release: 1.9.0#20
Conversation
|
🧪 Testing To try out this version of the SDK: Expires at: Sun, 05 Jul 2026 01:39:47 GMT |
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
6d92ed8 to
ddcf565
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
ddcf565 to
0bb0b25
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
0bb0b25 to
ca3e49f
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
ca3e49f to
47f7a2c
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
47f7a2c to
58f03d2
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
58f03d2 to
26db534
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
26db534 to
d258a43
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
d258a43 to
d09fc51
Compare
Greptile SummaryThis is the automated Stainless-generated 1.9.0 release PR, adding an encrypted OTP two-leg authentication flow (HPKE end-to-end, no plaintext OTP on the wire), CNY_ACCOUNT and SWIFT account-type support,
Confidence Score: 3/5This PR ships multiple breaking TypeScript contract changes (field removals, method renames, type renames) under a minor version bump; callers on 1.8.x will encounter compile errors or silent runtime misses on upgrade. Beyond the breaking changes already flagged in earlier review rounds, this pass found two additional concrete breaks: src/resources/customers/customers.ts, src/resources/platform/external-accounts.ts, src/resources/shared.ts, src/resources/auth/sessions.ts, and src/resources/crypto.ts carry the most impactful breaking changes.
|
| Filename | Overview |
|---|---|
| src/resources/auth/credentials.ts | Adds encrypted OTP two-leg flow: new Grid-Wallet-Signature header param on verify, AuthCredentialChallengeRequest type, expanded AuthMethodResponse carrying otpEncryptionTargetBundle, and documentation updates throughout. |
| src/resources/auth/sessions.ts | Breaking: SessionRefreshParams.clientPublicKey (top-level body field) is now wrapped inside AuthSessionRefreshRequest; callers passing the old flat shape will silently send an empty body (previously flagged). |
| src/resources/customers/customers.ts | Multiple breaking changes: generateKYCLink renamed to createKYCLink with a wrapped KycLinkCreateRequest param, CustomerOneovesDefaultPagination typo, response types unified to CustomerOneOf, and CustomerUpdateInternalAccountParams body-wrapping that silently drops old flat params (all previously flagged). |
| src/resources/crypto.ts | Breaking rename: CryptoEstimateWithdrawalFeeResponse replaced by EstimateCryptoWithdrawalFeeResponse; new EstimateCryptoWithdrawalFeeRequest type added. |
| src/resources/platform/external-accounts.ts | Breaking: EgpAccountInfo.accountNumber (previously required) removed; swiftCode removed and replaced by phoneNumber; bankName promoted to required on BDT/COP/GHS/PKR account infos; new PlatformExternalAccountCreateRequest and CnyAccount support added. |
| src/resources/shared.ts | BusinessInfoUpdate interface removed entirely; BusinessCustomer and IndividualCustomer now extend a new Customer base; EgpExternalAccountCreateInfo.accountNumber required field removed; EgpBeneficiary fields widened from required to optional. |
| src/resources/transfer-out.ts | Adds optional paymentRail field to TransferOutCreateParams.Destination; destination type changed from ExternalAccountReference to a local Destination interface — backwards-compatible since paymentRail is optional. |
| src/resources/customers/external-accounts.ts | New CnyAccount variant added to ExternalAccountInfoOneOf; bankName promoted to required on BDT/COP/GHS/PKR doc-comment fields; new ExternalAccountListResponse type added. |
| src/resources/verifications.ts | VerificationListResponse repurposed as a paginated wrapper while the old single-record shape moved to a new Verification type — breaking for TypeScript consumers who referenced the old type shape (previously flagged). |
Sequence Diagram
sequenceDiagram
participant Client
participant Grid API
participant Enclave
Note over Client,Grid API: EMAIL_OTP Encrypted Flow (new in 1.9.0)
Client->>Grid API: POST /auth/credentials/{id}/challenge
Grid API-->>Client: AuthMethodResponse (otpEncryptionTargetBundle)
Note over Client: Generate ephemeral P-256 TEK keypair
Note over Client: HPKE-encrypt {otp_code, public_key} under bundle
Client->>Enclave: OTP delivered out-of-band (email)
Enclave-->>Client: magic OTP (sandbox) / real OTP (production)
Client->>Grid API: POST /auth/credentials/{id}/verify (encryptedOtpBundle)
Grid API-->>Client: 202 AuthSignedRequestChallenge (payloadToSign)
Note over Client: Sign payloadToSign with TEK private key
Client->>Grid API: POST /auth/credentials/{id}/verify (retry + Grid-Wallet-Signature)
Grid API-->>Client: 200 AuthSession
Prompt To Fix All With AI
Fix the following 2 code review issues. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 2
src/resources/crypto.ts:133-140
**Breaking public type rename in a minor release**
`CryptoEstimateWithdrawalFeeResponse` has been removed from the public namespace and replaced with `EstimateCryptoWithdrawalFeeResponse`. Any TypeScript consumer that imported or referenced the old name directly — e.g., `import type { CryptoEstimateWithdrawalFeeResponse } from '@lightspark/grid-js-sdk'` — will get a compile error after upgrading to 1.9.0. The type is re-exported from `src/resources/index.ts`, so it is a visible breaking change in the public contract.
