chore(deps): update openzeppelin packages to v5.4.0 (#150)

This PR contains the following updates:

| Package | Type | Update | Change | OpenSSF |
|---|---|---|---|---|
| [@openzeppelin/contracts](https://openzeppelin.com/contracts/)
([source](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts))
| dependencies | minor | [`5.3.0` ->
`5.4.0`](https://renovatebot.com/diffs/npm/@openzeppelin%2fcontracts/5.3.0/5.4.0)
| [![OpenSSF
Scorecard](https://api.securityscorecards.dev/projects/github.com/OpenZeppelin/openzeppelin-contracts/badge)](https://securityscorecards.dev/viewer/?uri=github.com/OpenZeppelin/openzeppelin-contracts)
|
|
[@openzeppelin/contracts-upgradeable](https://openzeppelin.com/contracts/)
([source](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts-upgradeable))
| dependencies | minor | [`5.3.0` ->
`5.4.0`](https://renovatebot.com/diffs/npm/@openzeppelin%2fcontracts-upgradeable/5.3.0/5.4.0)
| [![OpenSSF
Scorecard](https://api.securityscorecards.dev/projects/github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/badge)](https://securityscorecards.dev/viewer/?uri=github.com/OpenZeppelin/openzeppelin-contracts-upgradeable)
|

---

### Release Notes

<details>
<summary>OpenZeppelin/openzeppelin-contracts
(@&#8203;openzeppelin/contracts)</summary>

###
[`v5.4.0`](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/blob/HEAD/CHANGELOG.md#540-2025-07-17)

[Compare
Source](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/compare/v5.3.0...v5.4.0)

##### Breaking changes

- Update minimum pragma to 0.8.24 in `SignatureChecker`, `Governor` and
Governor's extensions.
([#&#8203;5716](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5716)).

##### Pragma changes

- Reduced pragma requirement of interface files

##### Changes by category

##### Account

- `Account`: Added a simple ERC-4337 account implementation with minimal
logic to process user operations.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `AccountERC7579`: Extension of `Account` that implements support for
ERC-7579 modules of type executor, validator, and fallback handler.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `AccountERC7579Hooked`: Extension of `AccountERC7579` that implements
support for ERC-7579 hook modules.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `EIP7702Utils`: Add a library for checking if an address has an
EIP-7702 delegation in place.
([#&#8203;5587](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5587))
- `IERC7821`, `ERC7821`: Interface and logic for minimal batch
execution. No support for additional `opData` is included.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))

##### Governance

- `GovernorNoncesKeyed`: Extension of `Governor` that adds support for
keyed nonces when voting by sig.
([#&#8203;5574](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5574))

##### Tokens

- `ERC20Bridgeable`: Implementation of ERC-7802 that makes an ERC-20
compatible with crosschain bridges.
([#&#8203;5739](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5739))

##### Cryptography

##### Signers

- `AbstractSigner`, `SignerECDSA`, `SignerP256`, and `SignerRSA`: Add an
abstract contract and various implementations for contracts that deal
with signature verification.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `SignerERC7702`: Implementation of `AbstractSigner` for Externally
Owned Accounts (EOAs). Useful with ERC-7702.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `SignerERC7913`: Abstract signer that verifies signatures using the
ERC-7913 workflow.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `MultiSignerERC7913`: Implementation of `AbstractSigner` that supports
multiple ERC-7913 signers with a threshold-based signature verification
system.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `MultiSignerERC7913Weighted`: Extension of `MultiSignerERC7913` that
supports assigning different weights to each signer, enabling more
flexible governance schemes.
([#&#8203;5741](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5741))

##### Verifiers

- `ERC7913P256Verifier` and `ERC7913RSAVerifier`: Ready to use ERC-7913
verifiers that implement key verification for P256 (secp256r1) and RSA
keys.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))

##### Other

- `SignatureChecker`: Add support for ERC-7913 signatures alongside
existing ECDSA and ERC-1271 signature verification.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `ERC7739`: An abstract contract to validate signatures following the
rehashing scheme from `ERC7739Utils`.
([#&#8203;5664](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5664))
- `ERC7739Utils`: Add a library that implements a defensive rehashing
mechanism to prevent replayability of smart contract signatures based on
the ERC-7739.
([#&#8203;5664](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5664))

##### Structures

- `EnumerableMap`: Add support for `BytesToBytesMap` type.
([#&#8203;5658](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5658))
- `EnumerableMap`: Add `keys(uint256,uint256)` that returns a subset
(slice) of the keys in the map.
([#&#8203;5713](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5713))
- `EnumerableSet`: Add support for `StringSet` and `BytesSet` types.
([#&#8203;5658](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5658))
- `EnumerableSet`: Add `values(uint256,uint256)` that returns a subset
(slice) of the values in the set.
([#&#8203;5713](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5713))

