Skip to content

chore(deps): bump stellar-sdk from 14.1.0 to 15.0.0 in /quantara#187

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/quantara/stellar-sdk-15.0.0
Open

chore(deps): bump stellar-sdk from 14.1.0 to 15.0.0 in /quantara#187
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/quantara/stellar-sdk-15.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor

Bumps stellar-sdk from 14.1.0 to 15.0.0.

Release notes

Sourced from stellar-sdk's releases.

15.0.0

This release adds support for Protocol 27.

This release contains the same content as 15.0.0-beta0, plus the use_upgraded_auth simulation flag. Below is the changelog since 14.1.1.

Update

  • Add CAP-71 (Protocol 27) Soroban authorization support across the high-level API. (#1189)
    • New credential types (from the Protocol 27 XDR):
      • SOROBAN_CREDENTIALS_ADDRESS_V2 (CAP-71-02) — same fields as the legacy SOROBAN_CREDENTIALS_ADDRESS, but the signed payload is bound to the signer's address.
      • SOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES (CAP-71-01) — delegated / multi-party signing via a (possibly nested) tree of delegate signatures.
    • stellar_sdk.auth.authorize_entry (and stellar_sdk.auth.build_authorization_preimage):
      • Sign all three address-based credential types, selecting the signature payload from the credential type: legacy ADDRESS keeps the non-address-bound preimage; ADDRESS_V2 and ADDRESS_WITH_DELEGATES use the address-bound ENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESS preimage. authorize_entry previously returned entries with non-ADDRESS credentials unchanged, without signing them.
      • authorize_entry gains a keyword-only for_address parameter that writes the signature into a specific (possibly nested) delegate node. All signers of one delegated entry sign the same payload, bound to the top-level address, and must use the same valid_until_ledger_sequence.
    • stellar_sdk.auth.authorize_invocation:
      • Still builds legacy ADDRESS entries by default, so its output stays valid on every network regardless of Protocol 27 activation.
      • Gains a keyword-only credentials_type parameter to opt in to ADDRESS_V2. The default will flip to V2 once Protocol 28 makes it mandatory.
    • New stellar_sdk.auth.build_with_delegates_entry / stellar_sdk.auth.DelegateSignature wrap an ADDRESS/ADDRESS_V2 entry together with delegate signers (CAP-71-01), sorting each delegates level by address and rejecting duplicates, as the protocol requires.
    • AssembledTransaction: sign_auth_entries and needs_non_invoker_signing_by (and the async variants) handle all address-based credential types; V2 entries previously crashed with AssertionError.
    • SEP-45 (stellar_sdk.sep.stellar_soroban_web_authentication): challenge parsing and building accept ADDRESS_V2 entries in addition to the legacy type; delegated entries are rejected.
  • feat: add use_upgraded_auth to SorobanServer[Async].simulate_transaction and the contract clients, mapping to the useUpgradedAuth flag from Stellar RPC v27.1.0 to opt simulation into recording ADDRESS_V2 (CAP-71) auth credentials. Best-effort and transitional; older RPC servers ignore it. (#1198)
  • chore: upgrade generated XDR definitions to Protocol 27. (#1186)

15.0.0-beta0

Update

  • Add CAP-71 (Protocol 27) Soroban authorization support across the high-level API. (#1189)
    • New credential types (from the Protocol 27 XDR):
      • SOROBAN_CREDENTIALS_ADDRESS_V2 (CAP-71-02) — same fields as the legacy SOROBAN_CREDENTIALS_ADDRESS, but the signed payload is bound to the signer's address.
      • SOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES (CAP-71-01) — delegated / multi-party signing via a (possibly nested) tree of delegate signatures.
    • stellar_sdk.auth.authorize_entry (and stellar_sdk.auth.build_authorization_preimage):
      • Sign all three address-based credential types, selecting the signature payload from the credential type: legacy ADDRESS keeps the non-address-bound preimage; ADDRESS_V2 and ADDRESS_WITH_DELEGATES use the address-bound ENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESS preimage. authorize_entry previously returned entries with non-ADDRESS credentials unchanged, without signing them.
      • authorize_entry gains a keyword-only for_address parameter that writes the signature into a specific (possibly nested) delegate node. All signers of one delegated entry sign the same payload, bound to the top-level address, and must use the same valid_until_ledger_sequence.
    • stellar_sdk.auth.authorize_invocation:
      • Still builds legacy ADDRESS entries by default, so its output stays valid on every network regardless of Protocol 27 activation.
      • Gains a keyword-only credentials_type parameter to opt in to ADDRESS_V2. The default will flip to V2 once Protocol 28 makes it mandatory.
    • New stellar_sdk.auth.build_with_delegates_entry / stellar_sdk.auth.DelegateSignature wrap an ADDRESS/ADDRESS_V2 entry together with delegate signers (CAP-71-01), sorting each delegates level by address and rejecting duplicates, as the protocol requires.
    • AssembledTransaction: sign_auth_entries and needs_non_invoker_signing_by (and the async variants) handle all address-based credential types; V2 entries previously crashed with AssertionError.
    • SEP-45 (stellar_sdk.sep.stellar_soroban_web_authentication): challenge parsing and building accept ADDRESS_V2 entries in addition to the legacy type; delegated entries are rejected.
  • chore: upgrade generated XDR definitions to Protocol 27. (#1186)

14.1.1

Update

  • fix: SorobanServer[Async].get_sac_balance now returns the SAC balance held by the requested contract instead of the balance the SAC holds of itself. (#1196)
Changelog

Sourced from stellar-sdk's changelog.