### Issue 2 of 2
src/resources/platform/external-accounts.ts:288-307
**Breaking field removals on `EgpAccountInfo` in a minor release**
Two fields were removed from `EgpAccountInfo` (and the parallel `EgpExternalAccountCreateInfo` in `shared.ts`): the previously-required `accountNumber: string` is gone entirely, and the optional `swiftCode?: string` is replaced by `phoneNumber?: string`. Any existing TypeScript caller constructing an EGP external account that passed `accountNumber` will now get a compile error ("Object literal may only specify known properties"). Callers that relied on `swiftCode` will silently lose that field with no error. `paymentRails` was also widened from `Array<'BANK_TRANSFER'>` to `Array<'BANK_TRANSFER' | 'MOBILE_MONEY'>`, which is additive, but together these are breaking structural changes in a minor version.
Reviews (6): Last reviewed commit: "release: 1.9.0" | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| * await client.customers.createKYCLink('customerId'); | ||
| * ``` | ||
| */ | ||
| createKYCLink( |
There was a problem hiding this comment.
generateKYCLink to createKYCLink in a minor (1.8.0 → 1.9.0) release. Existing callers invoking client.customers.generateKYCLink(...) will get a runtime TypeError: client.customers.generateKYCLink is not a function. The parameter shape also changed: redirectUri is no longer a flat body field but is now nested inside KycLinkCreateRequest, so any caller passing the old shape will silently send a missing body.
Prompt To Fix With AI
This is a comment left during a code review.
Path: src/resources/customers/customers.ts
Line: 242
Comment:
Breaking rename from `generateKYCLink` to `createKYCLink` in a minor (1.8.0 → 1.9.0) release. Existing callers invoking `client.customers.generateKYCLink(...)` will get a runtime `TypeError: client.customers.generateKYCLink is not a function`. The parameter shape also changed: `redirectUri` is no longer a flat body field but is now nested inside `KycLinkCreateRequest`, so any caller passing the old shape will silently send a missing body.
How can I resolve this? If you propose a fix, please make it concise.| @@ -370,7 +383,7 @@ export interface OutgoingTransaction { | |||
| /** | |||
There was a problem hiding this comment.
refund field type on OutgoingTransaction was changed from the locally-defined OutgoingTransaction.Refund namespace type to SimulateAPI.Refund (imported from the sandbox cards simulate module). Any consumers type-checking against the old OutgoingTransaction.Refund path will get a TS compile error. More surprisingly, a production OutgoingTransaction object now references a type defined inside the sandbox package sub-tree, which may feel semantically incorrect to readers of the API surface.
Prompt To Fix With AI
This is a comment left during a code review.
