Skip to content

chore(deps): update stellar-sdk requirement from >=9.0.0 to >=14.1.1 in /backend#465

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/stellar-sdk-gte-14.1.1
Open

chore(deps): update stellar-sdk requirement from >=9.0.0 to >=14.1.1 in /backend#465
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/stellar-sdk-gte-14.1.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown

Updates the requirements on stellar-sdk to permit the latest version.

Release notes

Sourced from stellar-sdk's releases.

14.1.1

Update

  • fix: SorobanServer[Async].get_sac_balance now returns the SAC balance held by the requested contract instead of the balance the SAC holds of itself. (#1196)
Changelog

Sourced from stellar-sdk's changelog.

Version 14.1.1

Released on June 28, 2026

Update

  • fix: SorobanServer[Async].get_sac_balance now returns the SAC balance held by the requested contract instead of the balance the SAC holds of itself. (#1196)

Version 14.0.0

Released on June 03, 2026

Update

  • Add SEP-46 contract metadata, SEP-47 contract interface discovery, and SEP-48 contract interface specification introspection APIs for Soroban contract Wasm, including ContractMeta, ContractSpec, ContractInfo, and SorobanServer[Async].get_contract_* helpers.
  • Add an Agent Skills compatible stellar-sdk skill with Claude Code plugin marketplace metadata and topic references for transactions, Horizon, Soroban, XDR/SCVal, async workflows, SEP integrations, security, and troubleshooting.

Version 14.0.0

Released on May 03, 2026

Breaking changes

  • Redesign stellar_sdk.auth so any account contract (default Stellar Account, BLS, WebAuthn, threshold, etc.) can authorize Soroban entries. (#1160)
    • stellar_sdk.auth.authorize_entry(entry, signer, valid_until_ledger_sequence, network_passphrase): the signer callable is now Callable[[HashIDPreimage], SCVal] (alias stellar_sdk.auth.AuthorizationSigner) and returns the signature SCVal accepted by the account contract. It was previously Callable[[HashIDPreimage], tuple[str, bytes]] returning (public_key, signature). Passing a Keypair continues to produce the default Stellar Account signature shape.
    • stellar_sdk.auth.authorize_invocation(signer, address, valid_until_ledger_sequence, invocation, network_passphrase): the second positional parameter was renamed from public_key to address. It accepts only classic account (G...) or contract (C...) addresses, including matching Address instances. It remains optional when signer is a Keypair.
    • AssembledTransaction.sign_auth_entries(auth_entries_signer, address=None, valid_until_ledger_sequence=None) and AssembledTransactionAsync.sign_auth_entries(...): auth_entries_signer now also accepts an AuthorizationSigner callable. The new address parameter selects which G... or C... entries to sign, is required for non-Keypair signers, and is inferred from the keypair otherwise. The parameter order is now (signer, address, valid_until_ledger_sequence).
    • AssembledTransaction.sign() and AssembledTransactionAsync.sign() now refuse to sign the transaction envelope while any non-invoker authorization entry is still unsigned, including C... contract account entries.
    • New public helpers: AuthorizationSigner, authorization_payload_hash(preimage), and build_authorization_preimage(entry, valid_until_ledger_sequence, network_passphrase).
  • Add max_content_size to BaseSyncClient.get() and BaseAsyncClient.get() to prevent memory exhaustion from oversized responses. Custom client implementations must update their get() signature to include max_content_size: int | None = None. fetch_stellar_toml, fetch_stellar_toml_async, and federation resolve functions now enforce response size limits. (#1131)
  • Remove deprecated StrKey.encode_muxed_account and StrKey.decode_muxed_account; use stellar_sdk.MuxedAccount instead. (#1135)
  • Remove TransactionBuilder.append_create_stellar_asset_contract_from_address_op; use TransactionBuilder.append_create_contract_op instead. (#1127)
  • Drop support for PyPy 3.10. (#1159)

Update

  • Upgrade generated Stellar XDR definitions to Protocol 26 through stellar-xdr v26.0. (#1149)
  • Improve the stellar_sdk.contract.AssembledTransaction authorization lifecycle for contract account authorization. (#1162)
    • Add AssembledTransaction.authorize(...) and AssembledTransactionAsync.authorize(...) as clearer aliases for signing Soroban authorization entries. They support valid_for_ledger_count for relative authorization expiration.
    • Add AssembledTransaction.prepare() and AssembledTransactionAsync.prepare() to re-simulate and prepare the current built transaction after authorization entries have changed.
    • sign_and_submit() now automatically prepares when a C... contract account authorization was signed, while ordinary G... account authorizations keep the existing single-simulation flow.
    • Raise NeedsPreparationError when exporting XDR, reading the result, checking read-call status, or signing the transaction envelope before required preparation has happened.
  • Expose addl_resources (ResourceLeeway) and auth_mode (AuthMode) parameters on AssembledTransaction, AssembledTransactionAsync, ContractClient.invoke, and ContractClientAsync.invoke. They are forwarded to the assembled transaction's internal simulation calls, including simulate(), prepare(), and post-restore re-simulation. The inner RestoreFootprint transaction created by automatic state restoration intentionally does not receive them. (#1164)
  • Add close_time, header_xdr, and metadata_xdr to GetLatestLedgerResponse. (#1136)
  • Add SEP-0051 XDR-JSON support to the XDR generator. (#1134)
  • Sort SCMap entries by key in scval.to_map following Soroban runtime ordering. (#1141)

Fixes

  • Correct method call for simulation result output. (#1163)
  • Correct equality checks for SignedPayloadSigner and SignerKey. (#1153)
  • Harden XDR parsing and generation:
    • validate Opaque and String max sizes on unpack.
    • add remaining-input-length checks for variable-length arrays.
    • raise on unmatched union discriminants in pack().

... (truncated)

Commits
  • acf72e1 release: 14.1.1
  • 9ed982e fix: Get SAC balance (#1196)
  • 9dd5384 release: 14.1.0 (#1183)
  • 92045f6 docs: add agent skill for stellar-sdk (#1182)
  • 332d971 chore: bump pytest-asyncio in the python-packages group
  • 7311e78 fix: replace deprecated datetime.utcfromtimestamp (#1179)
  • 0562e35 ci: cancel in-progress runs when a PR receives a new push (#1180)
  • 6dac4eb chore: remove redundant coverage pragmas
  • f668e32 chore(xdr): emit only the .base symbols each file actually uses
  • a25f864 chore(xdr): emit only the constants each file actually uses
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update stellar-sdk requirement in /backend
af7ab55 
Updates the requirements on [stellar-sdk](https://github.com/StellarCN/py-stellar-base) to permit the latest version.
- [Release notes](https://github.com/StellarCN/py-stellar-base/releases)
- [Changelog](https://github.com/StellarCN/py-stellar-base/blob/14.1.1/CHANGELOG.md)
- [Commits](StellarCN/py-stellar-base@9.0.0...14.1.1)

---
updated-dependencies:
- dependency-name: stellar-sdk
  dependency-version: 14.1.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 29, 2026
@dependabot dependabot Bot requested a review from ChaoLing140 as a code owner June 29, 2026 03:08
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 29, 2026
@dependabot dependabot Bot mentioned this pull request Jun 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChaoLing140 ChaoLing140 Awaiting requested review from ChaoLing140 ChaoLing140 is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants