chore(release): update changelog and bump version to 4.0.0-beta.3

[shumkov]

Issue being fixed or feature implemented

Release new Dash Platform version

What was done?

• Updated changelog
• Bumped packages version

How Has This Been Tested?

None

Breaking Changes

None

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests
• I have made corresponding changes to the documentation

For repository code-owners and collaborators only

• I have assigned this pull request to a milestone

Summary by CodeRabbit

• Bug Fixes

  • Upgraded Envoy gateway to 1.35.11 to address an HTTP/2 DoS (CVE-2026-47774).
  • Noted incompatibility issues related to grovedb.

• Chores

  • Bumped release/version to 4.0.0-beta.3 across packages and workspace.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 642c0c10-c8a0-45c5-b405-fbb663bf196b

📥 Commits

Reviewing files that changed from the base of the PR and between d816c1e and 2eacf2b.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• CHANGELOG.md

---

📝 Walkthrough

Walkthrough

This PR bumps the platform to version 4.0.0-beta.3 across Cargo workspace, npm root package, and 22 individual npm packages. The changelog documents a security patch to the Envoy gateway dependency (1.35.11) addressing CVE-2026-47774, which is relevant to the dashmate package.

Changes

Version Bump to 4.0.0-beta.3

Layer / File(s)	Summary
Changelog entry and workspace versions CHANGELOG.md, Cargo.toml, package.json	New 4.0.0-beta.3 release section (2026-06-04) documents dashmate security fix (Envoy gateway bump for HTTP/2 DoS CVE). Cargo workspace version and root npm package both bumped to 4.0.0-beta.3.
Individual package version updates packages/bench-suite/package.json, packages/dapi-grpc/package.json, packages/dapi/package.json, packages/dash-spv/package.json, packages/dashmate/package.json, packages/dashpay-contract/package.json, packages/dpns-contract/package.json, packages/js-dapi-client/package.json, packages/js-dash-sdk/package.json, packages/js-evo-sdk/package.json, packages/js-grpc-common/package.json, packages/keyword-search-contract/package.json, packages/masternode-reward-shares-contract/package.json, packages/platform-test-suite/package.json, packages/token-history-contract/package.json, packages/wallet-lib/package.json, packages/wallet-utils-contract/package.json, packages/wasm-dpp/package.json, packages/wasm-dpp2/package.json, packages/wasm-drive-verify/package.json, packages/wasm-sdk/package.json, packages/withdrawals-contract/package.json	All 22 packages are version-bumped to 4.0.0-beta.3 (or 5.0.0-beta.3 for dash-spv and 11.0.0-beta.3 for wallet-lib), maintaining version consistency across the monorepo.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• dashpay/platform#2998: Also updates CHANGELOG.md and bumps workspace/root/package version fields for a release housekeeping change.
• dashpay/platform#3783: Earlier release PR performing the same version-bump patterns across manifests and changelog.
• dashpay/platform#3708: Release-only changes that update changelog and multiple manifest version fields.

Suggested reviewers

• QuantumExplorer

Poem

🐰 From beta two to beta three I hop with cheer,
I nudge the versions forward, release is near,
Envoy's patch tucked in the log so neat,
Grovedb notes beside it make the entry complete,
A tiny rabbit dance — another beta clear.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and accurately describes the main changes: updating the changelog and bumping versions to 4.0.0-beta.3, which aligns perfectly with the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release_4.0.0-beta.3

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[thepastaclaw]

✅ Review complete (commit 83678ac)

[thepastaclaw]

Code Review

Release metadata-only PR bumping workspace version to 4.0.0-beta.3 and adding a CHANGELOG entry for the single included fix (PR #3794). Both agents found no in-scope issues, and CodeRabbit produced no inline findings. Verified the changeset is limited to version manifests and changelog with no source/consensus code touched.

[github-actions]

✅ DashSDKFFI.xcframework built for this PR.

• Workflow run: https://github.com/dashpay/platform/actions/runs/26963613758
• Artifacts: DashSDKFFI.xcframework (folder), DashSDKFFI.xcframework.zip, xc_checksum.txt

SwiftPM (host the zip at a stable URL, then use):

.binaryTarget(
  name: "DashSDKFFI",
  url: "https://your.cdn.example/DashSDKFFI.xcframework.zip",
  checksum: "fd171e55a753129ff19de86175c67223a3277f44fa49a674b9a15edd07c109aa"
)

Xcode manual integration:

• Download 'DashSDKFFI.xcframework' artifact from the run link above.
• Drag it into your app target (Frameworks, Libraries & Embedded Content) and set Embed & Sign.
• If using the Swift wrapper package, point its binaryTarget to the xcframework location or add the package and place the xcframework at the expected path.