feat(ci): solidity fork test cronjob

[paulbalaji]

Summary

Adds a scheduled CI workflow to run Solidity fork tests daily with private archive RPCs, and provides a clean local development experience with public RPC defaults.

Background

Fork tests were previously excluded from CI (#7461) because they require archive RPC nodes that public endpoints do not reliably provide. This PR brings them back as a scheduled job.

Changes

New workflow: .github/workflows/solidity-fork-tests.yml

• Runs daily at 6:00 UTC
• Runs on push to main
• Runs on PRs that modify solidity/** or the workflow itself
• Manual trigger via workflow_dispatch
• Injects private RPCs via $GITHUB_ENV from secrets:
  • MAINNET3_ETHEREUM_RPC_URLS → RPC_URL_MAINNET
  • MAINNET3_OPTIMISM_RPC_URLS → RPC_URL_OPTIMISM
  • MAINNET3_POLYGON_RPC_URLS → RPC_URL_POLYGON
  • MAINNET3_ARBITRUM_RPC_URLS → RPC_URL_ARBITRUM
  • MAINNET3_BASE_RPC_URLS → RPC_URL_BASE

solidity/foundry.toml

• RPC endpoints use ${RPC_URL_*} env var references

solidity/.env.default (new)

• Provides public RPC defaults for local development
• Uses conditional assignment (${VAR:-default}) so CI env vars take precedence
• Excluded from *.env gitignore pattern via !.env.default

solidity/package.json

• test:fork script sources .env.default before running forge

.github/workflows/test.yml

• Removed redundant foundry-install step (already handled by yarn-build-with-cache)

How it works

Local development:

yarn test:fork  # Sources .env.default, uses public RPCs

CI:

1. Workflow sets RPC_URL_* env vars via $GITHUB_ENV
2. yarn test:fork sources .env.default
3. Conditional assignment preserves CI values (private RPCs)

Test plan

• Local fork tests run with public RPCs (some fail due to pruned state - expected)
• Config validated locally
• CI workflow runs successfully with private archive RPCs

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features

  • Added fork test execution capability with dedicated GitHub Actions workflow and local testing script.

• Chores

  • Configured RPC endpoints as environment variables to enable flexible fork testing across multiple networks.
  • Added default RPC endpoint configuration file.
  • Updated CI/CD workflows and test infrastructure to support automated fork test runs.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: f0b4615

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a dedicated GitHub Actions workflow for Solidity fork tests triggered on main pushes and pull requests. Moves fork test RPC setup from the main test workflow to environment variables. Updates Solidity configuration to reference environment-based RPC endpoints and includes a new test:fork npm script with default RPC URLs.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflows .github/workflows/solidity-fork-tests.yml, .github/workflows/test.yml	New workflow added for Solidity fork tests with concurrency control and 30-minute timeout. Removed redundant Foundry RPC URL setup step from existing test workflow.
Solidity RPC Configuration & Scripts solidity/foundry.toml, solidity/.env.default, solidity/.gitignore, solidity/package.json	Replaced hardcoded RPC endpoints in foundry.toml with environment variable references. Added .env.default file with default RPC URLs for mainnet, Optimism, Polygon, Arbitrum, and Base. Updated gitignore to exclude .env.default from being ignored. Added test:fork npm script.
Test File Updates solidity/test/token/TokenBridgeCctp.t.sol	Updated deployment artifact path reference from node_modules to dependencies structure.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify RPC endpoint URLs in .env.default are correct and accessible
• Confirm the GitHub Actions workflow concurrency and timeout values align with team standards
• Check that the test:fork script properly sources .env.default before executing forge tests
• Ensure all environment variable names match between foundry.toml and .env.default

Possibly related PRs

• feat: Add Everclear TokenBridge #6625 – Modifies RPC endpoint configuration in solidity/foundry.toml; the main PR shifts to environment-based references while the related PR adds an Arbitrum endpoint, so these coordinate around Arbitrum RPC handling.

Suggested reviewers

• ltyu
• yorhodes

Poem

🧅 Like layers, the config unfolds just right,
Fork tests in their own workflow, set tight,
Environment whispers where endpoints reside,
No more hardcoded roads, let the variables guide,
Better separation, cleaner and bright!

