Bump bn.js and hardhat

[dependabot]

Bumps bn.js to 5.2.3 and updates ancestor dependency hardhat. These dependencies need to be updated together.

Updates bn.js from 5.2.1 to 5.2.3

Changelog

Sourced from bn.js's changelog.

5.2.3 / 2026-02-19

• fix: imaskn state (#317)

5.2.2 / 2025-04-25

• fix: imuln/muln with zero (#313)

Commits

• ea6c072 5.2.3
• 33df26b fix imaskn state (#317)
• 6db7c38 5.2.2
• c7e1a53 Fix imuln/muln with zero (#313)
• 4cc0bfa docs: mention the max plain JS number argument value (#307)
• 5df40f8 Document length unit in toBuffer(...) input (#299)
• See full diff in compare view

Updates hardhat from 2.19.0 to 2.28.6

Release notes

Sourced from hardhat's releases.

Hardhat v2.28.6

This release is a small bug fix for an issue affecting hardhat-tracer after a hardhat_reset.

Changes

• f6d5437: Fixed an issue affecting the hardhat-tracer community plugin causing traces to stop being reported after calling hardhat_reset (#7918)

---

💡 The Nomic Foundation is hiring! Check our open positions.

---

Hardhat v2.28.5

This release is a small enhancement adding eth_getProof as a JSON-RPC method.

Changes

• 6e1f27c: Added support for eth_getProof as a JSON-RPC method (#7933)

---

💡 The Nomic Foundation is hiring! Check our open positions.

---

Hardhat v2.28.4

This release is a small bug fix to allow hardhat_reset to switch from local to forking mode.

Changes

• 32f29d6: Fixed bug in hardhat_reset when switching from local to fork mode (#7834)

---

💡 The Nomic Foundation is hiring! Check our open positions.

---

Hardhat v2.28.3

This release increases the block gas limit to 60,000,000.

Patch Changes

• 494b2c2: Bumped EDR version to 0.12.0-next.22.
  • NomicFoundation/edr@b5a7b75: Added an API that reports the latest supported Solidity version for source instrumentation
• 893277f: Increase the default block gas limit per EIP-7935. Thanks @​Amxx! (#7776)

---

💡 The Nomic Foundation is hiring! Check our open positions.

---

Hardhat v2.28.2

This release adds support for Solidity 0.8.32 and 0.8.33.

... (truncated)

Changelog

Sourced from hardhat's changelog.

hardhat

3.1.9

Patch Changes

• 621d07e: Make the coverage work with versions of Solidity that aren't fully supported by EDR #7982
• 3e39a06: Round average and median gas usage in the gas analytics output
• 78af2ed: Allow multiple parallel downloads of different compilers (7946).

3.1.8

Patch Changes

• a6947fb: Use the official Linux ARM64 builds of solc in the production profile when available (#7917).
• fd42744: Fixed missing EIP-7212 precompile in Solidity Tests (#7872).

3.1.7

Patch Changes

• 4995121: Suppressed pragma and license warnings in Solidity test files (7894).
• 22adbcb: Added support for eth_getProof (3345).

3.1.6

Patch Changes

• 98fbf44: Implemented SolidityBuildSystemImplementation#compileBuildInfo (#7891)
• a9445c9: Added ArtifactManager#getAllArtifactPaths (#7902)
• a9445c9: Fixed typechain type generation when compiling a subset of the Solidity files (#7902)
• 127ce88: Suppress Hardhat console.sol memory-safe-assembly warning #7862.
• c40697b: Added a Solidity#build hook (#7890)
• 8e5610f: Fixed a bug where nested folders were not created during the HTML coverage report generation (#7889)
• 13a1e4b: Multiple internal fixes to the solidity build system (#7900)
• 0c47a69: Added compiler downloader retry in case of failure (#7031)

3.1.5

Patch Changes

• 346f92a: Improve how solidity tests are displayed, making it more consistent with the js reporters.
• 2bc18b2: Bumped viem version across all packages 7861.
• 865e346: Updated the incorrect JSDOC against the preprocessProjectFileBeforeBuilding Solidity Hook (#7870)
• c9bdbd0: Added invokeSolc in SolidityHooks to allow plugins to respond to the input/output from solc (#7646)

3.1.4

Patch Changes

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for hardhat since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.