Version Packages

[joaquim-verges]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@thirdweb-dev/service-utils@0.9.13

Patch Changes

• #7303 6378f37 Thanks @arcoraven! - chore: pass allowImpersonation to auth server

thirdweb@5.102.7

Patch Changes

• #7315 99d6b3b Thanks @MananTank! - - Add support for blob urls in MediaRenderer component
  • Fix className prop not set in loading state of MediaRenderer component

@thirdweb-dev/wagmi-adapter@0.2.93

---

PR-Codex overview

This PR focuses on updating various assets, enhancing security headers, and modifying several configuration files for the apps/dashboard project. It includes version upgrades for dependencies and introduces new SVG assets while cleaning up obsolete files.

Detailed summary

• Deleted obsolete files and asset links.
• Updated security headers in next.config.ts.
• Incremented versions in package.json for thirdweb, @thirdweb-dev/service-utils, and @thirdweb-dev/wagmi-adapter.
• Added new environment variables in .env.example.
• Introduced new SVG assets for branding.
• Updated metadata generation in layout.tsx.
• Modified MiniAppProvider in miniapp-provider.tsx to handle app initialization.
• Enhanced manifest generation in farcaster.json/route.ts.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• Bug Fixes

  • Improved the MediaRenderer component to support blob URLs as media sources.
  • Fixed an issue where the className prop was not applied during the MediaRenderer's loading state, ensuring consistent styling.

• New Features

  • Added support for Farcaster integration with new environment variables and manifest configuration.
  • Introduced a React context provider for managing Farcaster mini app state and lifecycle.
  • Added dynamic metadata generation with enhanced frame-related information.
  • Implemented new API routes serving Apple and Android app association configurations.

• Chores

  • Internal updates to authentication server flag handling.
  • Version numbers updated for several packages.
  • Dashboard security headers updated to allow framing by Farcaster domain.
  • Added Farcaster-related dependencies to the dashboard application.
  • Middleware updated to exclude well-known paths from authentication redirects on specific hosts.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
thirdweb-www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 13, 2025 7:54pm

4 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
docs-v2	⬜️ Skipped (Inspect)			Jun 13, 2025 7:54pm
login	⬜️ Skipped (Inspect)			Jun 13, 2025 7:54pm
thirdweb_playground	⬜️ Skipped (Inspect)			Jun 13, 2025 7:54pm
wallet-ui	⬜️ Skipped (Inspect)			Jun 13, 2025 7:54pm

[coderabbitai]

## Walkthrough

The changes remove two changeset files and update the changelogs and package versions for the `@thirdweb-dev/service-utils`, `@thirdweb-dev/wagmi-adapter`, and `thirdweb` packages. The updates document patches including passing the `allowImpersonation` flag to the authentication server and fixes to the `MediaRenderer` component, without altering any exported or public entities. Additionally, new environment variables, dependencies, and API route handlers were added to the dashboard app for Farcaster integration and platform-specific app linking. A React context provider for Farcaster mini app support was introduced, and middleware was updated to exempt `.well-known` paths from auth redirects on certain hosts.

