2.9.0

New

• The data object in onSubmit callback now includes sdkData parameter. For Advanced flow, we recommend that you include this parameter in your /payments request.
• For the Expo plugin: added support for overrides on the extended MainActivity.

Changed

• Dependency versions:

  Name	New version
  iOS Drop-in/Components	5.22.1
  Android Drop-in/Components	5.16.0
  react-server-dom-webpack	19.0.3. This addresses the CVE-2025-55182 vulnerability.

Improved

• Source code cleanup: fixed code smells and reduced code duplication.
• Moved plugin inside src.
• For the Example App:
  • After an onError call, the session is now refreshed.
  • Credentials from an untracked secrets.json file are now used.

Fixed

• For iOS:
  • When the application leaves the foreground, the /session request is no longer recreated.
  • When an invalid client key is provided, the error is now handled and provides a human-readable error message.
• For the Android Twint Component: instant payments no longer cause the app to crash.
• When a network error occurs during an internal session fetch, the app no longer crashes.
• For the Example App:
  • A bug related to session fetch errors no longer occurs.
  • A UI bug caused by rapid navigation after a card payment no longer occurs.