feat(deps): support initia v1.4.5

[Vritra4]

Summary by CodeRabbit

• New Features

  • Added support for legacy Move messages (whitelist & delist) and end-to-end encoding/decoding.
  • Transaction creation now accepts protobuf extension options (including a queued-tx helper) and preserves them through simulate/estimate flows.
  • New REST API: total unbonding balance for a delegator.

• Tests

  • Added tests covering new messages, tx extension option round-trips, and the new REST API.

• Chores

  • Bumped dependencies: @initia/initia.proto → ^1.0.6, axios → 1.15.2.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 264e9853-08db-46a0-8976-18cd219ffe18

📥 Commits

Reviewing files that changed from the base of the PR and between a2edbd0 and dec2004.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (11)

• package.json
• src/client/rest/api/MstakingAPI.spec.ts
• src/client/rest/api/MstakingAPI.ts
• src/client/rest/api/TxAPI.spec.ts
• src/client/rest/api/TxAPI.ts
• src/core/move/msgs/MsgDelist.spec.ts
• src/core/move/msgs/MsgWhitelist.spec.ts
• src/core/tx/ExtensionOptionQueuedTx.ts
• src/core/tx/Tx.ts
• src/core/tx/TxBody.spec.ts
• src/core/tx/index.ts

✅ Files skipped from review due to trivial changes (1)

• src/core/tx/index.ts

---

Walkthrough

Adds legacy Move message decoding tests for MsgWhitelist/MsgDelist, extends TxBody/Tx to carry protobuf extension options end-to-end (Amino/Data/Proto), introduces ExtensionOptionQueuedTx.packAny, updates TxAPI to accept extension options, adds related REST API method/tests, and bumps two dependencies.

Changes

Feature and API additions

Layer / File(s)	Summary
Dependency bump package.json	Bumped @initia/initia.proto and axios versions.
Legacy Move message tests src/core/move/msgs/*.spec.ts	Adds Vitest suites covering MsgWhitelist and MsgDelist decoding/encoding across Amino, Data, and Proto.
Tx extension options and queued extension helper src/core/tx/ExtensionOptionQueuedTx.ts, src/core/tx/Tx.ts, src/core/tx/TxBody.spec.ts, src/core/tx/index.ts	Introduces ExtensionOptionQueuedTx.packAny(), adds Any-to-Data conversion helpers, extends TxBody constructor/types to carry extension_options/non_critical_extension_options, wires proto/Amino/Data round-trips, and adds tests verifying extension option byte-for-byte preservation and timeout_height defaults.
REST API methods and TxAPI wiring + tests src/client/rest/api/MstakingAPI.ts, src/client/rest/api/MstakingAPI.spec.ts, src/client/rest/api/TxAPI.ts, src/client/rest/api/TxAPI.spec.ts	Adds MstakingAPI.totalUnbondingBalance; updates CreateTxOptions to accept extensionOptions and nonCriticalExtensionOptions, and threads these through create, estimateFee, and simulate. Tests verify extension option preservation and REST behavior.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰 Hoppity-hop, I patch and play,
Old Move messages find their way,
Tx bodies hold their options tight,
REST endpoints answer, tests take flight,
A little bump — the tree grows right. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(deps): support initia v1.4.5' directly and clearly summarizes the main objective of the PR—adding support for a new version of initia with dependency updates.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/support-initia-1_4_5

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@initia/initia.proto	1.0.6	Unknown	Unknown
npm/@microsoft/api-extractor	7.58.2	🟢 4.2	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2
npm/@microsoft/api-extractor-model	7.33.6	🟢 4.2	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2
npm/@rushstack/node-core-library	5.22.0	🟢 4.2	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2
npm/@rushstack/terminal	0.22.5	🟢 4.2	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2
npm/@rushstack/ts-command-line	5.3.5	🟢 4.2	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2
npm/axios	1.15.2	🟢 7.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 11/25 approved changesets -- score normalized to 4 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Packaging 🟢 10 packaging workflow detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
npm/brace-expansion	5.0.6	🟢 7.2	Details Check Score Reason Code-Review 🟢 3 Found 9/23 approved changesets -- score normalized to 3 Maintained 🟢 10 17 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/fast-uri	3.1.2	Unknown	Unknown
npm/follow-redirects	1.16.0	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 0 Found 1/24 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/lodash	4.18.1	🟢 7.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 9 25 out of 26 merged PRs checked by a CI test -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Contributors 🟢 10 project has 89 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 13 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities ⚠️ 0 96 existing vulnerabilities detected
npm/nanoid	3.3.12	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 1 Found 4/29 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6
npm/postcss	8.5.15	🟢 5.5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 0 Found 2/27 approved changesets -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/vite	6.4.2	🟢 7	Details Check Score Reason Code-Review 🟢 7 Found 19/26 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 5 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 5 binaries present in source code Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7
npm/ws	8.21.0	🟢 5.5	Details Check Score Reason Code-Review ⚠️ 0 Found 2/29 approved changesets -- score normalized to 0 Maintained 🟢 10 11 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• package-lock.json

[Vritra4]

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

🤖 Generated with Claude Code