## Changes

| Files/Groups                                                                                          | Change Summary                                                                                                                       |
|----------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|
| .changeset/whole-ends-like.md, .changeset/better-owls-flash.md                                     | Deleted changeset entries describing patches for `allowImpersonation` flag and `MediaRenderer` fixes.                                |
| packages/service-utils/CHANGELOG.md                                                                | Added changelog entry for version 0.9.13 documenting the patch update.                                                              |
| packages/service-utils/package.json                                                                | Updated package version from 0.9.12 to 0.9.13.                                                                                      |
| packages/thirdweb/CHANGELOG.md                                                                     | Added changelog entry for version 5.102.7 with fixes to `MediaRenderer` component.                                                  |
| packages/thirdweb/package.json                                                                     | Updated package version from 5.102.6 to 5.102.7.                                                                                    |
| packages/wagmi-adapter/CHANGELOG.md                                                                | Added changelog entry for version 0.2.93 without detailed changes.                                                                  |
| packages/wagmi-adapter/package.json                                                                | Updated package version from 0.2.92 to 0.2.93.                                                                                      |
| apps/dashboard/.env.example                                                                         | Added four new public environment variables related to Farcaster frame integration.                                                  |
| apps/dashboard/next.config.ts                                                                       | Modified Content Security Policy to allow framing by https://farcaster.xyz and its subdomains.                                        |
| apps/dashboard/package.json                                                                         | Added dependencies: `@farcaster/frame-core` and `@farcaster/frame-sdk`.                                                             |
| apps/dashboard/public/.well-known/apple-app-site-association, apple-developer-merchantid-domain-association, assetlinks.json | Deleted static platform-specific app linking and verification files (Apple and Android).                                             |
| apps/dashboard/src/app/.well-known/apple-app-site-association.json/route.ts                        | Added GET API route serving Apple App Site Association JSON configuration.                                                           |
| apps/dashboard/src/app/.well-known/apple-developer-merchantid-domain-association/route.ts          | Added GET API route serving Apple Developer Merchant ID domain association data.                                                     |
| apps/dashboard/src/app/.well-known/assetlinks.json/route.ts                                       | Added GET API route serving Android asset links JSON configuration.                                                                  |
| apps/dashboard/src/app/.well-known/farcaster.json/route.ts                                        | Added GET API route serving Farcaster manifest JSON constructed from environment variables.                                          |
| apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx                            | Added React context provider `MiniAppProvider` for managing Farcaster mini app integration state and lifecycle.                      |
| apps/dashboard/src/app/nebula-app/layout.tsx                                                      | Changed static metadata export to async function generating dynamic metadata including Farcaster frame info.                        |
| apps/dashboard/src/app/nebula-app/providers.tsx                                                   | Wrapped existing providers with the new `MiniAppProvider` to enable Farcaster mini app context.                                      |
| apps/dashboard/src/middleware.ts                                                                   | Expanded middleware to allow `.well-known` path requests on nebula subdomain and ngrok hosts without redirect or rewrite.           |

## Possibly related PRs

- thirdweb-dev/js#7116: Earlier patch update to `@thirdweb-dev/service-utils` improving error messages for HTTP 403 responses, related to the same package but different functionality.
- thirdweb-dev/js#7277: Updates `@thirdweb-dev/service-utils` to remove certain plan types and fields, related to patch releases of the same package.
  
## Suggested reviewers

- MananTank

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2a175dc and ab0f358.

📒 Files selected for processing (1)

• apps/dashboard/next.config.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/dashboard/next.config.ts

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Unit Tests
• GitHub Check: Size
• GitHub Check: Build Packages
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: Lint Packages
• GitHub Check: Analyze (javascript)

✨ Finishing Touches

• 📝 Generate Docstrings

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[graphite-app]

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 55.58%. Comparing base (64ee04c) to head (ab0f358).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7304   +/-   ##
=======================================
  Coverage   55.58%   55.58%           
=======================================
  Files         909      909           
  Lines       58683    58683           
  Branches     4158     4160    +2     
=======================================
  Hits        32617    32617           
  Misses      25959    25959           
  Partials      107      107           

Flag	Coverage Δ
packages	55.58% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
thirdweb (esm)	62.44 KB (0%)	1.3 s (0%)	246 ms (+178.94% 🔺)	1.5 s
thirdweb (cjs)	350.62 KB (0%)	7.1 s (0%)	710 ms (+15.69% 🔺)	7.8 s
thirdweb (minimal + tree-shaking)	5.7 KB (0%)	114 ms (0%)	121 ms (+1920.97% 🔺)	235 ms
thirdweb/chains (tree-shaking)	531 B (0%)	11 ms (0%)	57 ms (+3259.06% 🔺)	68 ms
thirdweb/react (minimal + tree-shaking)	19.59 KB (0%)	392 ms (0%)	143 ms (+1057.17% 🔺)	534 ms

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (6)

apps/dashboard/src/middleware.ts (1)

51-58: .well-known bypass works, but use a simpler path check

The early return for .well-known avoids auth redirects correctly.
A more straightforward and slightly cheaper test would avoid the split/array allocation and be less error-prone for exotic paths:

-const paths = pathname.slice(1).split("/");
+// NB: keep original for other logic, but cheap string check first
+if (
+  ((subdomain && (subdomain === "nebula" || subdomain.startsWith("nebula---"))) ||
+    host?.includes("ngrok")) &&
+  pathname.startsWith("/.well-known")
+) {
+  return NextResponse.next();
+}
+const paths = pathname.slice(1).split("/");

Same semantics, fewer allocations, handles /.well-known exactly.

apps/dashboard/.env.example (1)

111-117: Minor dotenv hygiene

1. NEXT_PUBLIC_ENGINE_CLOUD_URL still has surrounding quotes, which dotenv-linter warns about.
2. The new Farcaster keys break the alphabetical order block and there’s no trailing blank line.