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding a scheduled CI workflow for Solidity fork tests with clear, specific terminology.
Description check	✅ Passed	The description covers all required template sections with comprehensive detail about changes, rationale, and testing approach.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/foundry-rpc-env-vars

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.00%. Comparing base (816850b) to head (f0b4615).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@     Coverage Diff      @@
##   main   #7459   +/-   ##
============================
============================

Components	Coverage Δ
core	∅ <ø> (∅)
hooks	∅ <ø> (∅)
isms	∅ <ø> (∅)
token	∅ <ø> (∅)
middlewares	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/solidity-fork-tests.yml (1)

39-62: RPC URL injection via sed is functional but brittle—consider escaping edge cases.

The sed-based approach extracts the first URL from comma-separated secrets and updates foundry.toml. While it works for typical URLs, it could fail silently if:

• An RPC URL contains special regex characters (unlikely but possible with unusual proxy URLs)
• The foundry.toml format drifts slightly (though you've defended against that by matching the full pattern)

The checks for non-empty env vars are good defensive coding. If RPC URLs are stable and predictable, this is fine. Just keep an eye on it if proxy URLs ever get exotic.

Consider piping through a more robust config update if these secrets ever become complex, but for now this is functional and acceptable for a scheduled job.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f68c6b0 and 95f1bcd55c968a0fdf194062c45009df9f2b9c6e.

📒 Files selected for processing (4)

• .github/workflows/solidity-fork-tests.yml (1 hunks)
• .github/workflows/test.yml (0 hunks)
• solidity/foundry.toml (1 hunks)
• solidity/package.json (1 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/test.yml

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:3380-3439
Timestamp: 2025-08-26T13:45:44.656Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json files in rust/main/config/ directory as requested by paulbalaji.

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.332Z
Learning: Run all tests using `yarn test` for unified testing; use workspace-specific commands for targeted testing (Hardhat, Forge for Solidity; Unit tests for TypeScript; Cargo for Rust)

📚 Learning: 2025-11-24T17:19:38.332Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.332Z
Learning: Run all tests using `yarn test` for unified testing; use workspace-specific commands for targeted testing (Hardhat, Forge for Solidity; Unit tests for TypeScript; Cargo for Rust)

Applied to files:

• solidity/package.json
• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-11-24T17:19:38.332Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.332Z
Learning: Use Turbo for building all workspaces in the monorepo; use workspace-specific build commands for individual components (Solidity with Hardhat + Forge, TypeScript SDK, Rust agents with Cargo)

Applied to files:

• solidity/package.json

🪛 actionlint (1.7.8)

.github/workflows/solidity-fork-tests.yml

29-29: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

65-65: missing input "ref" which is required by action "Yarn Build with Cache" defined at "./.github/actions/yarn-build-with-cache". all required inputs are "ref"

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (64)

