Merged
Conversation
### Description Bump to the LTS version ### Context N/A ### Testing - `./gradlew test` ### Documentation N/A ### Known limitations N/A
### Description This protects the `/event` and `/events` endpoint behind JWT auth. It also adds customer ID <-> account verification to the customer integration. ### Context These endpoints were previously unauthenticated, allowing attackers to post arbitrary events. ### Testing - `./gradlew test` ### Documentation N/A ### Known limitations N/A
…1883) ### Description Always use the `transaction_id` when verifying KYC in the SEP-6 flow. ### Context This prevents SEP-6 records from advancing past the `pending_customer_info_update` status. ### Testing - `./gradlew test` ### Documentation N/A ### Known limitations N/A
### Description Set the JWT in the requests to the platform from the reference server. ### Context Requests are currently being blocked from the reference server. ### Testing - `./gradlew test` - Tested SEP-6 deposit locally ### Documentation N/A ### Known limitations N/A
### Description This fixes a bug where a SEP-6 transaction gets stuck in a `pending_customer_info_update` status even though the SEP-12 customer status is `ACCEPTED`. ### Context We are now checking transaction-level KYC. The transaction now enters `pending_customer_info_update` even if the account already has the fields. ### Testing - `./gradlew test` ### Documentation N/A ### Known limitations N/A
### Description This disables the JWT auth requirement on the platform health endpoint. ### Context If auth is enabled, using `/health` as a liveness probe will fail as it expects JWT auth. ### Testing - `./gradlew test` - Tested locally that this disables auth on the `/health` endpoint. ### Documentation N/A ### Known limitations N/A
### Description Bump version to 4.1.7 ### Context Patch release ### Testing - `./gradlew test` ### Documentation N/A ### Known limitations N/A
JiahuiWho
approved these changes
Feb 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This merges
release/4.1.7intomain.Context
Git flow
Testing
./gradlew testDocumentation
N/A
Known limitations
N/A