chore(deps): bump x402-types from 1.3.0 to 1.4.2

[dependabot]

Bumps x402-types from 1.3.0 to 1.4.2.

Changelog

Sourced from x402-types's changelog.

[1.4.2] - 2026-02-27

Added

• x402-chain-eip155: Enabled the traceparent feature on alloy-transport-http, so outgoing EVM RPC calls now propagate W3C traceparent headers for distributed tracing.

Changed

• facilitator: Refactored telemetry layer initialization — Telemetry::register() now returns the providers handle directly, and http_tracing() is called on it in a separate #[cfg(feature = "telemetry")] statement, making the initialization sequence clearer and easier to extend.

[1.4.1] - 2026-02-25

Changed

• x402-types: LiteralOrEnv<T> now stores the original environment variable name alongside the resolved value, so Display reconstructs the $VAR_NAME syntax instead of rendering the resolved value. This prevents sensitive values from being exposed in logs or serialized output and enables config round-tripping.

[1.4.0] - 2026-02-25

Added

• x402-types: Implemented Display for LiteralOrEnv<T>, allowing env-var-wrapped config values to be formatted directly.

Changed

• x402-chain-eip155: RpcConfig::http field type changed from Url to LiteralOrEnv<Url>, enabling the RPC endpoint URL to be supplied via an environment variable reference in config files.
• x402-chain-solana: SolanaChainConfigInner::rpc and pubsub fields changed from Url / Option<Url> to LiteralOrEnv<Url> / Option<LiteralOrEnv<Url>>, enabling RPC and pubsub endpoint URLs to be supplied via environment variable references in config files.
• x402-chain-solana: SolanaChainConfig::pubsub() return type changed from &Option<Url> to Option<&Url> for a more idiomatic API.

[1.1.0] - 2026-02-05

Fixed

• Fixed a "value" serde bug that caused incorrect deserialization of payment values.

[1.0.0] - 2025-02-02

Changed

• BREAKING: Refactored from a single monolithic crate into a modular workspace architecture. The x402-rs crate is no longer published as a single package.
• BREAKING: Import paths have changed from x402_rs::* to x402_types::* and specific chain crates.

Added

• New x402-types crate: Core protocol types, facilitator traits, and utilities.
• New x402-chain-eip155 crate: EVM/EIP-155 chain support (Ethereum, Base, Polygon, etc.) with feature flags for client, server, and facilitator.
• New x402-chain-solana crate: Solana blockchain support with feature flags for client, server, and facilitator.
• New x402-chain-aptos crate: Aptos blockchain support with feature flags for client, server, and facilitator.
• New x402-facilitator-local crate: Local facilitator implementation for payment verification and settlement.
• New facilitator binary crate: Production-ready facilitator server (not published to crates.io).
• New documentation: docs/build-your-own-facilitator.md guide.

... (truncated)

Commits

• ef5d48c chore: bump crate versions to 1.4.2 and update changelog
• 38f071f feat(x402-chain-eip155): enable traceparent feature for alloy-transport-http
• 26dadfe refactor(telemetry): proper telemetry layer initialization
• eb44a4d feat: preserve env var name in LiteralOrEnv for round-trip display
• 5d36b03 feat: preserve env var name in LiteralOrEnv for round-trip display
• b37c129 feat: support env var references for RPC endpoint URLs
• 5051abc chore: bump crate versions to 1.3.1 across the project
• b5ab930 fix: make description and mime_type in ResourceInfo optional as per spe...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #1336.