• GitHub Check: coverage-run
• GitHub Check: cli-evm-e2e-matrix (warp-read)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
• GitHub Check: cli-evm-e2e-matrix (warp-send)
• GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
• GitHub Check: cli-evm-e2e-matrix (warp-check-2)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-2)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
• GitHub Check: cli-evm-e2e-matrix (warp-init)
• GitHub Check: cli-evm-e2e-matrix (core-read)
• GitHub Check: cli-evm-e2e-matrix (warp-check-1)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
• GitHub Check: cli-evm-e2e-matrix (warp-check-4)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
• GitHub Check: cli-evm-e2e-matrix (core-deploy)
• GitHub Check: cli-evm-e2e-matrix (core-check)
• GitHub Check: cli-evm-e2e-matrix (warp-check-5)
• GitHub Check: cli-evm-e2e-matrix (warp-check-3)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-1)
• GitHub Check: cli-evm-e2e-matrix (core-apply)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
• GitHub Check: cli-evm-e2e-matrix (core-init)
• GitHub Check: cli-evm-e2e-matrix (relay)
• GitHub Check: env-test-matrix (mainnet3, ethereum, core)
• GitHub Check: env-test-matrix (mainnet3, inevm, igp)
• GitHub Check: env-test-matrix (mainnet3, optimism, igp)
• GitHub Check: env-test-matrix (testnet4, sepolia, core)
• GitHub Check: env-test-matrix (mainnet3, optimism, core)
• GitHub Check: env-test-matrix (mainnet3, inevm, core)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
• GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-route-extension)
• GitHub Check: cosmos-sdk-e2e-run
• GitHub Check: cli-radix-e2e-matrix (warp-deploy)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-ownership-updates)
• GitHub Check: cli-cosmos-e2e-matrix (warp-read)
• GitHub Check: cli-cosmos-e2e-matrix (core-read)
• GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
• GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
• GitHub Check: cli-radix-e2e-matrix (core-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (core-check)
• GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (core-apply)
• GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
• GitHub Check: yarn-test-run
• GitHub Check: cli-install-test-run
• GitHub Check: infra-test
• GitHub Check: lander-coverage
• GitHub Check: lint-rs
• GitHub Check: test-rs
• GitHub Check: e2e-matrix (evm)
• GitHub Check: e2e-matrix (starknet)
• GitHub Check: e2e-matrix (sealevel)
• GitHub Check: e2e-matrix (radix)
• GitHub Check: e2e-matrix (cosmwasm)
• GitHub Check: e2e-matrix (cosmosnative)
• GitHub Check: agent-configs (testnet4)
• GitHub Check: fork-tests
• GitHub Check: slither

🔇 Additional comments (4)

solidity/package.json (1)

89-89: Script structure looks solid for separating fork test concerns.

The two-command approach (test-level then contract-level matching) mirrors the fork test categories mentioned in the PR. No concerns here—just layers the filtering appropriately.

solidity/foundry.toml (1)

24-24: Public endpoint fallbacks are sensible.

These are standard, well-known public RPC endpoints used as defaults. The workflow injects private archive URLs at runtime, so these serve as reasonable local-dev fallbacks. Clean separation of concerns.

Also applies to: 26-26

.github/workflows/solidity-fork-tests.yml (2)

12-14: Schedule trigger looks reasonable, but keep clock drift in mind.

Runs daily at 06:00 UTC. GitHub's cron can drift by a few minutes depending on queue load. If fork tests are time-sensitive or need to coordinate with other scheduled jobs, be aware of this. For now, it's fine.

---

29-29: The concern about depot-ubuntu-latest is incorrect—this is a valid Depot-provided runner.

depot-ubuntu-latest is a legitimate custom runner label provided by Depot. Web documentation confirms it now points to Ubuntu 24.04 LTS (as of February 20, 2025). The label is used consistently across multiple workflows in your repository (release.yml, rust-release.yml, test.yml, solidity-fork-tests.yml), confirming it's a standard part of your CI setup. The actionlint warning is a false positive due to missing Depot runner configuration in the actionlint setup—not a real issue with the workflow.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/solidity-fork-tests.yml (1)

64-69: Workflow wraps up clean, one caveat noted.

Build and fork test steps follow the pattern established elsewhere. The yarn-build-with-cache action call is missing the "ref" input that the action definition marks as required—but as acknowledged in the past review, the action doesn't actually use it, so it'll still work. You mentioned tidying that up in a follow-up, which is fair.

🧹 Nitpick comments (1)

.github/workflows/monorepo-docker.yml (1)

17-19: Consider narrowing the package.json trigger pattern to avoid excessive rebuilds.

That **/package.json glob's gonna match every package.json in the whole swamp—er, monorepo. Any time someone tweaks a version or dependency in any workspace (Solidity, Rust, TypeScript, etc.), this Docker build will kick off. That's... a lot of rebuilds.

If the Dockerfile really needs to be triggered by dependency changes, it'd be better to target specific package.json files that actually matter—like the root package.json, or perhaps typescript/**/package.json and solidity/package.json if those are the ones the image depends on.

The yarn.lock trigger makes sense though. That's solid.

Consider one of these alternatives:

• Option 1 (most specific): Only trigger on the root package.json: - 'package.json'
• Option 2 (workspace-aware): Trigger on specific workspace package.json files:

  - 'package.json'
  - 'typescript/**/package.json'
  - 'solidity/package.json'

• Option 3 (current, but document the breadth): Keep **/package.json but add a comment explaining this may cause frequent rebuilds when any workspace updates dependencies.