-NEXT_PUBLIC_THIRDWEB_VAULT_URL=""
-NEXT_PUBLIC_ENGINE_CLOUD_URL=""
+# NEXT_PUBLIC_THIRDWEB_VAULT_URL=""
+# NEXT_PUBLIC_ENGINE_CLOUD_URL=
 
 # farcaster frame env variables
 NEXT_PUBLIC_APP_URL=
 NEXT_PUBLIC_FARCASTER_HEADER=
 NEXT_PUBLIC_FARCASTER_PAYLOAD=
 NEXT_PUBLIC_FARCASTER_SIGNATURE=
+

Adds the blank line, drops unnecessary quotes, maintains order.

🧰 Tools

🪛 dotenv-linter (3.3.0)

[warning] 111-111: [QuoteCharacter] The value has quote characters (', ")

---

[warning] 111-111: [UnorderedKey] The NEXT_PUBLIC_ENGINE_CLOUD_URL key should go before the NEXT_PUBLIC_THIRDWEB_VAULT_URL key

---

[warning] 117-117: [EndingBlankLine] No blank line at the end of the file

apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx (4)

31-34: Setter casing typo – setisInMiniApp should be setIsInMiniApp.

React’s convention (setFoo) improves readability and prevents accidental misuse later in the file (e.g. line 48). Renaming also prevents ESLint “camelcase” warnings.

-const [isInMiniApp, setisInMiniApp] = useState(false);
+const [isInMiniApp, setIsInMiniApp] = useState(false);

---

34-63: error state is written but never read.

You keep setError yet never expose error via context or render it. Either surface it (e.g. in the provider value) or drop the state to avoid dead code.

-const [, setError] = useState<string | null>(null);
+const [error, setError] = useState<string | null>(null);
/* …later… */
{/* optionally expose: */}
-error,

---

68-83: Using useQuery solely for a fire-and-forget side-effect is overkill.

react-query is designed for data caching; here you just need a one-off initialisation. A plain useEffect is simpler and avoids an unnecessary cache entry keyed as "miniapp-ready".

-useQuery({
-  queryKey: ["miniapp-ready"],
-  queryFn: async () => { … },
-});
+useEffect(() => {
+  (async () => {
+    await setMiniAppReady().catch(console.error);
+  })();
+}, [setMiniAppReady]);

---

84-96: handleAddMiniApp quietly swallows errors & results.

Consider propagating the AddMiniAppResult (or error) to callers / UI so that users receive feedback instead of silent failures.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 34d2345 and 2a175dc.

⛔ Files ignored due to path filters (14)

• apps/dashboard/public/assets/nebula/frame/ask-nebula-pfp.png is excluded by !**/*.png
• apps/dashboard/public/assets/nebula/frame/ask-nebula-pfp.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/farcaster-logo.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/frame.png is excluded by !**/*.png
• apps/dashboard/public/assets/nebula/frame/hero.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/icon.png is excluded by !**/*.png
• apps/dashboard/public/assets/nebula/frame/icon.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/og.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/screenshot.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/splash.png is excluded by !**/*.png
• apps/dashboard/public/assets/nebula/frame/splash.svg is excluded by !**/*.svg
• apps/dashboard/public/assets/nebula/frame/thirdweb-logo.png is excluded by !**/*.png
• apps/dashboard/public/assets/nebula/frame/user-logo.svg is excluded by !**/*.svg
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (14)

• apps/dashboard/.env.example (1 hunks)
• apps/dashboard/next.config.ts (1 hunks)
• apps/dashboard/package.json (1 hunks)
• apps/dashboard/public/.well-known/apple-app-site-association (0 hunks)
• apps/dashboard/public/.well-known/apple-developer-merchantid-domain-association (0 hunks)
• apps/dashboard/public/.well-known/assetlinks.json (0 hunks)
• apps/dashboard/src/app/.well-known/apple-app-site-association.json/route.ts (1 hunks)
• apps/dashboard/src/app/.well-known/apple-developer-merchantid-domain-association/route.ts (1 hunks)
• apps/dashboard/src/app/.well-known/assetlinks.json/route.ts (1 hunks)
• apps/dashboard/src/app/.well-known/farcaster.json/route.ts (1 hunks)
• apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx (1 hunks)
• apps/dashboard/src/app/nebula-app/layout.tsx (2 hunks)
• apps/dashboard/src/app/nebula-app/providers.tsx (2 hunks)
• apps/dashboard/src/middleware.ts (1 hunks)

💤 Files with no reviewable changes (3)

• apps/dashboard/public/.well-known/apple-developer-merchantid-domain-association
• apps/dashboard/public/.well-known/assetlinks.json
• apps/dashboard/public/.well-known/apple-app-site-association

✅ Files skipped from review due to trivial changes (5)

• apps/dashboard/src/app/.well-known/apple-developer-merchantid-domain-association/route.ts
• apps/dashboard/package.json
• apps/dashboard/next.config.ts
• apps/dashboard/src/app/.well-known/assetlinks.json/route.ts
• apps/dashboard/src/app/.well-known/apple-app-site-association.json/route.ts

🧰 Additional context used

🧬 Code Graph Analysis (2)

apps/dashboard/src/app/nebula-app/providers.tsx (1)

apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx (1)

• MiniAppProvider (24-125)

apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx (1)

apps/dashboard/src/app/nebula-app/(app)/utils/nebulaThirdwebClient.ts (1)

• nebulaAppThirdwebClient (46-46)

🪛 dotenv-linter (3.3.0)

apps/dashboard/.env.example

[warning] 111-111: [QuoteCharacter] The value has quote characters (', ")

---

[warning] 111-111: [UnorderedKey] The NEXT_PUBLIC_ENGINE_CLOUD_URL key should go before the NEXT_PUBLIC_THIRDWEB_VAULT_URL key

---

[warning] 117-117: [EndingBlankLine] No blank line at the end of the file

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: Size
• GitHub Check: E2E Tests (pnpm, vite)
• GitHub Check: E2E Tests (pnpm, esbuild)
• GitHub Check: Build Packages
• GitHub Check: E2E Tests (pnpm, webpack)
• GitHub Check: Unit Tests
• GitHub Check: Lint Packages
• GitHub Check: Analyze (javascript)

🔇 Additional comments (3)

apps/dashboard/src/app/nebula-app/providers.tsx (1)

9-31: Provider layering LGTM

MiniAppProvider is inserted directly under ThirdwebProvider, ensuring all thirdweb hooks it relies on are available. Existing providers keep functioning and useTheme continues to work because ThemeProvider still wraps them. Good addition 👌

apps/dashboard/src/app/nebula-app/layout.tsx (1)

18-45: Dynamic metadata generation looks correct

The switch to generateMetadata() aligns with the Next.js 13/14 pattern, and the frame metadata is well-formed.
Consider typing the return (Promise<Metadata>) for IDE support, but otherwise no concerns.

apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx (1)

98-110: Second useQuery runs on every mount until context.client.added is truthy.

If context?.client?.added is undefined for non-mini-app sessions, the query stays enabled and polls each render. A defensive default (false) or a stricter guard on isInMiniApp would prevent unnecessary requests.

[coderabbitai]

🛠️ Refactor suggestion

Validate required env vars before emitting manifest

If any of the three Farcaster signing fields are missing, the route currently returns "header": undefined, which violates the spec and could break partner integrations silently.

   const appUrl =
     process.env.NEXT_PUBLIC_APP_URL || "http://nebula---localhost:3000";
+
+  const { NEXT_PUBLIC_FARCASTER_HEADER: header,
+    NEXT_PUBLIC_FARCASTER_PAYLOAD: payload,
+    NEXT_PUBLIC_FARCASTER_SIGNATURE: signature } = process.env;
+
+  if (!header || !payload || !signature) {
+    return NextResponse.json(
+      { error: "Farcaster env variables are not configured" },
+      { status: 500 },
+    );
+  }
   const manifest = {
     accountAssociation: {
-        header: process.env.NEXT_PUBLIC_FARCASTER_HEADER,
-        payload: process.env.NEXT_PUBLIC_FARCASTER_PAYLOAD,
-        signature: process.env.NEXT_PUBLIC_FARCASTER_SIGNATURE,
+        header,
+        payload,
+        signature,
     },

