v15.1.0

v15.1.0

Fixed

• Security: FederationServer.createForDomain and the FederationServer constructor now validate domains per RFC 1035, rejecting malformed domains before issuing federation or stellar.toml requests. Port numbers are also accepted (#1393).
• RpcServer.pollTransaction off-by-one: the polling loop used < instead of <=, causing one fewer attempt than configured(#1373).
• requestAirdrop error path: fixed incorrect property access (error.response.detail instead of error.response.data.detail) when checking for createAccountAlreadyExist (#1373).
• Spec.typeRef now properly handles scSpecTypeResult by returning the JSON schema for the okType, instead of silently breaking out of the switch (#1373).
• structToJsonSchema now places additionalProperties: false on the schema object itself rather than incorrectly nesting it inside properties (#1373).
• Fixed bigint-to-U32/I32 conversion in Spec using Number(val) instead of val as number (a no-op for bigints) (#1373).
• WASM custom section parser: when a section was skipped (invalid name length), the offset was not advanced, causing an infinite loop or incorrect parsing of subsequent sections (#1373).
• FederationServer URL mutation: resolveAddress, resolveAccountId, and resolveTransactionId mutated the shared serverURL by appending query params on each call. Fixed by cloning the URL before modifying (#1373).
• CallBuilder.stream() URL mutation: stream() mutated the shared this.url by adding query params, corrupting the builder for subsequent calls. Fixed by cloning the URL (#1373).
• AssembledTransaction restore path: when buildWithOp was used and automatic state restoration was needed, the rebuild incorrectly reconstructed the operation via contract.call() instead of reusing the original operation (#1373).
• SERVER_TIME_MAP port collision: the Horizon time-sync cache keyed entries by hostname only, so two servers on different ports of the same host shared a cache entry. Fixed by including the port in the key (#1373).
• Spec.funcResToNative now correctly returns an Err instance when a contract function with a Result return type returns an error, instead of throwing while decoding it as the Ok type (#1373).
• SEP-10: verifyChallengeTxSigners now rejects challenges signed only by the server and client_domain key with no actual client signer, instead of returning an empty signers list (#1372).
• getAssetBalance used incorrect flag bitmask constants (AuthRequiredFlag, AuthRevocableFlag, AuthClawbackEnabledFlag) which are account-level flags, not trustline-level flags. Replaced with the correct trustline flag bitmasks (0x1, 0x2, 0x4) (#1372).
• AssembledTransaction.simulate did not clear this.built before re-simulating after a state restoration rebuild, causing it to assemble stale transaction data (#1372).
• AssembledTransaction.signAndSend mutated the shared this.options.submit flag to prevent double submission. Replaced with a wrapper around signTransaction that injects submit: false without mutating shared state (#1372).
• Fetch HTTP client: async request interceptors were not awaited — the synchronous try/catch loop passed unresolved promise objects as the config. Replaced with a proper .then() chain matching Axios interceptor semantics (#1372).
• Fetch HTTP client: cancellation now preserves custom cancel reasons and isCancel no longer depends on exact error-message text (#1390).
• Fetch HTTP client: instance default headers and params now merge correctly with per-request overrides on the no-axios / minimal builds, including requests that use bounded options (#1390).
• Fetch HTTP client: maxRedirects and maxContentLength were silently ignored on the no-axios / minimal builds, turning SDK-set SSRF and DoS guards (StellarToml.Resolver.resolve, FederationServer) into no-ops. A new bounded adapter activates when either option is set, refusing redirects past maxRedirects and streaming the response body with a running-total check so oversized responses abort mid-stream (#1390).
• Fetch HTTP client: the no-axios bounded path now more closely matches Axios behavior for object request bodies, baseURL, timeout errors, redirect method/body handling, and stripping credential-bearing headers on cross-origin redirects (#1390).
• src/bindings/config.ts imported ../../package.json with a relative path that resolved incorrectly for the lib/no-axios/ and lib/minimal/ build outputs, making those libs unloadable. Replaced with the __PACKAGE_VERSION__ compile-time define (#1390).
• Updated the production axios dependency from 1.14.0 to 1.15.0 (#1381).

Added

• AccountResponse constructor now uses explicit field-by-field assignment instead of Object.entries dynamic assignment for type safety (#1373).
• Added transactions collection to Api.AccountRecord and AccountResponse (#1373).
• Added range checks for U32/I32 values in Spec: bigint values are now validated against min/max bounds before conversion, throwing a RangeError instead of silently truncating (#1373).
• rpc.Server.getLatestLedger() now includes closeTime, headerXdr, and metadataXdr in the typed response, with headerXdr/metadataXdr parsed into XDR objects instead of raw base64 strings (#1389).

