Skip to content

Releases: lightsail-network/java-stellar-sdk

2.2.2

03 Feb 23:53
@overcat overcat
2.2.2
15ca931
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.2 Latest
Latest

Update

  • fix: add stricter validation for Ed25519 Signed Payload. (#751)
  • fix: replace assert statements with explicit null checks in Federation class to ensure validation is not bypassed when assertions are disabled. (#752)
  • fix: add overflow check in TimeBounds.expiresAfter() to prevent integer overflow when timeout is too large. (#753)
  • fix: add validation for ManageDataOperation value length to ensure it does not exceed 64 bytes. (#754)
  • fix: use StandardCharsets.UTF_8 explicitly when converting byte arrays to strings to ensure consistent behavior across different platforms. (#756)
  • refactor: use static initialization for GsonSingleton to ensure thread safety. (#757)
  • fix: use commons-codec for hex encoding/decoding in Util class to properly validate input and throw clear exceptions for invalid hex strings. (#758)
  • fix: improve XDR decoding security and correctness. (#759)
    • Add decoding depth limit to prevent stack overflow (default: 200)
    • Add input length tracking to prevent DoS via oversized allocations
    • Validate variable-length array/opaque/string sizes before allocation
    • Validate variable-length types don't exceed declared max size
    • Validate fixed-length opaque/array sizes match declared size
    • Fix short read handling for opaque/string with proper padding
    • Remove incorrect auto-padding from read(byte[], int, int)
    • Reject unknown union discriminant values when no default arm
    • Validate boolean/optional flags are strictly 0 or 1 per RFC 4506
    • Fix EOF handling in single-byte read
    • Deprecate unsafe readIntArray/readFloatArray/readDoubleArray methods
  • fix: prevent DoS attacks in Federation by limiting stellar.toml and federation response sizes to 100KB, adding proper timeouts, and handling UTF-8 BOM. (#760)
Assets 7
Loading

2.2.1

14 Jan 02:43
@overcat overcat
2.2.1
2ff38ac
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.1

Update:

  • fix: KeyPair.fromPublicKey now accepts any 32-byte public key, even if it is not a valid Ed25519 public key point (e.g., all zeros like GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHF). Such keypairs can still be used for address representation but will throw IllegalStateException when attempting to verify signatures.
Loading

2.2.0

06 Jan 03:36
@overcat overcat
2.2.0
9a29438
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.0

Update:

  • feat: add AUTH_CLAWBACK_ENABLED_FLAG to AccountFlag. (#743)
  • fix: remove diagnosticEventsXdr from org.stellar.sdk.responses.sorobanrpc.Events. Use GetTransactionResponse.diagnosticEventsXdr and GetTransactionsResponse.Transaction.diagnosticEventsXdr instead. (#744)
  • feat: add SEP-45 (Stellar Web Authentication for Contract Accounts) support. Check Sep45Challenge class for more details. (#746)
  • chore: update outdated documentation.
Loading

2.1.0

28 Sep 01:39
@overcat overcat
2.1.0
36da02f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.1.0

Update:

  • feat: add endLedger field to GetEventsRequest. (#739)
Loading

2.0.0

15 Aug 01:28
@overcat overcat
2.0.0
438c2f2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.0.0

This release adds support for Protocol 23.

This release contains the exact same content as 2.0.0-beta3. Below is the changelog since 1.5.1.

Update:

  • feat: add pollTransaction method to SorobanServer to poll transaction status with retry strategy. (#696)
  • feat: implement message signing and verification according to SEP-53, check KeyPair.signMessage and KeyPair.verifyMessage for more details. (#698)
  • feat: add isValidEd25519SecretSeed, isValidPreAuthTx and isValidSha256Hash to StrKey class, these functions can be used to validate the corresponding strkey. (#702)
  • feat: add med25519 public key support to StrKey. (#702)
  • feat: add liquidity pool and claimable balance support to StrKey. (#701)
  • feat: add muxed account, liquidity pool and claimable balance support to Address class. (#703)
  • feat(SorobanServer): add destinationMuxedId to InvokeHostFunctionOperationResponse.AssetContractBalanceChange. (#710 and (#705))
  • feat(SorobanServer): add events field to GetTransactionsResponse.Transaction and GetTransactionResponse. (#707)
  • feat(SorobanServer): add oldestLedger, latestLedgerCloseTime and oldestLedgerCloseTime fields to GetEventsResponse, and add transactionIndex and operationIndex fields to GetEventsResponse.EventInfo, check Stellar RPC release log for more information.
  • feat(SorobanServer): add support for non-root authorization in SorobanServer#simulateTransaction. (#708)
  • feat: add isValidSignedPayload to StrKey class, this function can be used to validate the ed25519 signed payload. (#712)
  • feat: add signExtraSignersPayload to sign extra signers payloads in Transaction class. (#713)
  • refactor: add balance id validation. (#722)
  • fix: fix handling of transaction metadata versioning in AssembledTransaction class. (#723)
  • refactor: add validation for asset issuer. (#725)
  • refactor: add validation for liquidity pool ID length in TrustLineAsset. (#726)