This fails loudly in mis-configured environments instead of serving an invalid manifest.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	import { NextResponse } from "next/server";
	export async function GET() {
	try {
	const appUrl =
	process.env.NEXT_PUBLIC_APP_URL || "http://nebula---localhost:3000";
	const manifest = {
	accountAssociation: {
	header: process.env.NEXT_PUBLIC_FARCASTER_HEADER,
	payload: process.env.NEXT_PUBLIC_FARCASTER_PAYLOAD,
	signature: process.env.NEXT_PUBLIC_FARCASTER_SIGNATURE,
	},
	frame: {
	version: "1",
	name: "Nebula",
	iconUrl: `${appUrl}/assets/nebula/frame/ask-nebula-pfp.png`,
	imageUrl: `${appUrl}/assets/nebula/frame/frame.png`,
	homeUrl: appUrl,
	splashImageUrl: `${appUrl}/assets/nebula/frame/ask-nebula-pfp.png`,
	splashBackgroundColor: "#171B20",
	subtitle: "Web3 AI Assistant",
	description:
	"Ask questions about your web3 activity, get AI-powered insights about your wallet, and explore blockchain data through natural language",
	primaryCategory: "utility",
	tags: ["ai", "web3", "blockchain", "insights", "wallet"],
	tagline: "Your AI guide to web3",
	ogTitle: "Nebula - Web3 AI Assistant",
	ogDescription:
	"Interact with your wallet data through natural language queries powered by Thirdweb Nebula AI",
	heroImageUrl: `${appUrl}/assets/nebula/frame/screenshot.svg`,
	ogImageUrl: `${appUrl}/assets/nebula/frame/og.svg`,
	screenshotUrls: [
	`${appUrl}/assets/nebula/frame/screenshot.svg`,
	`${appUrl}/assets/nebula/frame/frame.png`,
	`${appUrl}/assets/nebula/frame/og.svg`,
	],
	},
	};
	return NextResponse.json(manifest);
	} catch (error) {
	console.error("Error generating manifest:", error);
	return NextResponse.json(
	{ error: (error as Error).message },
	{ status: 500 },
	);
	}
	}
	import { NextResponse } from "next/server";
	export async function GET() {
	try {
	const appUrl =
	process.env.NEXT_PUBLIC_APP_URL || "http://nebula---localhost:3000";
	const {
	NEXT_PUBLIC_FARCASTER_HEADER: header,
	NEXT_PUBLIC_FARCASTER_PAYLOAD: payload,
	NEXT_PUBLIC_FARCASTER_SIGNATURE: signature,
	} = process.env;
	if (!header || !payload || !signature) {
	return NextResponse.json(
	{ error: "Farcaster env variables are not configured" },
	{ status: 500 },
	);
	}
	const manifest = {
	accountAssociation: {
	header,
	payload,
	signature,
	},
	frame: {
	version: "1",
	name: "Nebula",
	iconUrl: `${appUrl}/assets/nebula/frame/ask-nebula-pfp.png`,
	imageUrl: `${appUrl}/assets/nebula/frame/frame.png`,
	homeUrl: appUrl,
	splashImageUrl: `${appUrl}/assets/nebula/frame/ask-nebula-pfp.png`,
	splashBackgroundColor: "#171B20",
	subtitle: "Web3 AI Assistant",
	description:
	"Ask questions about your web3 activity, get AI-powered insights about your wallet, and explore blockchain data through natural language",
	primaryCategory: "utility",
	tags: ["ai", "web3", "blockchain", "insights", "wallet"],
	tagline: "Your AI guide to web3",
	ogTitle: "Nebula - Web3 AI Assistant",
	ogDescription:
	"Interact with your wallet data through natural language queries powered by Thirdweb Nebula AI",
	heroImageUrl: `${appUrl}/assets/nebula/frame/screenshot.svg`,
	ogImageUrl: `${appUrl}/assets/nebula/frame/og.svg`,
	screenshotUrls: [
	`${appUrl}/assets/nebula/frame/screenshot.svg`,
	`${appUrl}/assets/nebula/frame/frame.png`,
	`${appUrl}/assets/nebula/frame/og.svg`,
	],
	},
	};
	return NextResponse.json(manifest);
	} catch (error) {
	console.error("Error generating manifest:", error);
	return NextResponse.json(
	{ error: (error as Error).message },
	{ status: 500 },
	);
	}
	}