##### Utils

- `Arrays`: Add `unsafeAccess`, `unsafeMemoryAccess` and
`unsafeSetLength` for `bytes[]` and `string[]`.
([#&#8203;5568](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5568))
- `Blockhash`: Add a library that provides access to historical block
hashes using EIP-2935's history storage, extending the standard
256-block limit to 8191 blocks.
([#&#8203;5642](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5642))
- `Bytes`: Fix `lastIndexOf(bytes,byte,uint256)` with empty buffers and
finite position to correctly return `type(uint256).max` instead of
accessing uninitialized memory sections.
([#&#8203;5797](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5797))

</details>

<details>
<summary>OpenZeppelin/openzeppelin-contracts-upgradeable
(@&#8203;openzeppelin/contracts-upgradeable)</summary>

###
[`v5.4.0`](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/HEAD/CHANGELOG.md#540-2025-07-17)

[Compare
Source](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/compare/v5.3.0...v5.4.0)

##### Breaking changes

- Update minimum pragma to 0.8.24 in `SignatureChecker`, `Governor` and
Governor's extensions.
([#&#8203;5716](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5716)).

##### Pragma changes

- Reduced pragma requirement of interface files

##### Changes by category

##### Account

- `Account`: Added a simple ERC-4337 account implementation with minimal
logic to process user operations.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `AccountERC7579`: Extension of `Account` that implements support for
ERC-7579 modules of type executor, validator, and fallback handler.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `AccountERC7579Hooked`: Extension of `AccountERC7579` that implements
support for ERC-7579 hook modules.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `EIP7702Utils`: Add a library for checking if an address has an
EIP-7702 delegation in place.
([#&#8203;5587](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5587))
- `IERC7821`, `ERC7821`: Interface and logic for minimal batch
execution. No support for additional `opData` is included.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))

##### Governance

- `GovernorNoncesKeyed`: Extension of `Governor` that adds support for
keyed nonces when voting by sig.
([#&#8203;5574](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5574))

##### Tokens

- `ERC20Bridgeable`: Implementation of ERC-7802 that makes an ERC-20
compatible with crosschain bridges.
([#&#8203;5739](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5739))

##### Cryptography

##### Signers

- `AbstractSigner`, `SignerECDSA`, `SignerP256`, and `SignerRSA`: Add an
abstract contract and various implementations for contracts that deal
with signature verification.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `SignerERC7702`: Implementation of `AbstractSigner` for Externally
Owned Accounts (EOAs). Useful with ERC-7702.
([#&#8203;5657](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5657))
- `SignerERC7913`: Abstract signer that verifies signatures using the
ERC-7913 workflow.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `MultiSignerERC7913`: Implementation of `AbstractSigner` that supports
multiple ERC-7913 signers with a threshold-based signature verification
system.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `MultiSignerERC7913Weighted`: Extension of `MultiSignerERC7913` that
supports assigning different weights to each signer, enabling more
flexible governance schemes.
([#&#8203;5741](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5741))

##### Verifiers

- `ERC7913P256Verifier` and `ERC7913RSAVerifier`: Ready to use ERC-7913
verifiers that implement key verification for P256 (secp256r1) and RSA
keys.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))

##### Other

- `SignatureChecker`: Add support for ERC-7913 signatures alongside
existing ECDSA and ERC-1271 signature verification.
([#&#8203;5659](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5659))
- `ERC7739`: An abstract contract to validate signatures following the
rehashing scheme from `ERC7739Utils`.
([#&#8203;5664](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5664))
- `ERC7739Utils`: Add a library that implements a defensive rehashing
mechanism to prevent replayability of smart contract signatures based on
the ERC-7739.
([#&#8203;5664](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5664))

##### Structures

- `EnumerableMap`: Add support for `BytesToBytesMap` type.
([#&#8203;5658](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5658))
- `EnumerableMap`: Add `keys(uint256,uint256)` that returns a subset
(slice) of the keys in the map.
([#&#8203;5713](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5713))
- `EnumerableSet`: Add support for `StringSet` and `BytesSet` types.
([#&#8203;5658](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5658))
- `EnumerableSet`: Add `values(uint256,uint256)` that returns a subset
(slice) of the values in the set.
([#&#8203;5713](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5713))

##### Utils

- `Arrays`: Add `unsafeAccess`, `unsafeMemoryAccess` and
`unsafeSetLength` for `bytes[]` and `string[]`.
([#&#8203;5568](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5568))
- `Blockhash`: Add a library that provides access to historical block
hashes using EIP-2935's history storage, extending the standard
256-block limit to 8191 blocks.
([#&#8203;5642](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5642))
- `Bytes`: Fix `lastIndexOf(bytes,byte,uint256)` with empty buffers and
finite position to correctly return `type(uint256).max` instead of
accessing uninitialized memory sections.
([#&#8203;5797](https://redirect.github.com/OpenZeppelin/openzeppelin-contracts/pull/5797))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/settlemint/solidity-token-soulbound).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->

