Skip to content

Release: develop -> main#3704

Merged
davidleomay merged 13 commits into
mainfrom
develop
May 19, 2026
Merged

Release: develop -> main#3704
davidleomay merged 13 commits into
mainfrom
develop

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented May 13, 2026

Automatic Release PR

This PR was automatically created after changes were pushed to develop.

Commits: 1 new commit(s)

Checklist

  • Review all changes
  • Verify CI passes
  • Approve and merge when ready for production

Yannick1712 and others added 11 commits May 13, 2026 17:03
@Yannick1712
[NOTASK] hide depositAddress for invalid requests (#3707)
8488857
@Yannick1712
[NOTASK] allow support tx pdf (#3708)
c7e1c91
@TaprootFreak
chore(deps): bump sanitize-html to 2.17.4 to clear critical advisory (#…
18e9302 
…3711)

GHSA-rpr9-rxv7-x643 — default XSS via xmp raw-text passthrough,
fixed in 2.17.4. Patch bump only; package range stays ^2.17.x.

Unblocks the CI 'Security audit' step (npm audit
--audit-level=critical), which started failing this morning after the
advisory dropped and now blocks every PR build (#3707, #3708, #3709).
@TaprootFreak
fix(realunit): accept BitBox-safe ASCII transliterations in registrat…
1998101 
…ion (#3709)

* fix(realunit): accept BitBox-safe ASCII transliterations in registration

realunit-app v0.0.3+ transliterates EIP-712 string fields to
ASCII-with-German-digraphs (Krüger → Krueger) so the BitBox firmware
accepts them, while keeping the kycData copy in UTF-8 for ID
verification. Without this change the backend rejects every BitBox
registration that touches a non-ASCII character:

- validateRegistrationDto compares dto.kycData.firstName/lastName (UTF-8)
  against dto.name (ASCII) and throws "firstName + lastName does not
  match signed name". Same for street/zip/city/organizationName.
- verifyRealUnitRegistrationSignature recomputes the EIP-712 hash from
  the stored accountData; for users who registered before this fix the
  stored fields are UTF-8 and a fresh ASCII signature no longer
  recovers the wallet address.

Adds a `toBitboxAscii` helper that mirrors the Dart implementation
(`ä` → `ae`, `ß` → `ss`, …) — kept separate from the existing
`transliteration` npm package, which uses single-char substitution and
would not match the client's hash.

validateRegistrationDto now accepts either the literal or the ASCII
form via `matchesSignedField`. verifyRealUnitRegistrationSignature
retries with ASCII-transliterated message values when the primary
recovery fails, so re-login (registerWallet) keeps working for
pre-fix registrations.

* style: compact bitbox-ascii maps with // prettier-ignore

Maps now group by base letter (one row per letter, multiple
diacritic variants per row) for readability — 212 → 89 lines.
Behavior unchanged, all 6 spec tests still pass.

* refactor: switch toBitboxAscii to chained-replace idiom

Match the existing house style for character normalization
(Util.removeSpecialChars, util.ts). 89 → 79 lines, removes the
need for // prettier-ignore (which was the only place in the
repo using that pragma).

Parity verified: all 168 entries in the Dart source map produce
identical output in the chained-replace version.
@TaprootFreak
refactor(evm): drop silent fallbacks in token gas estimation (#3698)
b222d36 
Remove two implicit defaults in getTokenGasLimitForContact:

- the amount parameter is now required; the previous `amount ?? 1`
  hid the intent at the call site
- the try/catch returning a hardcoded 100k gas limit on estimateGas
  failure is removed; estimation errors now propagate to the caller
  (existing outer error handlers log and let the affected flow retry
  on the next cron pass)

getTokenGasLimitForAsset passes an explicit 1-wei sample amount,
documented as fee-estimation only.
@bernd2022
feat(compliance): add manual AML pass endpoints for BuyCrypto and Buy…
533da4a 
…Fiat (#3705)

* feat(compliance): add manual AML pass endpoints for BuyCrypto and BuyFiat

Adds PUT :id/amlCheck/pass endpoints (COMPLIANCE role) that allow a
compliance clerk to manually pass a pending AML check when all errors
on the transaction comment are on the whitelist (phone-/referral-/
country-related). The ManualPassWhitelistErrors list and canManualPass
helper are kept in sync with packages/core/src/definitions/compliance.ts.

* refactor(compliance): apply review feedback on manual AML check endpoint

- merge endpoint into PUT :id/amlCheck (drop /pass suffix)
- add amlCheck field to DTO and gate canManualPass on PASS only
- centralize DTO under aml/dto and rename to ManualAmlCheckDto

* refactor(compliance): tighten manual AML check preconditions

- reject when entity is complete or chargeback initiated by user
- forbid only finalized amlCheck (PASS/FAIL) instead of allowing only PENDING

* refactor(compliance): set amlReason and priceDefinitionAllowedDate on manual PASS

- add optional amlReason field to ManualAmlCheckDto
- on PASS: force amlReason to NA and stamp priceDefinitionAllowedDate
- on non-PASS: forward optional amlReason from DTO
@bernd2022
feat(support): expose sell deposit address and blockchains (DEV-4570) (
e3f2129 
…#3720)

* feat(support): expose sell deposit address and blockchains

Adds depositAddress, depositBlockchains and depositAddressExplorerUrl
to SellSupportInfo so customer search shows the user's deposit data.

* fix(support): only set deposit explorer URL when chain is unique

For EVM multi-chain deposits the first blockchain was misleadingly
returning an Ethereum URL while the address also applies to Arbitrum,
Optimism, Polygon, etc. The URL is now only emitted when the deposit
maps to exactly one blockchain.
@Yannick1712
[NOTASK] dfxApproval expiredStep bug (#3721)
1379568
@Yannick1712
[NOTASK] phoneCall auto aml reset (#3656)
cd29b60 
* [NOTASK] phoneCall auto aml reset

* [NOTASK] Refactoring

* [NOTASK] Refactoring 2

* [NOTASK] fix unit test

* [NOTASK] Refactoring 3

* [NOTASK] Refactoring 4
@bernd2022
feat(support): add support notes for user data (#3719)
f0e8271 
* feat(support): add support notes for user data

* refactor(support): address review feedback on notes

- Drop redundant userDataId column on SupportNote; rely on relation FK

- Move @Index() onto userData property

- Switch SupportNoteScope to PascalCase enum values

- Consolidate getNotes/listNotes into a single GET /support/note endpoint

- Replace QueryBuilder with repo.find in search/update paths

* chore(support): regenerate support note migration via typeorm
@bernd2022
feat(support): expose bankDataId on transactions (DEV-4573) (#3722)
cea705e
davidleomay
davidleomay previously approved these changes May 19, 2026
View reviewed changes
@davidleomay davidleomay merged commit 5617365 into main May 19, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Yannick1712 Yannick1712 Yannick1712 approved these changes

@davidleomay davidleomay davidleomay approved these changes

@TaprootFreak TaprootFreak Awaiting requested review from TaprootFreak TaprootFreak is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Yannick1712 @davidleomay @TaprootFreak @bernd2022