Deprecated

• BalanceResponse.revocable is deprecated in favor of authorizedToMaintainLiabilities, which correctly reflects the trustline flag semantics (#1372).

Full Changelog: v15.0.1...v15.1.0

v15.0.1: Protocol 26

v15.0.1: Protocol 26

Breaking Changes

• XDR has been upgraded to support Protocol 26, please refer to the @stellar/stellar-base release notes for details and other breaking changes.

Fixed

• Sanitize identifiers and escape string literals in generated TypeScript bindings to prevent code injection via malicious contract spec names. sanitizeIdentifier now strips non-identifier characters, and a new escapeStringLiteral helper escapes quotes and newlines in string contexts (#1345).
• AssembledTransaction.fromXDR() and fromJSON() now validate that the deserialized transaction targets the expected contract, rejecting mismatched contract IDs and non-invokeContract operations. (#1349).
• Pin exact version on axios dependency (#1365)

Contributors

• @quietbits, @Ryang-21, @Shaptic

Full Changelog: v14.6.1...v15.0.1

v14.6.1

v14.6.1

Fixed

• Fix assembleTransaction double-counting the resource fee when the input transaction already has Soroban data attached (e.g. when re-assembling a previously simulated transaction) (#1343).
• Removed adding resourceFee in rpc.assembleTransaction as it's now handled by TransactionBuilder.build() (#1343).

Full Changelog: v14.6.0...v14.6.1

v14.6.0

v14.6.0

Added

• Upgraded underlying @stellar/stellar-base library to include its new features and fixes (release notes).

Full Changelog: v14.5.0...v14.6.0

v14.5.0

v14.5.0

Added

• Introduced CLI functionality for generating smart contract bindings (#1287).
• Added BindingGeneration class for parsing contract specs into fully typed TypeScript libraries for calling contract methods (#1287).
• Introduced rpc.Server.fundAddress that supports funding contract and account addresses via Friendbot (#1314).
• Updated the StellarToml interface with SEP 45 fields WEB_AUTH_FOR_CONTRACTS_ENDPOINT and WEB_AUTH_CONTRACT_ID (#1326).

Fixed

• X-App-Name and X-App-Version headers are now included when using CallBuilder.stream() (#1317).
• CallBuilder now correctly uses the configured server URL for all requests, including pagination and linked resources. Previously, URLs returned by Horizon in _links would bypass reverse proxies (#1318).

Deprecated

• rpc.Server.requestAirdrop is deprecated in favor of rpc.Server.fundAddress (#1314).

Contributors

@ElliotFriend, @leighmcculloch, @Ryang-21, @wpalmeri made their first contribution in #1321, and @joaquinsoza made their first contribution in #1314

Full Changelog: v14.4.3...v14.5.0

v14.4.3

v14.4.3

Fixed

• Upgraded underlying @stellar/stellar-base library to include its fixes (release notes).

v14.4.2

v14.4.2

Fixed

• Fixed package installation for Windows environments (#1306)

Full Changelog: v14.4.1...v14.4.2

v14.4.1

v14.4.1

Fixed

• Set Api.GetEventsRequest.endLedger to be optional to align with RPC behavior (#1304)
• Added back Typepoint and marked it deprecated in favor of Timepoint (#1303)

Contributors

• @mootz12 , @Ryang-21

Full Changelog: v14.4.0...v14.4.1

v14.4.0

v14.4.0

Added

• Introduced an rpc.Server.getAssetBalance() helper to fetch asset balances both for contracts and accounts (#1286).
• rpc.Api.BalanceResponse now can include a revocable field in its balanceEntry for when trustlines are fetched (#1286).
• Added Timepoint and Duration support to Spec (#1288)
• Api.GetHealthResponse interface now includes latestLedger, ledgerRetentionWindow, and oldestLedger fields (#1297).
• Added publicKey, signTransaction, and signAuthEntry as optional fields to contract.MethodOptions (#1293).

Fixed

• Api.RawEventResponse.topics is now optional to reflect topicless events (#1292).
• parseRawEvents correctly checks if Api.RawEventResponse.topics is undefined (#1292).
• Remove WebAssembly usage in favor of manual wasm parsing (#1300).
• Fixed URL contamination in Horizon.Server methods (#1296).

Contributors

• @chadoh, @corymsmith, @Shaptic, @Ryang-2, @mootz12 made their first contribution in #1288

Full Changelog: v14.3.3...v14.4.0

v14.3.3

v14.3.3

Added

• Spec.nativeToScVal supports parsing Muxed Address(#1274),

Contributors

• @alberto-crossmint made their first contribution in #1274, @jeesunikim

Full Changelog: v14.3.2...v14.3.3