Path: src/resources/transactions.ts
Line: 383
Comment:
The `refund` field type on `OutgoingTransaction` was changed from the locally-defined `OutgoingTransaction.Refund` namespace type to `SimulateAPI.Refund` (imported from the sandbox cards simulate module). Any consumers type-checking against the old `OutgoingTransaction.Refund` path will get a TS compile error. More surprisingly, a production `OutgoingTransaction` object now references a type defined inside the `sandbox` package sub-tree, which may feel semantically incorrect to readers of the API surface.
How can I resolve this? If you propose a fix, please make it concise.Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
d09fc51 to
c1ef000
Compare
|
|
||
| export interface VerificationListResponse { | ||
| /** | ||
| * Unique identifier for this verification | ||
| */ | ||
| id: string; | ||
|
|
||
| /** | ||
| * When this verification was created | ||
| */ | ||
| createdAt: string; | ||
|
|
||
| /** | ||
| * The ID of the customer being verified | ||
| * List of verifications matching the filter criteria | ||
| */ | ||
| customerId: string; | ||
| data: Array<Verification>; | ||
|
|
||
| /** | ||
| * List of issues preventing verification from proceeding. Empty when | ||
| * verificationStatus is APPROVED or IN_PROGRESS. | ||
| * Indicates if more results are available beyond this page | ||
| */ | ||
| errors: Array<Shared.VerificationError>; | ||
| hasMore: boolean; | ||
|
|
||
| /** | ||
| * Current status of the KYC/KYB verification | ||
| * Cursor to retrieve the next page of results (only present if hasMore is true) | ||
| */ | ||
| verificationStatus: | ||
| | 'RESOLVE_ERRORS' | ||
| | 'PENDING_MANUAL_REVIEW' | ||
| | 'IN_PROGRESS' | ||
| | 'APPROVED' | ||
| | 'REJECTED' | ||
| | 'READY_FOR_VERIFICATION'; | ||
| nextCursor?: string; | ||
|
|
||
| /** | ||
| * When this verification was last updated | ||
| * Total number of results matching the criteria |
There was a problem hiding this comment.
VerificationListResponse repurposed with an incompatible shape
VerificationListResponse previously described a single verification record (id, createdAt, customerId, errors, verificationStatus, updatedAt). It was the item type iterated over by the list() method. In this PR it is redefined as a paginated wrapper (data: Array<Verification>, hasMore, nextCursor, totalCount) while the list() method now yields Verification items directly.
Any TypeScript consumer that referenced Verifications.VerificationListResponse as the shape of a single verification will get a compile error because the fields no longer exist. Additionally, the new type is never returned by any method on Verifications, making it a semantic orphan in the public namespace.
Prompt To Fix With AI
This is a comment left during a code review.
Path: src/resources/verifications.ts
Line: 157-175
Comment:
**`VerificationListResponse` repurposed with an incompatible shape**
`VerificationListResponse` previously described a single verification record (`id`, `createdAt`, `customerId`, `errors`, `verificationStatus`, `updatedAt`). It was the item type iterated over by the `list()` method. In this PR it is redefined as a paginated wrapper (`data: Array<Verification>`, `hasMore`, `nextCursor`, `totalCount`) while the `list()` method now yields `Verification` items directly.
Any TypeScript consumer that referenced `Verifications.VerificationListResponse` as the shape of a single verification will get a compile error because the fields no longer exist. Additionally, the new type is never returned by any method on `Verifications`, making it a semantic orphan in the public namespace.
How can I resolve this? If you propose a fix, please make it concise.
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
c1ef000 to
97bfb69
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
97bfb69 to
2072d7c
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
2072d7c to
dedcdbf
Compare
stainless-app
Bot
force-pushed
the
release-please--branches--main--changes--next--components--grid
branch
from
dedcdbf to
48e7328
Compare
Automated Release PR
1.9.0 (2026-06-05)
Full Changelog: v1.8.0...v1.9.0
Features
Bug Fixes
Documentation
This pull request is managed by Stainless's GitHub App.
The semver version number is based on included commit messages. Alternatively, you can manually set the version number in the title of this pull request.
For a better experience, it is recommended to use either rebase-merge or squash-merge when merging this pull request.
🔗 Stainless website
📚 Read the docs
🙋 Reach out for help or questions