chore(deps): bump the minor-updates group with 3 updates

[dependabot]

Bumps the minor-updates group with 3 updates: @jsverse/transloco, cordova-plugin-purchase and ethers.

Updates @jsverse/transloco from 8.3.0 to 8.4.0

Release notes

Sourced from @​jsverse/transloco's releases.

8.4.0 (2026-06-13)

🚀 Features

• transloco: transpile function arguments in FunctionalTranspiler

🩹 Fixes

• translateSignal utility missing injector for toSignal
• transloco-scoped-libs: multi-scope i18n with join strategy

❤️ Thank You

• Dafnik
• f-aubert
• Ilshat Khamitov

Changelog

Sourced from @​jsverse/transloco's changelog.

8.4.0 (2026-06-13)

🚀 Features

• transloco: transpile function arguments in FunctionalTranspiler

🩹 Fixes

• translateSignal utility missing injector for toSignal
• transloco-scoped-libs: multi-scope i18n with join strategy

❤️ Thank You

• Dafnik
• f-aubert
• Ilshat Khamitov

Commits

• 029ea69 chore(release): publish 8.4.0
• b2b52b3 chore(release): publish 8.4.0
• 21266fc ci(release): default to dry-run, run publish --dry-run, drop redundant checko...
• d20482c ci(release): surface resolved version in dry-run summary (#929)
• 9073041 ci(release): add automated release workflow with nx release (#924)
• 77c3ee7 fix: translateSignal utility missing injector for toSignal (#926)
• 82ae7bb fix(transloco-scoped-libs): multi-scope i18n with join strategy (#923)
• da35543 feat(transloco): transpile function arguments in FunctionalTranspiler (#829) ...
• c6ceb6b refactor(transloco): tree-shake errors (#823)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​jsverse/transloco since your current version.

Updates cordova-plugin-purchase from 13.16.1 to 13.17.2

Release notes

Sourced from cordova-plugin-purchase's releases.

v13.17.2

Android: Prevent crashes when the Google Play BillingClient disconnects mid-flow (#1710)

The purchase flow could crash with a null PendingIntent (or an NPE on mBillingClient) when the billing service disconnected between the connection-state check and the actual operation — the mIsServiceConnected flag reported "ready" while the underlying BillingClient was not.

Two corrections in PurchasePlugin:

• executeServiceRequest() now checks mBillingClient.isReady() in addition to the flag. When the two are out of sync it resets the flag and forces a reconnect, instead of proceeding against a dead client.
• initiatePurchaseFlow() re-validates inside the UI-thread lambda. It re-checks activity validity (isFinishing/isDestroyed) and BillingClient readiness at launch time, since conditions can change during the reconnection delay.

A follow-up (#1711) adds mBillingClient != null guards at both call sites — defensive, since mBillingClient is initialised in onCreate and never nulled in practice.

Companion plugin compatibility

StoreKit 2 Plugin, Braintree Plugin and Apple Pay Plugin are unaffected — the changes are Android / Google Play only, no version bump required.

npm packages

• Cordova: cordova-plugin-purchase@13.17.2
• Capacitor: capacitor-plugin-cdv-purchase@13.17.2

---

Full changelog: see RELEASE_NOTES.md.

Changelog

Sourced from cordova-plugin-purchase's changelog.

13.17.2

(android) Prevent crashes when the Google Play BillingClient disconnects mid-flow

The purchase flow could crash with a null PendingIntent (or an NPE on mBillingClient) when the billing service disconnected between the connection-state check and the actual operation — the mIsServiceConnected flag reported "ready" while the underlying BillingClient was not (#1710). Two corrections in PurchasePlugin:

• executeServiceRequest() now checks mBillingClient.isReady() in addition to the flag. When the two are out of sync it resets the flag and forces a reconnect, instead of proceeding against a dead client.
• initiatePurchaseFlow() re-validates inside the UI-thread lambda. It re-checks activity validity (isFinishing/isDestroyed) and BillingClient readiness at launch time, since conditions can change during the reconnection delay.

A follow-up (#1711) adds mBillingClient != null guards at both call sites — defensive, since mBillingClient is initialised in onCreate and never nulled in practice.

Companion plugin compatibility

StoreKit 2 Plugin, Braintree Plugin and Apple Pay Plugin are unaffected — the changes are Android / Google Play only, no version bump required.

13.17.1

(fix) Device info from @capacitor/device now sent to receipt validator

When cordova-plugin-device is not installed — typical in Capacitor apps — the plugin previously sent no device information to the receipt validator. It now falls back to @capacitor/device via window.Capacitor.Plugins.Device, so the validator receives device info regardless of which device plugin is available (#1708).

(fix) Fraud fingerprint manufacturer field was overwritten instead of appended

The fraud fingerprint construction used = instead of += when adding the device manufacturer, so only the manufacturer was stored — discarding the model and other preceding fields. The fingerprint now correctly combines model and manufacturer as intended.

13.17.0

(android) Google Play Billing Library 9

The Android plugins (Cordova and Capacitor) now build against Google Play Billing Library 9.0.0 (up from 8.3.0). A new androidx.core:core:1.9.0 dependency is pulled in, required by GPBL v9's blocked-store detection.

