[WIP] Update security upgrade of solana-agent-kit to 2.0.1

[Copilot]

• Update all example package.json files to use solana-agent-kit version ^2.0.1
  • market-making-agent (already on 2.0.1)
  • orbofi-personality-engine (updated from 1.3.0)
  • agent-kit-mcp-server (updated from 1.4.8)
  • discord-bot-starter (updated from 1.3.4)
  • agent-kit-langgraph (updated from 1.3.0)
  • agent-kit-nextjs-langchain (updated from 1.3.0)
  • tg-bot-starter/advanced-tg-bot (updated from 1.3.0)
  • tg-bot-starter/basic-tg-bot (updated from 1.3.0)
  • tg-bot-starter/group-tg-bot (updated from 1.3.0)
  • persistent-agent (updated from 1.3.0)
• Run code review
• Run security checks

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	tsx@​4.19.2
	ts-node@​10.9.2
	react@​19.0.0 ⏵ 19.2.3
	typescript@​5.6.3
	@​langchain/​community@​0.3.20

View full report

[Copilot]

Pull request overview

Updates the example projects to use solana-agent-kit ^2.0.1 as part of a security upgrade effort.

Changes:

• Bump solana-agent-kit dependency to ^2.0.1 across multiple example package.json files.
• Standardize the dependency version in examples previously on various 1.x versions.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
examples/tg-bot-starter/group-tg-bot/package.json	Bumps solana-agent-kit to ^2.0.1 for the group Telegram bot example.
examples/tg-bot-starter/basic-tg-bot/package.json	Bumps solana-agent-kit to ^2.0.1 for the basic Telegram bot example.
examples/tg-bot-starter/advanced-tg-bot/package.json	Bumps solana-agent-kit to ^2.0.1 for the advanced Telegram bot example.
examples/persistent-agent/package.json	Bumps solana-agent-kit to ^2.0.1 for the persistent agent example.
examples/orbofi-personality-engine/package.json	Bumps solana-agent-kit to ^2.0.1 for the Orbofi personality engine example.
examples/discord-bot-starter/package.json	Bumps solana-agent-kit to ^2.0.1 for the Discord bot starter example.
examples/agent-kit-nextjs-langchain/package.json	Bumps solana-agent-kit to ^2.0.1 for the Next.js + LangChain example.
examples/agent-kit-mcp-server/package.json	Bumps solana-agent-kit to ^2.0.1 for the MCP server example.
examples/agent-kit-langgraph/package.json	Bumps solana-agent-kit to ^2.0.1 for the LangGraph example.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This dependency was bumped in package.json, but the corresponding pnpm-lock.yaml in this example still pins solana-agent-kit to 1.3.0. Please update the lockfile (e.g., run pnpm install in this example) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "^1.3.0"

[Copilot]

This dependency was bumped in package.json, but the corresponding pnpm-lock.yaml in this example still pins solana-agent-kit to 1.3.0. Please update the lockfile (e.g., run pnpm install in this example) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "1.3.0"

[Copilot]

This dependency was bumped in package.json, but the corresponding pnpm-lock.yaml in this example still pins solana-agent-kit to 1.3.0. Please update the lockfile (run pnpm install here) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "^1.3.0"

[Copilot]

This dependency was bumped in package.json, but examples/discord-bot-starter/pnpm-lock.yaml still pins solana-agent-kit to 1.3.4. Please update the lockfile (pnpm install) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "^1.3.4"

[Copilot]

This dependency was bumped in package.json, but examples/agent-kit-nextjs-langchain/pnpm-lock.yaml still pins solana-agent-kit to 1.3.0. Please update the lockfile (pnpm install) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1",
	"solana-agent-kit": "1.3.0",

[Copilot]

This dependency was bumped in package.json, but examples/agent-kit-mcp-server/pnpm-lock.yaml still pins solana-agent-kit to 1.4.8. Please update the lockfile (pnpm install) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1",
	"solana-agent-kit": "1.4.8",

[Copilot]

This dependency was bumped in package.json, but the corresponding pnpm-lock.yaml in this example still pins solana-agent-kit to 1.3.0. Please update the lockfile (e.g., run pnpm install in this example) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "^1.3.0"

[Copilot]

package.json was updated to solana-agent-kit ^2.0.1, but this example’s package-lock.json still references solana-agent-kit ^1.3.0 / 1.x (and will keep npm installs on the old version). Please regenerate/update package-lock.json so npm installs resolve to 2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1"
	"solana-agent-kit": "^1.3.0"

[Copilot]

This dependency was bumped in package.json, but examples/agent-kit-langgraph/pnpm-lock.yaml still pins solana-agent-kit to 1.3.0. Please update the lockfile (pnpm install) so installs/CI actually use solana-agent-kit ^2.0.1.

Suggested change

	"solana-agent-kit": "^2.0.1",
	"solana-agent-kit": "^1.3.0",