Breaking changes:

  • chore: upgrade generated XDR definitions to Protocol 23. (#699)
  • refactor!: the following functions in StrKey are marked as deprecated, they will be removed in the next major release; please refer to the documentation for each function to see the corresponding replacement functions: (#702)
    • StrKey#encodeEd25519PublicKey(AccountID)
    • StrKey#encodeMuxedAccount(MuxedAccount)
    • StrKey#decodeMuxedAccount(String)
    • StrKey#encodeToXDRAccountId(String)
    • StrKey#encodeToXDRMuxedAccount(String)
  • refactor!: rename readBytes to diskReadBytes and update related methods in SorobanDataBuilder. (#700)
  • refactor(HorizonServer)!: remove numArchivedContracts and archivedContractsAmount from AssetResponse. (#704)
  • refactor(SorobanServer)!: GetTransactionsResponse.Transaction#getDiagnosticEventsXdr() and GetTransactionsResponse.Transaction#parseDiagnosticEventsXdr() has been marked as deprecated, they will be removed in Stellar RPC soon, use GetTransactionsResponse.Transaction#getEvents() instead. (#706)
  • refactor(SorobanServer)!: remove deprecated pagingToken field from GetEventsResponse.EventInfo. (#707)
  • refactor(SorobanServer)!: inSuccessfulContractCall in GetEventsResponse.EventInfo has been marked as deprecated, it will be removed in the next release. (#707)
  • feat: add org.stellar.sdk.SignerKey for enhanced signer key handling. (#712)
    • org.stellar.sdk.Signer and org.stellar.sdk.SignedPayloadSigner has been removed, use org.stellar.sdk.SignerKey instead.
    • The StrKey#encodeSignedPayload(SignedPayloadSigner) and StrKey#decodeSignedPayload(String) methods now operate on raw byte[] instead of the SignedPayloadSigner object to provide more flexibility.
    • KeyPair#fromXdrSignerKey() and KeyPair#getXdrSignerKey() have been removed, use org.stellar.sdk.SignerKey instead.
    • The type of TransactionPreconditions#extraSigners has been changed from List<org.stellar.sdk.xdr.SignerKey> to List<org.stellar.sdk.SignerKey>.
    • The type of SetOptionsOperation#signer has been changed from org.stellar.sdk.xdr.SignerKey to org.stellar.sdk.SignerKey.
    • The type of RevokeSignerSponsorshipOperation#signer has been changed from org.stellar.sdk.xdr.SignerKey to org.stellar.sdk.SignerKey.

Full Changelog: 1.5.0...2.0.0

Loading

2.0.0-beta3

09 Aug 09:01
@overcat overcat
2.0.0-beta3
2c1e068
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.0.0-beta3 Pre-release
Pre-release

Update

  • fix: fix muxed account handling in Address class. (#733)

Full Changelog: 2.0.0-beta2...2.0.0-beta3

Loading

2.0.0-beta2

06 Aug 01:18
@overcat overcat
2.0.0-beta2
93f044f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.0.0-beta2 Pre-release
Pre-release

Update:

  • refactor: add validation for asset issuer. (#725)
  • refactor: add validation for liquidity pool ID length in TrustLineAsset. (#726)
  • fix: isolate Kotlin dependency to test scope. (#731)

Full Changelog: 2.0.0-beta1...2.0.0-beta2

Loading

2.0.0-beta1

23 Jul 08:16
@overcat overcat
2.0.0-beta1
0f12d8d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.0.0-beta1 Pre-release
Pre-release

Update:

  • feat: add isValidSignedPayload to StrKey class, this function can be used to validate the ed25519 signed payload. (#712)
  • feat: add signExtraSignersPayload to sign extra signers payloads in Transaction class. (#713)
  • refactor: add balance id validation. (#722)
  • fix: fix handling of transaction metadata versioning in AssembledTransaction class. (#723)

Breaking changes:

  • feat: add org.stellar.sdk.SignerKey for enhanced signer key handling. (#712)
    • org.stellar.sdk.Signer and org.stellar.sdk.SignedPayloadSigner has been removed, use org.stellar.sdk.SignerKey instead.
    • The StrKey#encodeSignedPayload(SignedPayloadSigner) and StrKey#decodeSignedPayload(String) methods now operate on raw byte[] instead of the SignedPayloadSigner object to provide more flexibility.
    • KeyPair#fromXdrSignerKey() and KeyPair#getXdrSignerKey() have been removed, use org.stellar.sdk.SignerKey instead.
    • The type of TransactionPreconditions#extraSigners has been changed from List<org.stellar.sdk.xdr.SignerKey> to List<org.stellar.sdk.SignerKey>.
    • The type of SetOptionsOperation#signer has been changed from org.stellar.sdk.xdr.SignerKey to org.stellar.sdk.SignerKey.
    • The type of RevokeSignerSponsorshipOperation#signer has been changed from org.stellar.sdk.xdr.SignerKey to org.stellar.sdk.SignerKey.

Full Changelog: 2.0.0-beta0...2.0.0-beta1

Loading

1.5.1

23 Jul 02:20
@overcat overcat
1.5.1
878b8ea

Choose a tag to compare

View all tags
1.5.1

Update:

  • fix: avoid unnecessary padding during writing and reading of XDR data. (#720)

Full Changelog: 1.5.0...1.5.1

Loading

2.0.0-beta0

08 Jul 09:18
@overcat overcat
2.0.0-beta0
a5cb912
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.0.0-beta0 Pre-release
Pre-release

Update:

  • feat: add pollTransaction method to SorobanServer to poll transaction status with retry strategy. (#696)
  • feat: implement message signing and verification according to SEP-53, check KeyPair.signMessage and KeyPair.verifyMessage for more details. (#698)
  • feat: add isValidEd25519SecretSeed, isValidPreAuthTx and isValidSha256Hash to StrKey class, these functions can be used to validate the corresponding strkey. (#702)
  • feat: add med25519 public key support to StrKey. (#702)
  • feat: add liquidity pool and claimable balance support to StrKey. (#701)
  • feat: add muxed account, liquidity pool and claimable balance support to Address class. (#703)
  • feat(SorobanServer): add destinationMuxedId to InvokeHostFunctionOperationResponse.AssetContractBalanceChange. (#710 and (#705))
  • feat(SorobanServer): add events field to GetTransactionsResponse.Transaction and GetTransactionResponse. (#707)
  • feat(SorobanServer): add oldestLedger, latestLedgerCloseTime and oldestLedgerCloseTime fields to GetEventsResponse, and add transactionIndex and operationIndex fields to GetEventsResponse.EventInfo, check Stellar RPC release log for more information.
  • feat(SorobanServer): add support for non-root authorization in SorobanServer#simulateTransaction. (#708)

Breaking changes:

  • chore: upgrade generated XDR definitions to Protocol 23. (#699)
  • refactor!: the following functions in StrKey are marked as deprecated, they will be removed in the next major release; please refer to the documentation for each function to see the corresponding replacement functions: (#702)
    • StrKey#encodeEd25519PublicKey(AccountID)
    • StrKey#encodeMuxedAccount(MuxedAccount)
    • StrKey#decodeMuxedAccount(String)
    • StrKey#encodeToXDRAccountId(String)
    • StrKey#encodeToXDRMuxedAccount(String)
  • refactor!: rename readBytes to diskReadBytes and update related methods in SorobanDataBuilder. (#700)
  • refactor(HorizonServer)!: remove numArchivedContracts and archivedContractsAmount from AssetResponse. (#704)
  • refactor(SorobanServer)!: GetTransactionsResponse.Transaction#getDiagnosticEventsXdr() and GetTransactionsResponse.Transaction#parseDiagnosticEventsXdr() has been marked as deprecated, they will be removed in Stellar RPC soon, use GetTransactionsResponse.Transaction#getEvents() instead. (#706)
  • refactor(SorobanServer)!: remove deprecated pagingToken field from GetEventsResponse.EventInfo. (#707)
  • refactor(SorobanServer)!: inSuccessfulContractCall in GetEventsResponse.EventInfo has been marked as deprecated, it will be removed in the next release. (#707)
Loading