chore(deps)(deps): bump @rainbow-me/rainbowkit from 2.2.10 to 2.2.11

[dependabot]

Bumps @rainbow-me/rainbowkit from 2.2.10 to 2.2.11.

Release notes

Sourced from @​rainbow-me/rainbowkit's releases.

@​rainbow-me/rainbowkit@​2.2.11

Patch Changes

• a40b1f4: Migrate the Base connector to canonical base naming, while preserving backwards-compatible aliases baseAccount and coinbaseWallet.

• 3672dc6: Added Anchorage Digital wallet support with the anchorageDigitalWallet wallet connector.

• 1043d88: Added MeCo Wallet support with mecoWallet wallet connector.

• f52657f: Exposed RainbowKitProviderProps and WalletButtonRendererProps as public type exports to support Custom Wallet Button scenarios.

• 4f2de17: Fixed a crash that could occur when selecting a wallet while multiple browser wallet extensions were installed and the specific injected wallet was missing. Wallet-specific injected connectors now bind only to their matching provider instead of falling back to available defaults.

• bc4625c: Fix recent transaction tracking so failed transactions no longer prevent an app's own transaction receipt wait from settling.

• 25c4c2b: Improved SSR safety to prevent WalletConnect initialization warnings and mitigate localStorage API availability changes in Node.js v25 and above.

• f52657f: Fixed useWindowSize triggering a state update after unmount, which could surface as a React warning.

• eb4251d: The AuthenticationAdapter.createMessage API can now return a promise, so dApps can fetch or construct a custom SIWE message asynchronously. This enables server-side SIWE message creation before prompting the wallet, while preserving existing synchronous behavior.

  See the server-side message creation docs for guidance.

• b0f6d52: fix: harden useCoolMode against malicious wallet icon URLs

  The cool mode particle animation built image elements via innerHTML, which parses its input as HTML. A malicious EIP-6963 wallet could supply a crafted icon URL containing injected attributes (e.g. onerror) that would execute in the dApp's origin when a user interacts with the wallet button.

  Switched to document.createElement('img') with property assignment so the icon value is always treated as a plain URL rather than markup.

• f2523a9: Updated MetaMask wallet icon

Changelog

Sourced from @​rainbow-me/rainbowkit's changelog.

2.2.11

Patch Changes

• a40b1f4: Migrate the Base connector to canonical base naming, while preserving backwards-compatible aliases baseAccount and coinbaseWallet.

• 3672dc6: Added Anchorage Digital wallet support with the anchorageDigitalWallet wallet connector.

• 1043d88: Added MeCo Wallet support with mecoWallet wallet connector.

• f52657f: Exposed RainbowKitProviderProps and WalletButtonRendererProps as public type exports to support Custom Wallet Button scenarios.

• 4f2de17: Fixed a crash that could occur when selecting a wallet while multiple browser wallet extensions were installed and the specific injected wallet was missing. Wallet-specific injected connectors now bind only to their matching provider instead of falling back to available defaults.

• bc4625c: Fix recent transaction tracking so failed transactions no longer prevent an app's own transaction receipt wait from settling.

• 25c4c2b: Improved SSR safety to prevent WalletConnect initialization warnings and mitigate localStorage API availability changes in Node.js v25 and above.

• f52657f: Fixed useWindowSize triggering a state update after unmount, which could surface as a React warning.

• eb4251d: The AuthenticationAdapter.createMessage API can now return a promise, so dApps can fetch or construct a custom SIWE message asynchronously. This enables server-side SIWE message creation before prompting the wallet, while preserving existing synchronous behavior.

  See the server-side message creation docs for guidance.

• b0f6d52: fix: harden useCoolMode against malicious wallet icon URLs

  The cool mode particle animation built image elements via innerHTML, which parses its input as HTML. A malicious EIP-6963 wallet could supply a crafted icon URL containing injected attributes (e.g. onerror) that would execute in the dApp's origin when a user interacts with the wallet button.

  Switched to document.createElement('img') with property assignment so the icon value is always treated as a plain URL rather than markup.

• f2523a9: Updated MetaMask wallet icon

Commits

• 03360ee chore: version packages (#2659)
• f6f00a8 chore(tooling): upgrade biome, typescript (#2669)
• e90c2dd feat: next-auth v5 (#2606)
• bc4625c fix: isolate recent transaction receipt waits (#2670)
• eb4251d feat: support async createMessage in AuthenticationAdapter (#2633)
• 5349f6a feat: internal component exports (#2589)
• a40b1f4 fix: migrate baseAccount connector to base with aliases (#2634)
• 33f2a10 fix: cuer QRCode prop type errors (#2663)
• 4f2de17 fix: avoid binding missing injected wallets (#2661)
• b473b08 fix: guard localStorage access during SSR (#2660)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)