🤖 Prompt for AI Agents

In apps/dashboard/src/app/.well-known/farcaster.json/route.ts around lines 1 to
47, the code does not validate that the required Farcaster signing environment
variables are present before building the manifest, causing undefined values to
be emitted. Add explicit checks for NEXT_PUBLIC_FARCASTER_HEADER,
NEXT_PUBLIC_FARCASTER_PAYLOAD, and NEXT_PUBLIC_FARCASTER_SIGNATURE at the start
of the GET function, and if any are missing, throw an error or return a 500
response with a clear message to fail loudly instead of returning an invalid
manifest.

[coderabbitai]

🛠️ Refactor suggestion

Avoid deep dist/* imports – rely on public entrypoints.

Importing from internal dist paths couples the app to the package’s build layout and bypasses semantic-version guarantees. Use the public exports instead, e.g.

-import type { AddMiniAppResult } from "@farcaster/frame-core/dist/actions/AddMiniApp";
-import type { FrameContext } from "@farcaster/frame-core/dist/context";
+import type { AddMiniAppResult, FrameContext } from "@farcaster/frame-core";

This shields you from breaking changes when the library reshuffles its internal folders.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	import type { AddMiniAppResult } from "@farcaster/frame-core/dist/actions/AddMiniApp";
	import type { FrameContext } from "@farcaster/frame-core/dist/context";
	import { sdk } from "@farcaster/frame-sdk";
	import type { AddMiniAppResult, FrameContext } from "@farcaster/frame-core";
	import { sdk } from "@farcaster/frame-sdk";

🤖 Prompt for AI Agents

In apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx
around lines 3 to 5, the imports use deep paths into the dist folder of
@farcaster/frame-core, which couples the code to internal build structure.
Replace these deep imports with imports from the package's public entrypoints by
importing AddMiniAppResult and FrameContext directly from
"@farcaster/frame-core" to ensure stability and compatibility with future
package versions.

[coderabbitai]

⚠️ Potential issue

connectWallet never awaits or returns the connect promise – potential race conditions.

Because you await connectWallet() (line 58) you need connectWallet itself to return a promise. Otherwise the outer await resolves immediately, and wallet connection may still be pending.

-const connectWallet = useCallback(async () => {
-  connect(async () => {
+const connectWallet = useCallback(() => {
+  return connect(async () => {
     const wallet = EIP1193.fromProvider({ provider: sdk.wallet.ethProvider });
     await wallet.connect({ client: nebulaAppThirdwebClient, chain: base });
     return wallet;
   });
-}, [connect]);
+}, [connect]);

This also propagates any connection error to the caller for proper handling.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const connectWallet = useCallback(async () => {
	connect(async () => {
	const wallet = EIP1193.fromProvider({ provider: sdk.wallet.ethProvider });
	await wallet.connect({ client: nebulaAppThirdwebClient, chain: base });
	return wallet;
	});
	}, [connect]);
	const connectWallet = useCallback(() => {
	return connect(async () => {
	const wallet = EIP1193.fromProvider({ provider: sdk.wallet.ethProvider });
	await wallet.connect({ client: nebulaAppThirdwebClient, chain: base });
	return wallet;
	});
	}, [connect]);

🤖 Prompt for AI Agents

In apps/dashboard/src/app/nebula-app/(app)/_farcaster/miniapp-provider.tsx
around lines 37 to 43, the connectWallet function calls connect but does not
await or return its promise, causing potential race conditions. Modify
connectWallet to return the promise from connect by adding a return statement
before connect, ensuring that connectWallet itself returns a promise. This
allows callers awaiting connectWallet to properly wait for the connection to
complete and handle any errors.