Skip to content

Releases: solana-labs/solana-web3.js

v1.98.0

16 Dec 04:37
@github-actions github-actions
v1.98.0
8ea27fc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.98.0 Latest
Latest

1.98.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getRecentBlockhash with getLatestBlockhash (#3419) (8ea27fc)
Assets 2
Loading

v1.97.0

16 Dec 04:30
@github-actions github-actions
v1.97.0
a805cb9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.97.0

1.97.0 (2024-12-16)

Features

  • agave v2 rpc: replace getConfirmedTransaction with getTransaction (#3418) (a805cb9)
Assets 2
Loading

v1.96.0

16 Dec 04:18
@github-actions github-actions
v1.96.0
60e39a6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.96.0

1.96.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getConfirmedBlock with getBlock (#3417) (60e39a6)
Assets 2
Loading

v1.95.8

03 Dec 23:22
@steveluscher steveluscher
v1.95.8
52e144a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.95.8

1.95.8 (2024-12-03)

Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 2, 2024.

These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished.

We are asking all Solana app developers to upgrade to version 1.95.8. Developers pinned to latest should also upgrade to 1.95.8.

Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on.

Assets 2
Loading

v1.95.5

20 Nov 19:37
@github-actions github-actions
v1.95.5
526ce5f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.95.5

1.95.5 (2024-11-20)

Bug Fixes

  • added programId field in TokenBalance type (#3592) (526ce5f)
Assets 2
Loading

v2.0.0

07 Nov 22:02
@steveluscher steveluscher
v2.0.0
630683b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0.0 Pre-release
Pre-release

v2.0.0 (2024-11-07)

Today we have dropped the Release Candidate label from @solana/web3.js v2.0.0. We now recommend it for general use.

Read more in this blog post.

Assets 2
Loading

The New web3.js - Release Candidate `rc.4`

05 Nov 17:22
@steveluscher steveluscher
v2.0.0-rc.4
5f041ec
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
The New web3.js - Release Candidate `rc.4` Pre-release
Pre-release

v2.0.0-rc.4 (2024-11-05)

This version fixes a bug with program error decoding that we introduced in Release Candidate 2. We now expect this, Release Candidate 4, to be the final version before tagging version 2.0 of @solana/web3.js. Please submit any final bug reports before Thursday, November 7th by filing a GitHub Issue.

To install the Release Candidate:

npm install --save @solana/web3.js@rc
  • Try the runnable examples in the examples/ directory to get a feel for the API.
  • Use the example dApp at https://solana-labs.github.io/solana-web3.js/example/ – source available here – for an example of how to build transactions with the new web3.js for use with wallets.
  • Install TypeScript clients for on-chain programs like System and Token, then build a useful application or backend service.

Changelog since Release Candidate rc.3

  • #3519 2798061 Thanks @lorisleiva! - Accept bigints in RPC error factories, fixing functions such as isProgramError
Assets 2
Loading

The New web3.js - Release Candidate `rc.3`

31 Oct 17:52
@steveluscher steveluscher
v2.0.0-rc.3
82ee350
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
The New web3.js - Release Candidate `rc.3` Pre-release
Pre-release

v2.0.0-rc.3 (2024-10-31)

This version fixes a bug with RPC subscriptions that we introduced in Release Candidate 2. We now expect this, Release Candidate 3, to be the final version before tagging version 2.0 of @solana/web3.js. Please submit any final bug reports before Thursday, November 7th by filing a GitHub Issue.

To install the Release Candidate:

npm install --save @solana/web3.js@rc
  • Try the runnable examples in the examples/ directory to get a feel for the API.
  • Use the example dApp at https://solana-labs.github.io/solana-web3.js/example/ – source available here – for an example of how to build transactions with the new web3.js for use with wallets.
  • Install TypeScript clients for on-chain programs like System and Token, then build a useful application or backend service.

Changelog since Release Candidate rc.2

  • #3507 45df702 Thanks @mcintyre94! - Fixed a bug where the subcription server's response would not be detected, because of a mismatch in the format of the id. Now all RPC message ids are strings, for avoidance of doubt.
Assets 2
Loading

The New web3.js - Release Candidate `rc.2`

31 Oct 08:07
@steveluscher steveluscher
v2.0.0-rc.2
06a71d0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
The New web3.js - Release Candidate `rc.2` Pre-release
Pre-release

v2.0.0-rc.2 (2024-10-31)

We expect this to be the final release candidate version before tagging version 2.0 of @solana/web3.js. Please submit any final bug reports before Thursday, November 7th by filing a GitHub Issue.

To install the Release Candidate:

npm install --save @solana/web3.js@rc
  • Try the runnable examples in the examples/ directory to get a feel for the API.
  • Use the example dApp at https://solana-labs.github.io/solana-web3.js/example/ – source available here – for an example of how to build transactions with the new web3.js for use with wallets.
  • Install TypeScript clients for on-chain programs like System and Token, then build a useful application or backend service.