(android) New error code: ErrorCode.STORE_BLOCKED

On some devices the Play Store is blocked from making purchases — OEM "kids mode" launchers, parental controls, or enterprise device policies. GPBL v9 reports this condition as BILLING_UNAVAILABLE with a "Play Store is blocked" debug message; the plugin now detects it and surfaces a dedicated error code, ErrorCode.STORE_BLOCKED (6777033):

• During initialization — the adapter reports STORE_BLOCKED and stops, instead of entering the endless SETUP-error retry loop. The condition won't clear on its own, so retrying was just noise.
• During order() — the purchase fails immediately with STORE_BLOCKED.

Listen for it with the global error handler to show an appropriate message to the user:

store.error(err => {
  if (err.code === CdvPurchase.ErrorCode.STORE_BLOCKED) {
    // Purchases are blocked on this device (kids mode, parental
    // controls or enterprise policy) — hide or disable the shop.
  }
});

Companion plugin compatibility

... (truncated)

Commits

• a0ed473 release: 13.17.2
• 617f43f Smoke gate: build Capacitor 7+/8 (SPM), make iOS product validity hard
• 82ac23f Smoke gate: handle cordova-ios 7.x/8.x layouts; stage iOS hard validity
• e7e2018 ci(release): fix sim_udid unbound-var on cold iOS sim boot (FOV-468)
• eddd36e ci(release): address review on smoke-test.sh (FOV-468)
• 876ecd4 ci(release): add automated pre-release smoke test (FOV-468)
• 66006e9 docs(release): add integration testing phase between build and publish
• 10169a4 fix(android): add null guard for mBillingClient in billing flow checks
• 84fab15 docs: add RELEASE_PROCESS.md release guide for cordova + capacitor
• 828175d docs: update device info documentation for Capacitor apps
• Additional commits viewable in compare view

Updates ethers from 6.16.0 to 6.17.0

Release notes

Sourced from ethers's releases.

ethers/v6.17.0 (2026-06-18 00:49)

• Add requestRate throttle to calls (b48bfe3).
• Added provider requestRate throttle support (b74b6d3).
• Disable AlchemyProvider which does not provide the necessary API capacity for tests (1523ca8).
• Map ResolverNotFound error to null for reverse lookup (d07cfb6).
• Use bigint for coinType instead of number values (4f6ec03).
• Updated AlchemyProvider endpoints for BNB (9bec2f9).
• Added basic ENSv2 tests and fixed issues with EVM cointypes (0e9a73d).
• Adding ENSv2 integrations from adraffy (a2d0af4).
• Update Blockscout deffault API key and links (5647ae3).
• Added transactionsRoot to Block (#5077, #5078; 5bd2ce9).
• Preserve 301/302 method and support 307/308 (#3106, #5115; 999af5f).
• Fix maxFeePerGas property for EtherscanProvider transactions (#5080; ca45d23).
• Added rich inspection for Network and Plugins (f2ffb86).
• Tweaking API for Universal Resolver to be completely backward compatible (9a5c4b5).
• Updated ENS Universal Resolver to latest API (0b3b12b).
• Added CCIP to ENS Universal Resolver reverse resolution (982eef2).
• Added reverse lookup for ENS UniversalResolver (9a9a11d).
• Initial forward resolution using ENS UniversalResolver (51df7b9).

Changelog

Sourced from ethers's changelog.

ethers/v6.17.0 (2026-06-17 23:50)

• Add requestRate throttle to calls (b48bfe3).
• Added provider requestRate throttle support (b74b6d3).
• Disable AlchemyProvider which does not provide the necessary API capacity for tests (1523ca8).
• Map ResolverNotFound error to null for reverse lookup (d07cfb6).
• Use bigint for coinType instead of number values (4f6ec03).
• Updated AlchemyProvider endpoints for BNB (9bec2f9).
• Added basic ENSv2 tests and fixed issues with EVM cointypes (0e9a73d).
• Adding ENSv2 integrations from adraffy (a2d0af4).
• Update Blockscout deffault API key and links (5647ae3).
• Added transactionsRoot to Block (#5077, #5078; 5bd2ce9).
• Preserve 301/302 method and support 307/308 (#3106, #5115; 999af5f).
• Fix maxFeePerGas property for EtherscanProvider transactions (#5080; ca45d23).
• Added rich inspection for Network and Plugins (f2ffb86).
• Tweaking API for Universal Resolver to be completely backward compatible (9a5c4b5).
• Updated ENS Universal Resolver to latest API (0b3b12b).
• Added CCIP to ENS Universal Resolver reverse resolution (982eef2).
• Added reverse lookup for ENS UniversalResolver (9a9a11d).
• Initial forward resolution using ENS UniversalResolver (51df7b9).

Commits

• 3ea4c22 admin: updated dist files
• 2d35b6a docs: fix property access order for Flatworm
• b48bfe3 Add requestRate throttle to calls.
• 39f5ce1 tests: add INFURA_APIKEY for docs and workflows
• 96bd29c tests: added provider throttling to test suites
• b74b6d3 Added provider requestRate throttle support.
• 1523ca8 Disable AlchemyProvider which does not provide the necessary API capacity for...
• d07cfb6 Map ResolverNotFound error to null for reverse lookup.
• c32c542 docs: fix typo in config for INFURA API key
• 7c6b840 admin: include INFURA_APIKEY in docs generation to resolve throttling
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions