Closed
Conversation
There was a problem hiding this comment.
Pull request overview
This PR implements v1.10.0 changes for the TypeScript Wallet SDK, focusing on enhanced security, validation, and test coverage for SEP-10 authentication and SEP-7 URI parsing.
Changes:
- Added comprehensive SEP-10 challenge validation with both server-key-based and fallback validation paths
- Enhanced SEP-7 URI replace parameter validation with length limits and balanced identifier checks
- Updated dependencies including axios, follow-redirects, form-data, and sodium-native
- Added TypeScript
stripInternalcompiler option to exclude internal APIs from published types
Reviewed changes
Copilot reviewed 11 out of 12 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| yarn.lock | Dependency updates: axios (1.7.7→1.13.5), follow-redirects (1.15.6→1.15.11), form-data (4.0.0→4.0.5), sodium-native (4.1.1→4.3.3), and new bare-* packages |
| @stellar/typescript-wallet-sdk/tsconfig.json | Added stripInternal: true to exclude internal APIs from published type definitions |
| @stellar/typescript-wallet-sdk/test/sep7.test.ts | Added comprehensive tests for SEP-7 replacement validation edge cases |
| @stellar/typescript-wallet-sdk/test/auth.test.ts | New comprehensive test suite for SEP-10 authentication with 1000+ lines covering validateToken, challenge validation, and network passphrase handling |
| @stellar/typescript-wallet-sdk/test/docker/docker-compose.yml | Updated DOMAIN from "test-domain" to "localhost" for web_auth_domain validation |
| @stellar/typescript-wallet-sdk/src/walletSdk/Uri/sep7Parser.ts | Enhanced validation: length checks, balanced identifier validation, missing path/hint detection |
| @stellar/typescript-wallet-sdk/src/walletSdk/Types/sep7.ts | Added URI_REPLACE_MAX_LENGTH constant (4096 characters) |
| @stellar/typescript-wallet-sdk/src/walletSdk/Types/recovery.ts | Added optional signingKey field to RecoveryServer type |
| @stellar/typescript-wallet-sdk/src/walletSdk/Recovery/index.ts | Pass signingKey to Sep10 when available |
| @stellar/typescript-wallet-sdk/src/walletSdk/Exceptions/index.ts | Added ChallengeValidationFailedError and NetworkPassphraseMismatchError |
| @stellar/typescript-wallet-sdk/src/walletSdk/Auth/index.ts | Implemented dual-path challenge validation, network passphrase checks, and internal readChallengeTx function |
| @stellar/typescript-wallet-sdk/src/walletSdk/Anchor/index.ts | Pass signingKey from TOML to Sep10 constructor |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.