAddressWarningModal component (app/components/CopyAddressWarningModal.tsx), selectedNetwork from useNetwork() is always defined and does not require null safety checks when accessing its properties like selectedNetwork.chain.name.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-11-06T07:37:39.036Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 231
File: app/components/recipient/RecipientDetailsForm.tsx:539-552
Timestamp: 2025-11-06T07:37:39.036Z
Learning: In RecipientDetailsForm (app/components/recipient/RecipientDetailsForm.tsx), when isRecipientNameEditable is true (verification failed/returned "Ok"), the recipient safety alert should display when: isRecipientNameEditable && recipientName && !errors.recipientName && !recipientNameError. The !isFetchingRecipientName check is redundant because recipientName is cleared at fetch start and only populated after fetching completes or when the user manually enters it.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-11-06T07:37:39.036Z

Learnt from: Dprof-in-tech
Repo: paycrest/noblocks PR: 231
File: app/components/recipient/RecipientDetailsForm.tsx:539-552
Timestamp: 2025-11-06T07:37:39.036Z
Learning: In RecipientDetailsForm (app/components/recipient/RecipientDetailsForm.tsx), when isRecipientNameEditable is false (verification succeeded), the recipient safety alert should display when: !isRecipientNameEditable && recipientName && !recipientNameError. The !errors.recipientName check is unnecessary because in non-editable mode the recipient name is displayed as read-only text (not an input field), so form validation errors cannot occur.

Applied to files:

• app/components/TransferForm.tsx

📚 Learning: 2025-07-23T07:30:23.720Z

Learnt from: jeremy0x
Repo: paycrest/noblocks PR: 177
File: app/utils.ts:179-196
Timestamp: 2025-07-23T07:30:23.720Z
Learning: The `normalizeNetworkName` function in app/utils.ts has been updated to be dynamic and scalable, converting any network identifier to sentence case with hyphens replaced by spaces and proper handling of acronyms like "BNB".

Applied to files:

• app/components/TransferForm.tsx

🧬 Code graph analysis (1)

app/components/TransferForm.tsx (1)

app/mocks.ts (1)

• networks (44-88)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build (20.x)

🔇 Additional comments (2)

app/components/TransferForm.tsx (2)

82-83: LGTM: Formatting adjustment.

The minor spacing change improves readability without altering functionality.

---

97-97: LGTM: Celo exclusion logic is correct.

The filter correctly excludes Celo for smart wallets while allowing all networks for injected wallets.

[5ran6]

LGTM