chore: update @cowprotocol/permit-utils

[cowdan]

Summary by CodeRabbit

• Chores
  • Updated the version of a dependency to improve compatibility and access to the latest features.
  • Removed two tokens (POL on chain 137 and AVAX on chain 43114) from the token list and deleted their associated metadata files for cleaner token data.

[coderabbitai]

Walkthrough

The package.json was updated to include two additional empty string arguments in the recheckPermitInfo scripts and bumped the @cowprotocol/permit-utils dependency from ^0.4.0 to ^0.7.0-RC.0. The token list JSON and related token metadata files for tokens "POL" (Polygon) and "AVAX" (Avalanche) were removed.

Changes

File(s)	Change Summary
package.json	Added two empty string arguments to recheckPermitInfo scripts; updated @cowprotocol/permit-utils to ^0.7.0-RC.0
src/public/CowSwap.json	Removed tokens "POL" (0x...1010) and "AVAX" (0xeeee...eeee); cleaned up array formatting
src/public/images/137/0x0000000000000000000000000000000000001010/info.json	Deleted token metadata file for "POL" token on Polygon (chainId 137)
src/public/images/43114/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/info.json	Deleted token metadata file for "AVAX" token on Avalanche (chainId 43114)

Possibly related PRs

• feat: add initial tokens to Polygon: POL, WPOL, USDC, USDT, `… #922: Initial addition of token metadata for "POL" on Polygon and related tokens, directly connected to the removal of these tokens in this PR.

Poem

🐇
Two tokens hop away from sight,
POL and AVAX take their flight.
Scripts now call with extra cheer,
Permit utils upgraded here.
A tidy garden, fresh and bright,
Code leaps forward, swift and light! 🌿✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c18fdc and cac4d57.

⛔ Files ignored due to path filters (2)

• src/public/images/137/0x0000000000000000000000000000000000001010/logo.png is excluded by !**/*.png
• src/public/images/43114/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/logo.png is excluded by !**/*.png

📒 Files selected for processing (4)

• package.json (1 hunks)
• src/public/CowSwap.json (4 hunks)
• src/public/images/137/0x0000000000000000000000000000000000001010/info.json (0 hunks)
• src/public/images/43114/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/info.json (0 hunks)

💤 Files with no reviewable changes (2)

• src/public/images/137/0x0000000000000000000000000000000000001010/info.json
• src/public/images/43114/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/info.json

✅ Files skipped from review due to trivial changes (1)

• src/public/CowSwap.json

🚧 Files skipped from review as they are similar to previous changes (1)

• package.json

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​cowprotocol/​permit-utils@​0.4.0 ⏵ 0.7.0-RC.0				+2

View full report

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 31fa01b and 0c18fdc.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Verify integration of the new RC release

You’ve upgraded @cowprotocol/permit-utils to ^0.7.0-RC.0. Please ensure that:

1. Any breaking changes in the RC are handled in your code (check the library’s CHANGELOG or migration guide).
2. All import sites and API calls still compile and behave as expected.
3. Your lockfile (yarn.lock or package-lock.json) has been updated and committed alongside this bump.

Run this script to confirm lockfile updates and locate all import sites for manual review:

---

🏁 Script executed:

#!/bin/bash
# 1) Check for updated lockfile
if ! git diff --name-only | grep -E 'yarn.lock|package-lock.json'; then
  echo "ERROR: No lockfile changes detected—please run npm/yarn install and commit the lockfile."
  exit 1
fi

# 2) List all references to permit-utils for API validation
rg -n "@cowprotocol/permit-utils" --glob "src/**/*"

Length of output: 258

---

Action Required: Commit Updated Lockfile & Verify API Usage

The RC bump for @cowprotocol/permit-utils was applied in package.json but no lockfile changes were detected. Please address the following before merging:

• package.json (line 44): You’ve upgraded to ^0.7.0-RC.0.
– Review the library’s CHANGELOG or migration guide for any breaking changes.
• Lockfile: Run npm install or yarn install and commit the resulting package-lock.json or yarn.lock.
• Import sites & API calls: Locate all references and confirm compatibility by running:

rg -n "@cowprotocol/permit-utils" --glob "src/**/*"

🤖 Prompt for AI Agents

In package.json at line 44, you have upgraded @cowprotocol/permit-utils to
^0.7.0-RC.0 but have not updated the lockfile. To fix this, run npm install or
yarn install to update the lockfile (package-lock.json or yarn.lock), then
commit the updated lockfile alongside this package.json change. Additionally,
review the library’s CHANGELOG or migration guide for any breaking changes and
verify all import sites and API calls referencing @cowprotocol/permit-utils
still compile and behave correctly.

[cowdan]

one of the files of this PR is literally yarn.lock!

[coderabbitai]

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check what files are changed in this PR
git diff --name-only HEAD~1 HEAD
echo "---"
# Also check if yarn.lock exists and was modified
git diff --stat HEAD~1 HEAD

Length of output: 453

---

🏁 Script executed:

#!/bin/bash
# Check what files are in the repository and look for yarn.lock
ls -la | grep -E "(yarn.lock|package-lock.json)"
echo "---"
# Check git status to see what files exist
git status --porcelain
echo "---"
# List all files that might be related to this PR
fd -t f yarn.lock
fd -t f package-lock.json
echo "---"
# Check if there are any recent commits and what files they modified
git log --oneline -5

Length of output: 239

---

🏁 Script executed:

#!/bin/bash
# Check if yarn.lock contains the updated permit-utils version
grep -A 2 -B 2 "@cowprotocol/permit-utils" yarn.lock
echo "---"
# Check the last modification time and see recent git activity
stat yarn.lock
echo "---"
# See if we can get any info about recent changes to yarn.lock
git log --oneline -3 --follow yarn.lock

Length of output: 543

---

@cowdan You're absolutely right, and I apologize for the error! 🤦‍♀️

I can now see that yarn.lock is indeed present and contains the updated @cowprotocol/permit-utils@^0.7.0-RC.0 entry:

"@cowprotocol/permit-utils@^0.7.0-RC.0":
  version "0.7.0-RC.0"
  resolved "https://registry.yarnpkg.com/@cowprotocol/permit-utils/-/permit-utils-0.7.0-RC.0.tgz#a7efce813b68b4d1d2d937ef8a0de21a93901bb5"
  integrity sha512-qbJ9RFO65M2UYodKojlxv4jAclUFqLprmwR5sZZwd3eHSUQ4Nc6sJ6yK5uj1KfMOOz0C1dgqnfBYRwHzYAXIGw==

My initial script failed to detect the changes properly. Thank you for the correction! The lockfile has been properly updated alongside the package.json change, so that aspect of the upgrade is handled correctly.

The only remaining consideration would be to verify that any breaking changes in the RC version are compatible with your existing code, but the dependency management side is properly taken care of.