## Summary by Sourcery

Bump @openzeppelin/contracts and @openzeppelin/contracts-upgradeable to
v5.4.0 and regenerate lockfile

Build:
- Update @openzeppelin/contracts dependency to v5.4.0
- Update @openzeppelin/contracts-upgradeable dependency to v5.4.0
- Regenerate bun.lock after dependency changes

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Author: renovate[bot]

bun.lock

@@ -10,8 +10,8 @@
         "@nomicfoundation/hardhat-ignition-viem": "0.15.13",
         "@nomicfoundation/hardhat-toolbox-viem": "3.0.0",
         "@nomiclabs/hardhat-solhint": "4.1.0",
-        "@openzeppelin/contracts": "5.3.0",
-        "@openzeppelin/contracts-upgradeable": "5.3.0",
+        "@openzeppelin/contracts": "5.4.0",
+        "@openzeppelin/contracts-upgradeable": "5.4.0",
         "@openzeppelin/subgraphs": "0.1.8-5",
         "erc721a": "4.3.0",
         "hardhat": "2.26.0",
@@ -255,9 +255,9 @@
 
     "@oclif/plugin-warn-if-update-available": ["@oclif/[email protected]", "", { "dependencies": { "@oclif/core": "^4", "ansis": "^3.4.0", "debug": "^4.4.0", "http-call": "^5.2.2", "lodash": "^4.17.21", "registry-auth-token": "^5.0.3" } }, "sha512-15UI0yrzsodQLltntbUOmR7Nyd1tmUWzbcnR7QJvWMgEMuImNjqNdSaeXUFc3UBtaK266YatJYJWL5SCb/MTWw=="],
 
-    "@openzeppelin/contracts": ["@openzeppelin/contracts@5.3.0", "", {}, "sha512-zj/KGoW7zxWUE8qOI++rUM18v+VeLTTzKs/DJFkSzHpQFPD/jKKF0TrMxBfGLl3kpdELCNccvB3zmofSzm4nlA=="],
+    "@openzeppelin/contracts": ["@openzeppelin/contracts@5.4.0", "", {}, "sha512-eCYgWnLg6WO+X52I16TZt8uEjbtdkgLC0SUX/xnAksjjrQI4Xfn4iBRoI5j55dmlOhDv1Y7BoR3cU7e3WWhC6A=="],
 
-    "@openzeppelin/contracts-upgradeable": ["@openzeppelin/contracts-upgradeable@5.3.0", "", { "peerDependencies": { "@openzeppelin/contracts": "5.3.0" } }, "sha512-yVzSSyTMWO6rapGI5tuqkcLpcGGXA0UA1vScyV5EhE5yw8By3Ewex9rDUw8lfVw0iTkvR/egjfcW5vpk03lqZg=="],
+    "@openzeppelin/contracts-upgradeable": ["@openzeppelin/contracts-upgradeable@5.4.0", "", { "peerDependencies": { "@openzeppelin/contracts": "5.4.0" } }, "sha512-STJKyDzUcYuB35Zub1JpWW58JxvrFFVgQ+Ykdr8A9PGXgtq/obF5uoh07k2XmFyPxfnZdPdBdhkJ/n2YxJ87HQ=="],
 
     "@openzeppelin/subgraphs": ["@openzeppelin/[email protected]", "", { "dependencies": { "@amxx/graphprotocol-utils": "^1.1.0", "@openzeppelin/contracts": "^4.6.0" } }, "sha512-7k8x6A/lI33Dggah0S6Q+n348KaTBOUD7pK49K0lBSvCHZw5PqpMNZopfD/Kk+0nyFRzhAoPUU97RhmKz+YFJw=="],
 

package.json

@@ -41,9 +41,9 @@
     "@nomicfoundation/hardhat-ignition-viem": "0.15.13",
     "@nomicfoundation/hardhat-toolbox-viem": "3.0.0",
     "@nomiclabs/hardhat-solhint": "4.1.0",
-    "@openzeppelin/contracts": "5.3.0",
+    "@openzeppelin/contracts": "5.4.0",
     "@openzeppelin/subgraphs": "0.1.8-5",
-    "@openzeppelin/contracts-upgradeable": "5.3.0",
+    "@openzeppelin/contracts-upgradeable": "5.4.0",
     "hardhat": "2.26.0",
     "solhint": "5.2.0",
     "erc721a": "4.3.0"