Which package.json files actually affect the Docker image build? This'll help determine if the broad pattern is intentional or can be tightened.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 95f1bcd55c968a0fdf194062c45009df9f2b9c6e and 71ee09f.

📒 Files selected for processing (7)

• .github/workflows/monorepo-docker.yml (1 hunks)
• .github/workflows/solidity-fork-tests.yml (1 hunks)
• .github/workflows/test.yml (1 hunks)
• Dockerfile (1 hunks)
• solidity/foundry.toml (1 hunks)
• solidity/package.json (2 hunks)
• solidity/turbo.json (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• Dockerfile

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/test.yml

🧰 Additional context used

🧠 Learnings (10)

📓 Common learnings

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Use Turbo for building all workspaces in the monorepo; use workspace-specific build commands for individual components (Solidity with Hardhat + Forge, TypeScript SDK, Rust agents with Cargo)

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 7410
File: solidity/foundry.toml:8-8
Timestamp: 2025-11-25T17:10:33.369Z
Learning: In the hyperlane-xyz/hyperlane-monorepo repository, when using pnpm (instead of Yarn), Foundry's `allow_paths` in solidity/foundry.toml should be set to `["./node_modules"]` rather than `["../node_modules"]` because pnpm's default node_modules structure places dependencies locally in the workspace subdirectory, not requiring access to the parent directory's node_modules.

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Run all tests using `yarn test` for unified testing; use workspace-specific commands for targeted testing (Hardhat, Forge for Solidity; Unit tests for TypeScript; Cargo for Rust)

📚 Learning: 2025-11-25T17:10:33.369Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 7410
File: solidity/foundry.toml:8-8
Timestamp: 2025-11-25T17:10:33.369Z
Learning: In the hyperlane-xyz/hyperlane-monorepo repository, when using pnpm (instead of Yarn), Foundry's `allow_paths` in solidity/foundry.toml should be set to `["./node_modules"]` rather than `["../node_modules"]` because pnpm's default node_modules structure places dependencies locally in the workspace subdirectory, not requiring access to the parent directory's node_modules.

Applied to files:

• .github/workflows/monorepo-docker.yml

📚 Learning: 2025-11-24T17:19:38.362Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Use Turbo for building all workspaces in the monorepo; use workspace-specific build commands for individual components (Solidity with Hardhat + Forge, TypeScript SDK, Rust agents with Cargo)

Applied to files:

• solidity/turbo.json
• solidity/package.json

📚 Learning: 2025-11-24T17:19:38.362Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Run all tests using `yarn test` for unified testing; use workspace-specific commands for targeted testing (Hardhat, Forge for Solidity; Unit tests for TypeScript; Cargo for Rust)

Applied to files:

• .github/workflows/solidity-fork-tests.yml
• solidity/package.json

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:45:52.227Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:45:29.848Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: typescript/infra/config/environments/testnet4/ism/verification.json:3835-3939
Timestamp: 2025-08-26T13:45:29.848Z
Learning: Skip reviewing verification.json files in typescript/infra/config/environments/testnet4/ism/verification.json and similar verification.json files as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:45:44.656Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:3380-3439
Timestamp: 2025-08-26T13:45:44.656Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json files in rust/main/config/ directory as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-07-01T18:44:43.514Z

Learnt from: larryob
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6661
File: solidity/contracts/avs/HyperlaneServiceManager.sol:21-23
Timestamp: 2025-07-01T18:44:43.514Z
Learning: Test files and script files in Solidity projects typically don't need absolute import fixes with the same urgency as contract files, since they are not imported by other modules in the codebase. The compilation issues from absolute imports mainly affect files under the contracts directory that users import from.

