chore(deps): update soroban-sdk requirement from 25.3.0 to 26.0.0

[dependabot]

Updates the requirements on soroban-sdk to permit the latest version.

Release notes

Sourced from soroban-sdk's releases.

v26.0.0

What's Changed

Breaking Changes

• Renamed assert_in_contract to debug_assert_in_contract — The assert_in_contract macro has been renamed to debug_assert_in_contract and hidden from public documentation, as it is intended for internal use only. The old name has been deprecated. (#1806)

• Removed deprecated token event format from soroban-token-sdk — The deprecated TokenUtils::events() helper, the legacy event module, and the Events wrapper have been removed. These were originally deprecated in v23. (#1822)

• Removed #[macro_export] from internal impl_bytesn_repr macro — This macro was only intended as an internal helper. Its public export has been removed. (#1829)

Deprecations

• Deprecate BLS/BN short type aliases and disambiguate Fr — bls12_381::Fr is renamed to Bls12381Fr and bn254::Fr is renamed to Bn254Fr, with the original names kept as deprecated aliases. The other BLS12-381 short aliases (G1Affine, G2Affine, Fp, Fp2) and the crypto::BnScalar re-export are also deprecated. Existing code continues to compile but will emit deprecation warnings pointing to the new names. This avoids a confusing case where a contract using bn254::Fr as a contract type would silently resolve to the BLS12-381 scalar in the spec mapping. (#1714)

New Features

• CAP-73 — Stellar Asset Contract trust() function: Enables the Stellar Asset Contract to create trustlines for classic G-accounts. The new trust() function creates an unlimited trustline for a specified address, requiring the recipient's authorization via require_auth. (#1814)

• CAP-78 — Limited TTL extensions on contract data: Introduces new TTL extension methods that allow developers to set explicit maximum limits on TTL extensions for persistent and instance storage entries. (#1807)

• CAP-79 — Muxed address strkey conversion: Adds host functions for converting between Stellar strkey format strings and muxed address objects (strkey_to_muxed_address and muxed_address_to_strkey). MuxedAddress now uses these for from_string and to_strkey. (#1745)

• CAP-80 — Additional BN254 and BLS12-381 host functions: Adds new functions for BN254 MSM, BN254 modular arithmetic, and curve membership checks for BLS12-381 and BN254. (#1745)

• CAP-82 — Checked arithmetic for 256-bit integers: Adds checked_{add, sub, mul, pow, div, rem_euclid, shl, shr} functions for 256-bit integer types. These return Option instead of trapping on overflow, allowing contracts to handle arithmetic errors gracefully. Also adds min_value and max_value helpers and == operator support for 256-bit number types. (#1801, #1823)

Improvements

• Updated stellar-xdr and soroban-env-* crates — Updates stellar-xdr to 26.0.1 and the soroban-env-common, soroban-env-guest, and soroban-env-host crates to 26.1.3. Includes adjustments to testutils for the renamed invocation hook/event API and dependency updates that patch compiler errors introduced in a recent nightly. (#1830, #1841)

• Return errors instead of panicking in soroban-spec-rust — All code-generation functions in soroban-spec-rust (generate_struct, generate_union, generate_enum, generate_error_enum, generate_event, generate_function, and their _with_options variants) are now fallible and return a GenerateError. Previously, the generator would panic on Wasm contracts with invalid UTF-8 bytes or non-identifier strings in spec entry names. (#1810)

• Fix Result type generation for user-defined error enums named Error — When a contract defines its own error enum named Error and uses it in a Result<T, Error> return type, the generated client code now emits Result<T, Error> (referencing the user-defined enum) instead of Result<T, soroban_sdk::Error>. The on-the-wire spec format is unchanged, so already-deployed contracts benefit immediately the next time their Rust client is regenerated. (#1862)

• Normalize raw identifiers (r#) in contract macros — Names, generated Rust idents, and downstream comparison/sort keys now consistently use the unraw'd form of a user's Ident across the Soroban macros. Tokens that must refer back to user fields, variants, or functions still preserve the raw Ident so the generated code remains valid Rust. (#1837)

• Document version support policy — A new Support section in the repository README, crate README, and lib.rs describes which soroban-sdk versions receive security fixes, bug fixes, and new features. (#1855)

Feature: Experimental Spec Shaking V2

This release includes several improvements to the experimental_spec_shaking_v2 feature. It remains opt-in — users must enable the experimental_spec_shaking_v2 cargo feature to use it.

• Cleaner failure when the build environment variable is missing — When experimental_spec_shaking_v2 is enabled and SOROBAN_SDK_BUILD_SYSTEM_SUPPORTS_SPEC_SHAKING_V2 is not set (e.g. building with cargo build directly instead of stellar-cli), the WASM build now exits with status code 1 and a clear message that the feature requires the CLI, instead of panicking. (#1846)

• Retain panic-only error enums — A #[contracterror] enum used only via panic_with_error! or assert_with_error! (i.e. never appearing in a Result<_, E> return type) is now correctly retained in the contract spec. Previously, such enums were stripped from the WASM even though they are part of the contract's observable error interface. (#1852)

• Keep alive subtype markers for container types via reference — Spec markers for nested types in Vec<T>, Map<K, V>, and reference types are now preserved across the linker's DCE pass without invoking them at runtime. This fixes a stack overflow that could occur with recursive type definitions. Contracts may see a small size increase (~15 bytes per occurrence; ~100 bytes total in the SDK's test contracts). (#1835)

All Changes

... (truncated)

Commits

• e1bf74b Bump version to 26.0.0 (#1863)
• 026a1da Fix Result type generation for user-defined error enums named "Error" (#1862)
• 6b1e294 Update spec shaking v2 to keep alive subtype markers via reference (#1835)
• 568711d Document version support policy (#1855)
• c13612a Add Claude auto-review workflow for pull requests (#1853)
• 95914bb Retain panic-only error enums in spec shaking v2 (#1852)
• 4c4831e Use experimental_spec_shaking_v2 for integration tests and improve WASM bui...
• 894a54c Revert #1831 and #1812 (#1850)
• e5f8eff Return errors instead of panicking in soroban-spec-rust (#1810)
• 5e36de5 Normalize raw identifiers (r#) in contract macros (#1837)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)