feat: wagmi v3 compatibility

[DanielSinclair]

Summary

• Migrates RainbowKit, RainbowKit examples, docs, and create-rainbowkit templates to wagmi v3.
• Updates wagmi-related dependency metadata directly to wagmi 3.6.9, viem 2.48.8, and @tanstack/react-query 5.100.9; @rainbow-me/rainbowkit-siwe-next-auth now peers on RainbowKit 3.x directly.
• Updates RainbowKit internals for wagmi v3 connection behavior, connector UID handling, modal close behavior, transaction tracking, and sign-in compatibility.
• Adds shared Next.js wagmi aliasing so the docs site, example app, Next examples, and generated templates do not load duplicate wagmi contexts during local package builds.
• Updates generated create-rainbowkit output, framework examples, docs navigation, migration docs, sitemap, and the release changeset.

Breaking changes

• This PR is release-facing for the RainbowKit wagmi v3 migration. Apps should use wagmi v3 directly; peer ranges are not mixed across wagmi v2 and v3.
• Consumers of @rainbow-me/rainbowkit-siwe-next-auth should pair it with RainbowKit 3.x.

Review structure

• chore: align wagmi v3 dependency metadata
• fix: migrate RainbowKit internals to wagmi v3
• fix: dedupe wagmi in Next builds
• example: update wagmi v3 examples and templates
• docs: document RainbowKit wagmi v3 migration

Validation

• git diff --check d9bf82e6d..HEAD
• pnpm build
• pnpm lint
• pnpm test
• CI=true pnpm test:cli

Notes: local build/lint output still includes existing third-party or warning-level noise from WalletConnect/ox, Next page-data size, and Biome warnings, but all commands above exited successfully.

[changeset-bot]

🦋 Changeset detected

Latest commit: 2dffd25

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 20 packages

Name	Type
@rainbow-me/rainbowkit	Major
@rainbow-me/rainbow-button	Minor
@rainbow-me/rainbowkit-siwe-next-auth	Minor
@rainbow-me/create-rainbowkit	Patch
site	Patch
example	Patch
rainbowkit-next-app	Patch
with-create-react-app	Patch
with-next-app-i18n	Patch
with-next-app	Patch
with-next-custom-button	Patch
with-next-mint-nft	Patch
with-next-siwe-iron-session	Patch
with-next-siwe-next-auth	Patch
with-next-wallet-button	Patch
with-next	Patch
with-react-router	Patch
with-remix	Patch
with-vite	Patch
with-next-rainbow-button	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
rainbowkit-example	Ready	Preview, Comment	May 12, 2026 8:59am
rainbowkit-site	Ready	Preview, Comment	May 12, 2026 8:59am

[DanielSinclair]

• feat: wagmi v3 compatibility #2591 👈 (View in Graphite)
• fix: ssr for example dapp debugging routes #2592
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​metamask/​connect-evm@​1.0.0
	npm/​wagmi@​2.19.3 ⏵ 3.6.9	-19		+2	+1
	npm/​accounts@​0.8.10
	npm/​@​tanstack/​react-query@​5.59.0 ⏵ 5.100.9
	npm/​@​base-org/​account@​2.4.0 ⏵ 2.5.5			+1

View full report

[fassko]

Would be nice to move this forward, thanks.

[phelix001]

Yes, this needs to happen.

[phelix001]

Fixes for wagmi v3 SSG Build Errors

I've fixed the CI build failures caused by WagmiProviderNotFoundError during Next.js Static Site Generation. The fixes are available in my fork: https://github.com/phelix001/rainbowkit/tree/daniel/wagmi-v3

Root Cause

wagmi v3 requires all hooks (like useAccount, useConnect, useConfig) to be used within WagmiProvider context. During SSG, pages are pre-rendered without providers mounted, causing the build to fail.

Changes Made

1. All Next.js examples with Pages Router:

• Added 404.tsx and 500.tsx error pages that don't use wagmi providers
• Updated _app.tsx to check router.pathname and exclude error pages from providers
• Added getServerSideProps to opt out of SSG for pages using wagmi hooks

2. Next.js App Router examples:

• Added export const dynamic = 'force-dynamic' to layout.tsx
• Created not-found.tsx files without wagmi providers
• Removed generateStaticParams from i18n example

3. Documentation site (site/):

• Changed @rainbow-me/rainbowkit imports to use next/dynamic with ssr: false
• Removed direct wagmi hook usage from layout components (DocsLayout, GuidesLayout)
• Added dynamic imports for Header, Playground, and WalletButton components

4. create-rainbowkit templates:

• Applied same fixes to both templates/next-app and generated-test-app

Verification

• Full build passes: pnpm build ✅
• All tests pass: pnpm test ✅
• Lint passes: pnpm lint ✅

Feel free to cherry-pick these changes or pull from my fork!

[phelix001]

@DanielSinclair

[ndueber]

Our team is trying to progress with the wagmi update but our use of rainbowkit is preventing this update. Please advise when you expect this PR to land. Or if you think we should look for other options.

[phelix001]

@DanielSinclair

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm apg-js is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → npm/@metamask/connect-evm@1.0.0 → npm/apg-js@4.4.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/apg-js@4.4.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm mppx is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → npm/wagmi@3.6.9 → npm/accounts@0.8.10 → npm/mppx@0.6.5 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/mppx@0.6.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm mppx is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → npm/wagmi@3.6.9 → npm/accounts@0.8.10 → npm/mppx@0.6.5 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/mppx@0.6.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[cursor]

Cursor Bugbot has reviewed your changes using default mode and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit 11e648b. Configure here.}

[cursor]

Dead useAccountEffect mock leftover from wagmi v2

Low Severity

The test mock still declares and resets useAccountEffect (the wagmi v2 hook) even though all production code now uses useConnectionEffect. The mock exports useAccountEffect from the fake wagmi module and resets it in beforeEach, but nothing under test imports or calls it. This dead mock adds confusion about which hooks are actually in use.

Additional Locations (1)

• packages/rainbowkit/src/components/SignIn/SignIn.test.tsx#L68-L69

 

^{Reviewed by Cursor Bugbot for commit 11e648b. Configure here.}

[cursor]

Redundant duplicate useConnection() hook calls

Low Severity

useConnection() is called twice in succession to destructure address and chainId separately. These could be combined into a single call like const { address, chainId } = useConnection(), eliminating the redundant hook invocation. While both calls return the same data, this pattern is confusing and creates unnecessary overhead.

 

^{Reviewed by Cursor Bugbot for commit 11e648b. Configure here.}

[akshatmittal]

Let's get this to the finish line, it's time. I can't wait to move off of my fork.

[encryptedDegen]

Seems like this could be finally ready to ship. What's the status @DanielSinclair ?

[Kampe]

🥺

[derekbar90]

please bring this back to life

[toniocodo]

Is there a way to help this move forward ? Thank you @DanielSinclair

[t0rbik]

Would be nice to see it merged