Applied to files:

• solidity/package.json

🪛 actionlint (1.7.9)

.github/workflows/solidity-fork-tests.yml

29-29: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-slim", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

65-65: missing input "ref" which is required by action "Yarn Build with Cache" defined at "./.github/actions/yarn-build-with-cache". all required inputs are "ref"

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (70)

• GitHub Check: cli-evm-e2e-matrix (warp-read)
• GitHub Check: cli-evm-e2e-matrix (warp-init)
• GitHub Check: cli-evm-e2e-matrix (warp-send)
• GitHub Check: cli-evm-e2e-matrix (warp-check-4)
• GitHub Check: cli-evm-e2e-matrix (warp-check-3)
• GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
• GitHub Check: cli-evm-e2e-matrix (warp-check-5)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-simple-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-rebalancing-config)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
• GitHub Check: cli-evm-e2e-matrix (warp-check-1)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
• GitHub Check: cli-evm-e2e-matrix (warp-check-2)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
• GitHub Check: cli-evm-e2e-matrix (core-init)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-hook-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-ownership-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
• GitHub Check: cli-evm-e2e-matrix (core-read)
• GitHub Check: cli-evm-e2e-matrix (core-deploy)
• GitHub Check: cli-evm-e2e-matrix (relay)
• GitHub Check: cli-evm-e2e-matrix (core-apply)
• GitHub Check: cli-evm-e2e-matrix (core-check)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
• GitHub Check: env-test-matrix (testnet4, sepolia, core)
• GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
• GitHub Check: env-test-matrix (mainnet3, optimism, core)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
• GitHub Check: env-test-matrix (mainnet3, optimism, igp)
• GitHub Check: env-test-matrix (mainnet3, ethereum, core)
• GitHub Check: aleo-sdk-e2e-run
• GitHub Check: cosmos-sdk-e2e-run
• GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (core-read)
• GitHub Check: cli-cosmos-e2e-matrix (warp-read)
• GitHub Check: cli-radix-e2e-matrix (core-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (core-apply)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-route-extension)
• GitHub Check: cli-cosmos-e2e-matrix (core-check)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-ownership-updates)
• GitHub Check: cli-radix-e2e-matrix (warp-deploy)
• GitHub Check: cli-install-test-run
• GitHub Check: yarn-test-run
• GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
• GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
• GitHub Check: coverage-run
• GitHub Check: infra-test
• GitHub Check: build-and-push-to-gcr
• GitHub Check: diff-check
• GitHub Check: lander-coverage
• GitHub Check: e2e-matrix (radix)
• GitHub Check: e2e-matrix (starknet)
• GitHub Check: e2e-matrix (evm)
• GitHub Check: e2e-matrix (sealevel)
• GitHub Check: agent-configs (mainnet3)
• GitHub Check: e2e-matrix (cosmwasm)
• GitHub Check: agent-configs (testnet4)
• GitHub Check: e2e-matrix (cosmosnative)
• GitHub Check: lint-prettier
• GitHub Check: test-rs
• GitHub Check: fork-tests
• GitHub Check: lint-rs
• GitHub Check: diff-check
• GitHub Check: slither

🔇 Additional comments (5)

solidity/foundry.toml (1)

23-23: Fair trade, these endpoints look solid.

The RPC updates to Optimism and Arbitrum use official chain infrastructure, which is more reliable for fork tests than the previous third-party alternatives. These become the defaults for local dev; the CI workflow overrides 'em with secrets anyway.

Also applies to: 25-25

solidity/package.json (1)

71-71: Scripts are lean and fit the bill.

Both additions are straightforward wrappers that align with the turbo task and workflow. The test:fork script properly separates fork testing (by name and contract) from regular tests, which keeps the test:ci job clean per #7461.

Also applies to: 87-87

solidity/turbo.json (1)

4-9: Task's built right into the engine.

The deps:soldeer task is properly scoped with inputs/outputs for caching, and the build dependency ensures dependencies resolve before compilation. Classic Turbo pattern—keeps the build order predictable and cacheable.

.github/workflows/solidity-fork-tests.yml (2)

3-15: Trigger strategy's all layered in.

Schedule (daily 6 UTC), manual dispatch, and path-based triggers on the workflow itself cover the use cases well. Fork tests run regularly without clogging standard CI, and developers can test changes manually.

---

46-62: RPC URL injection looks well-handled, but verify the runner.

The sed approach to extract first URL from comma-separated secrets and update foundry.toml is solid for the happy path. However, the static analyzer flags "depot-ubuntu-latest" as an unknown runner label—standard GitHub labels don't include that one. If this is a custom self-hosted runner, make sure it's configured in your infra and properly tagged.

To verify the runner setup, you might want to check:

• Is "depot-ubuntu-latest" a self-hosted runner label configured in your GitHub org?
• Are the Depot (cache.depot.dev) secrets and tokens set up correctly for this workflow?

If "depot-ubuntu-latest" isn't available, the workflow will fail at runtime despite passing syntax checks.

[larryob]

LGTM

[hyper-gonk]

🐳 Monorepo Docker Image Built Successfully

Image Tags:

gcr.io/abacus-labs-dev/hyperlane-monorepo:pr-7459
gcr.io/abacus-labs-dev/hyperlane-monorepo:f0b4615-20251205-114940

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

solidity/.env.default (1)

1-7: Shell-style defaults look right; consider taming dotenv-linter if it’s grumbling

The export RPC_URL_*="${RPC_URL_*:-...}" pattern is spot on for “CI secrets override, otherwise fall back to public RPCs” when the file is sourced in the test script. If dotenv-linter is being run over solidity/.env.default, its SubstitutionKey/ordering warnings here are just because this is a shell script rather than a strict KEY=VALUE dotenv file; feel free to exclude this path from that linter rather than changing the syntax.

.github/workflows/solidity-fork-tests.yml (1)

1-55: Workflow wiring for fork tests looks solid; you may want stricter secret checks

The triggers, concurrency, and the Set Foundry RPC URLs for fork tests step all hang together nicely with the new foundry.toml and .env.default setup, and yarn test:fork in ./solidity keeps things scoped to the right workspace.

One optional hardening tweak: if any of the MAINNET3_*_RPC_URLS secrets are unset or empty, this script will quietly write an empty RPC_URL_* into $GITHUB_ENV, and the fork tests will just fall back to the public defaults from .env.default. If you’d rather catch misconfigured secrets early instead of drifting onto public RPCs in CI, you could add a short check like:

      - name: Set Foundry RPC URLs for fork tests
        env:
          MAINNET3_ETHEREUM_RPC_URLS: ${{ secrets.MAINNET3_ETHEREUM_RPC_URLS }}
          # ...
        run: |
          set -euo pipefail
          for name in MAINNET3_ETHEREUM_RPC_URLS MAINNET3_OPTIMISM_RPC_URLS MAINNET3_POLYGON_RPC_URLS MAINNET3_ARBITRUM_RPC_URLS MAINNET3_BASE_RPC_URLS; do
            val="${!name:-}"
            [ -z "$val" ] && echo "Missing secret: $name" && exit 1
          done
          echo "RPC_URL_MAINNET=${MAINNET3_ETHEREUM_RPC_URLS%%,*}" >> "$GITHUB_ENV"
          # remaining echoes...

Totally fine to leave as-is if you’re happy with the “fall back to public RPCs” behavior.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 71ee09f and f0b4615.

📒 Files selected for processing (7)

• .github/workflows/solidity-fork-tests.yml (1 hunks)
• .github/workflows/test.yml (0 hunks)
• solidity/.env.default (1 hunks)
• solidity/.gitignore (1 hunks)
• solidity/foundry.toml (1 hunks)
• solidity/package.json (1 hunks)
• solidity/test/token/TokenBridgeCctp.t.sol (1 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/test.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• solidity/package.json

🧰 Additional context used

📓 Path-based instructions (2)

solidity/**/*.sol

📄 CodeRabbit inference engine (CLAUDE.md)

Solidity contracts must implement a message dispatch flow: applications send messages via Mailbox.dispatch() on origin chain, Rust relayers index dispatched messages from chain events, relayers fetch security metadata, messages are delivered to destination Mailbox.process() with proofs, and destination applications receive messages via IMessageRecipient.handle()

Files:

• solidity/test/token/TokenBridgeCctp.t.sol

solidity/**/token/**/*.sol

📄 CodeRabbit inference engine (CLAUDE.md)

Token Bridge implementation must use HypERC20 for native token implementations and HypERC20Collateral for wrapped/collateral token implementations supporting multi-chain deployments with unified liquidity

Files:

• solidity/test/token/TokenBridgeCctp.t.sol

🧠 Learnings (8)

📓 Common learnings

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

📚 Learning: 2025-11-24T17:19:38.362Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Applies to solidity/**/token/**/*.sol : Token Bridge implementation must use `HypERC20` for native token implementations and `HypERC20Collateral` for wrapped/collateral token implementations supporting multi-chain deployments with unified liquidity

Applied to files:

• solidity/test/token/TokenBridgeCctp.t.sol

📚 Learning: 2025-11-24T17:19:38.362Z

Learnt from: CR
Repo: hyperlane-xyz/hyperlane-monorepo PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T17:19:38.362Z
Learning: Run all tests using `yarn test` for unified testing; use workspace-specific commands for targeted testing (Hardhat, Forge for Solidity; Unit tests for TypeScript; Cargo for Rust)

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/testnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:46:37.695Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/mainnet_config.json:965-965
Timestamp: 2025-08-26T13:46:37.695Z
Learning: In the repository hyperlane-xyz/hyperlane-monorepo, skip reviewing the file rust/main/config/mainnet_config.json in future code reviews as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:45:52.227Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:34-35
Timestamp: 2025-08-26T13:45:52.227Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json configuration files in typescript/infra/config/ and rust/main/config/ directories as requested by paulbalaji to reduce review noise.

Applied to files:

• .github/workflows/solidity-fork-tests.yml
• solidity/.env.default
• solidity/foundry.toml

📚 Learning: 2025-08-26T13:45:29.848Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: typescript/infra/config/environments/testnet4/ism/verification.json:3835-3939
Timestamp: 2025-08-26T13:45:29.848Z
Learning: Skip reviewing verification.json files in typescript/infra/config/environments/testnet4/ism/verification.json and similar verification.json files as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml

📚 Learning: 2025-08-26T13:45:44.656Z

Learnt from: paulbalaji
Repo: hyperlane-xyz/hyperlane-monorepo PR: 6943
File: rust/main/config/testnet_config.json:3380-3439
Timestamp: 2025-08-26T13:45:44.656Z
Learning: Skip reviewing mainnet_config.json and testnet_config.json files in rust/main/config/ directory as requested by paulbalaji.

Applied to files:

• .github/workflows/solidity-fork-tests.yml
• solidity/foundry.toml

🪛 actionlint (1.7.9)

.github/workflows/solidity-fork-tests.yml

28-28: label "depot-ubuntu-latest" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-slim", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

51-51: missing input "ref" which is required by action "Yarn Build with Cache" defined at "./.github/actions/yarn-build-with-cache". all required inputs are "ref"

(action)

🪛 dotenv-linter (4.0.0)

solidity/.env.default

[warning] 3-3: [SubstitutionKey] The RPC_URL_MAINNET key is not assigned properly

(SubstitutionKey)

---

[warning] 4-4: [SubstitutionKey] The RPC_URL_OPTIMISM key is not assigned properly

(SubstitutionKey)

---

[warning] 5-5: [SubstitutionKey] The RPC_URL_POLYGON key is not assigned properly

(SubstitutionKey)

---

[warning] 6-6: [SubstitutionKey] The RPC_URL_ARBITRUM key is not assigned properly

(SubstitutionKey)

---

[warning] 6-6: [UnorderedKey] The RPC_URL_ARBITRUM key should go before the RPC_URL_MAINNET key

(UnorderedKey)

---

[warning] 7-7: [SubstitutionKey] The RPC_URL_BASE key is not assigned properly

(SubstitutionKey)

---

[warning] 7-7: [UnorderedKey] The RPC_URL_BASE key should go before the RPC_URL_MAINNET key

(UnorderedKey)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (69)

• GitHub Check: cli-evm-e2e-matrix (warp-check-5)
• GitHub Check: cli-evm-e2e-matrix (warp-send)
• GitHub Check: cli-evm-e2e-matrix (warp-rebalancer)
• GitHub Check: cli-evm-e2e-matrix (warp-read)
• GitHub Check: cli-evm-e2e-matrix (warp-check-4)
• GitHub Check: cli-evm-e2e-matrix (warp-check-1)
• GitHub Check: cli-evm-e2e-matrix (warp-init)
• GitHub Check: cli-evm-e2e-matrix (warp-check-2)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-recovery)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-1)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-ism-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-deploy-2)
• GitHub Check: cli-evm-e2e-matrix (warp-check-3)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-simple-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-2)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-submitters)
• GitHub Check: cli-evm-e2e-matrix (core-deploy)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-basic)
• GitHub Check: cli-evm-e2e-matrix (warp-extend-config)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-rebalancing-config)
• GitHub Check: cli-evm-e2e-matrix (warp-bridge-1)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-hook-updates)
• GitHub Check: cli-evm-e2e-matrix (warp-apply-ownership-updates)
• GitHub Check: cli-evm-e2e-matrix (core-check)
• GitHub Check: cli-evm-e2e-matrix (core-apply)
• GitHub Check: cli-evm-e2e-matrix (core-read)
• GitHub Check: cli-evm-e2e-matrix (core-init)
• GitHub Check: cli-evm-e2e-matrix (relay)
• GitHub Check: aleo-sdk-e2e-run
• GitHub Check: cli-cosmos-e2e-matrix (core-read)
• GitHub Check: cli-cosmos-e2e-matrix (core-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (warp-read)
• GitHub Check: cli-cosmos-e2e-matrix (warp-deploy)
• GitHub Check: cli-cosmos-e2e-matrix (core-apply)
• GitHub Check: cli-cosmos-e2e-matrix (core-check)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-route-extension)
• GitHub Check: env-test-matrix (testnet4, sepolia, core)
• GitHub Check: cli-radix-e2e-matrix (warp-apply-ownership-updates)
• GitHub Check: cli-radix-e2e-matrix (core-deploy)
• GitHub Check: cli-radix-e2e-matrix (warp-deploy)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, igp)
• GitHub Check: env-test-matrix (mainnet3, optimism, core)
• GitHub Check: env-test-matrix (mainnet3, ethereum, igp)
• GitHub Check: env-test-matrix (mainnet3, arbitrum, core)
• GitHub Check: env-test-matrix (mainnet3, ethereum, core)
• GitHub Check: cli-cross-chain-e2e-matrix (warp-apply)
• GitHub Check: cli-cross-chain-e2e-matrix (warp-deploy)
• GitHub Check: cosmos-sdk-e2e-run
• GitHub Check: cli-install-test-run
• GitHub Check: yarn-test-run
• GitHub Check: coverage-run
• GitHub Check: infra-test
• GitHub Check: build-and-push-to-gcr
• GitHub Check: diff-check
• GitHub Check: e2e-matrix (radix)
• GitHub Check: e2e-matrix (cosmosnative)
• GitHub Check: e2e-matrix (starknet)
• GitHub Check: e2e-matrix (sealevel)
• GitHub Check: e2e-matrix (cosmwasm)
• GitHub Check: e2e-matrix (evm)
• GitHub Check: agent-configs (mainnet3)
• GitHub Check: agent-configs (testnet4)
• GitHub Check: lint-prettier
• GitHub Check: lint-rs
• GitHub Check: diff-check
• GitHub Check: test-rs
• GitHub Check: lander-coverage
• GitHub Check: fork-tests
• GitHub Check: slither

🔇 Additional comments (3)

solidity/test/token/TokenBridgeCctp.t.sol (1)

1230-1244: Proxy artifact path now matches pinned OZ dependency

Pointing deployCodeTo at dependencies/@openzeppelin-contracts-4.9.3/.../TransparentUpgradeableProxy.sol:TransparentUpgradeableProxy lines up with the declared Foundry dependency instead of a node_modules path, which keeps the fork test more reproducible across environments. Looks good as-is.

solidity/.gitignore (1)

9-10: Allowlisting .env.default while keeping real envs ignored

The *.env + !.env.default combo does what you want here: default RPC config is tracked, but developer- or CI-specific .env files stay untracked.

solidity/foundry.toml (1)

21-26: RPC endpoints wired cleanly through environment variables

Switching the [rpc_endpoints] to ${RPC_URL_*} keeps the Foundry config environment-driven and lines up with .env.default and the fork-test workflow’s secret wiring, without changing test semantics.