Changelog since Release Candidate rc.1

  • #3213 3fc388f Thanks @mcintyre94! - Clean up SolanaRpcApi: no longer extend RpcApiMethods + remove export

  • #3137 fd72c2e Thanks @mcintyre94! - The build is now compatible with the Vercel Edge runtime and Cloudflare Workers through the addition of edge-light and workerd to the package exports.

  • #3251 Thanks @ryoid! - isAddress() no longer throws despite that the input might be unparseable as a base-58 string. Now, it correctly, simply, returns false.

  • #3361 441fa3a Thanks @steveluscher! - Fixed a bug where calls to isEd25519CurveSupported() might have resulted in uncaught rejections bubbling up through the app, in cases where Ed25519 is not supported

  • #3134 38faba0 Thanks @buffalojoec! - Change unix timestamp type to bigint with an unsafe label

  • #3128 0158b31 Thanks @lorisleiva! - Fix missing export in @solana/keys package. This means, the getPublicKeyFromPrivateKey function is now properly exported.

  • #3407 10b08ac Thanks @lorisleiva! - Use RpcRequest, RpcResponse and their transformers in RPC Subscriptions packages

    This change makes the RPC and RPC Subscriptions architecture more consistent by using the same RpcRequest and RpcResponse types and transformers as the basis for handling user requests (RPC calls or subscriptions) and returning responses to them.

    See the following PRs for more details:

  • #3453 bafefed Thanks @mcintyre94! - Rename decodeTransactionMessage to decompileTransactionMessageFetchingLookupTables

  • #3290 2368163 Thanks @mcintyre94! - Throw an error if a transaction fails when being simulated to estimate CUs

  • #3145 1c25dd4 Thanks @lorisleiva! - Rename RpcResponse type to RpcResponseData to make room for a new RpcResponse type

  • #3213 3fc388f Thanks @mcintyre94! - Clean up SolanaRpcApi: no longer extend RpcApiMethods + remove export

  • #3454 1fde4b1 Thanks @mcintyre94! - Correct type of replacementBlockhash in simulateTransaction

  • #3456 0245265 Thanks @lorisleiva! - Remove UnsafeBeyond2Pow53Minus1 type suffixes

  • #3150 a705413 Thanks @lorisleiva! - Make RpcApi use new RpcRequestTransformer and RpcResponseTransformer

  • #3202 bf07a60 Thanks @disco-infinex! - PerformanceSample return type field numNonVoteTransaction corrected to numNonVoteTransactions

  • #3161 9dfca45 Thanks @lorisleiva! - Add getIntegerOverflowRequestTransformer, getBigIntDowncastRequestTransformer and getTreeWalkerRequestTransformer helpers

  • #3134 38faba0 Thanks @buffalojoec! - Change unix timestamp type to bigint with an unsafe label

  • #3148 e1cb697 Thanks @lorisleiva! - Make RpcTransport return new RpcReponse type instead of parsed JSON data

  • #3201 02cefa7 Thanks @lorisleiva! - Update the response type of the getClusterNodes RPC method

  • #3098 2f541b6 Thanks @buffalojoec! - Update program accounts filters for programAccounts query

  • #3221 6b43588 Thanks @lorisleiva! - Add new isJsonRpcPayload helper method

  • c8e6e71 Thanks @steveluscher! - We refactored the lower levels of the subscriptions API entirely.

    Previously, all layers of the subscriptions implementation, from the WebSocket transport to the API that developers use, dealt in AsyncIterables. These are notoriously difficult to code in such a way that expresses all of the ways in which a subscription might be cancelled or error out. Very slight omissions of care could open memory leaks that would bring down the simplest of apps. The new subscriptions infra in Release Candidate 2 deals with event-based subscriptions all the way up to the highest level API, at which point the subscription is vended to the application as an AsyncIterable.

    This has eliminated several classes of memory leak and has made it easier to implement higher-level transports (like the autopinger and the subscription coalescer). Additionally, this update introduces a new channel pool implementation that opens new WebSocket connections when existing ones become ‘full.’ Lastly, performance in the new implementation has been improved through a new demultiplexing utility that can separate message events into several channels based on arbitrary criteria, meaning you can apply transforms to the message right at the source, and vend subscriptions to downstream consumers that care only about one particular kind of message...

Read more
Assets 2
Loading

v1.95.4

17 Oct 21:02
@github-actions github-actions
v1.95.4
e345937
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.95.4

1.95.4 (2024-10-17)

Bug Fixes

  • log JSON-RPC subscription errors to the console (#3392) (e345937)
Assets 2
Loading