Version 15.0.0

Released on July 04, 2026

This release adds support for Protocol 27.

This release contains the same content as 15.0.0-beta0, plus the use_upgraded_auth simulation flag. Below is the changelog since 14.1.1.

Update

  • Add CAP-71 (Protocol 27) Soroban authorization support across the high-level API. (#1189)
    • New credential types (from the Protocol 27 XDR):
      • SOROBAN_CREDENTIALS_ADDRESS_V2 (CAP-71-02) — same fields as the legacy SOROBAN_CREDENTIALS_ADDRESS, but the signed payload is bound to the signer's address.
      • SOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES (CAP-71-01) — delegated / multi-party signing via a (possibly nested) tree of delegate signatures.
    • stellar_sdk.auth.authorize_entry (and stellar_sdk.auth.build_authorization_preimage):
      • Sign all three address-based credential types, selecting the signature payload from the credential type: legacy ADDRESS keeps the non-address-bound preimage; ADDRESS_V2 and ADDRESS_WITH_DELEGATES use the address-bound ENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESS preimage. authorize_entry previously returned entries with non-ADDRESS credentials unchanged, without signing them.
      • authorize_entry gains a keyword-only for_address parameter that writes the signature into a specific (possibly nested) delegate node. All signers of one delegated entry sign the same payload, bound to the top-level address, and must use the same valid_until_ledger_sequence.
    • stellar_sdk.auth.authorize_invocation:
      • Still builds legacy ADDRESS entries by default, so its output stays valid on every network regardless of Protocol 27 activation.
      • Gains a keyword-only credentials_type parameter to opt in to ADDRESS_V2. The default will flip to V2 once Protocol 28 makes it mandatory.
    • New stellar_sdk.auth.build_with_delegates_entry / stellar_sdk.auth.DelegateSignature wrap an ADDRESS/ADDRESS_V2 entry together with delegate signers (CAP-71-01), sorting each delegates level by address and rejecting duplicates, as the protocol requires.
    • AssembledTransaction: sign_auth_entries and needs_non_invoker_signing_by (and the async variants) handle all address-based credential types; V2 entries previously crashed with AssertionError.
    • SEP-45 (stellar_sdk.sep.stellar_soroban_web_authentication): challenge parsing and building accept ADDRESS_V2 entries in addition to the legacy type; delegated entries are rejected.
  • feat: add use_upgraded_auth to SorobanServer[Async].simulate_transaction and the contract clients, mapping to the useUpgradedAuth flag from Stellar RPC v27.1.0 to opt simulation into recording ADDRESS_V2 (CAP-71) auth credentials. Best-effort and transitional; older RPC servers ignore it. (#1198)
  • chore: upgrade generated XDR definitions to Protocol 27. (#1186)

Version 15.0.0-beta0

Released on June 03, 2026

Update

  • Add CAP-71 (Protocol 27) Soroban authorization support across the high-level API. (#1189)
    • New credential types (from the Protocol 27 XDR):
      • SOROBAN_CREDENTIALS_ADDRESS_V2 (CAP-71-02) — same fields as the legacy SOROBAN_CREDENTIALS_ADDRESS, but the signed payload is bound to the signer's address.
      • SOROBAN_CREDENTIALS_ADDRESS_WITH_DELEGATES (CAP-71-01) — delegated / multi-party signing via a (possibly nested) tree of delegate signatures.
    • stellar_sdk.auth.authorize_entry (and stellar_sdk.auth.build_authorization_preimage):
      • Sign all three address-based credential types, selecting the signature payload from the credential type: legacy ADDRESS keeps the non-address-bound preimage; ADDRESS_V2 and ADDRESS_WITH_DELEGATES use the address-bound ENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESS preimage. authorize_entry previously returned entries with non-ADDRESS credentials unchanged, without signing them.
      • authorize_entry gains a keyword-only for_address parameter that writes the signature into a specific (possibly nested) delegate node. All signers of one delegated entry sign the same payload, bound to the top-level address, and must use the same valid_until_ledger_sequence.
    • stellar_sdk.auth.authorize_invocation:
      • Still builds legacy ADDRESS entries by default, so its output stays valid on every network regardless of Protocol 27 activation.
      • Gains a keyword-only credentials_type parameter to opt in to ADDRESS_V2. The default will flip to V2 once Protocol 28 makes it mandatory.
    • New stellar_sdk.auth.build_with_delegates_entry / stellar_sdk.auth.DelegateSignature wrap an ADDRESS/ADDRESS_V2 entry together with delegate signers (CAP-71-01), sorting each delegates level by address and rejecting duplicates, as the protocol requires.
    • AssembledTransaction: sign_auth_entries and needs_non_invoker_signing_by (and the async variants) handle all address-based credential types; V2 entries previously crashed with AssertionError.
    • SEP-45 (stellar_sdk.sep.stellar_soroban_web_authentication): challenge parsing and building accept ADDRESS_V2 entries in addition to the legacy type; delegated entries are rejected.
  • chore: upgrade generated XDR definitions to Protocol 27. (#1186)

Version 14.1.1

Released on June 28, 2026

Update

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [stellar-sdk](https://github.com/StellarCN/py-stellar-base) from 14.1.0 to 15.0.0.
- [Release notes](https://github.com/StellarCN/py-stellar-base/releases)
- [Changelog](https://github.com/StellarCN/py-stellar-base/blob/main/CHANGELOG.md)
- [Commits](StellarCN/py-stellar-base@14.1.0...15.0.0)

---
updated-dependencies:
- dependency-name: stellar-sdk
  dependency-version: 15.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants