Skip to content

fix(deps): update dependency plaid to v41 #11307

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update dependency plaid to v41 #11307

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 7, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
plaid 31.1.041.1.0 age confidence

Release Notes

plaid/plaid-node (plaid)

v41.1.0

Compare Source

  • Updating to OAS 2020-09-14_1.680.8

OpenAPI Schema Changes

2020-09-14_1.680.8
  • Add cra_plaid_credit_score value to Products enum. Note that this value is deprecated and is added only to reflect current API behavior, as it is present in the supported products array returned by insititutions endpoints. cra_plaid_credit_score should not be used in any requests to /link/token/create and is planned to be removed from the API.
2020-09-14_1.680.7
  • Add environment field to ProtectUserEventWebhook
2020-09-14_1.680.6
  • Add 'investment_auth' as an available product in the request to /partner/customer/create
2020-09-14_1.680.6
  • Add 201 response to /user/create
2020-09-14_1.680.5
  • Add /user/items/remove endpoint
2020-09-14_1.680.4
  • (hidden) Add /user/identity/remove endpoint to allow customers to explicitly purge identity data
2020-09-14_1.680.3
  • Mark is_investments_fallback_item as an optional rather than required parameter in the response schema for /processor/investments/holdings/get endpoint (not yet currently used in Production by any customers), to achieve consistency with /investments/holdings/get.
2020-09-14_1.680.2
  • Add /user_account/session/event/send endpoint for Layer customer event tracking
2020-09-14_1.680.1
  • Update /verification/pdf/get endpoint request attribute from report_type to report_requested.

v41.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.680.0

Breaking changes in this version

  • [BREAKING] Make Personal Financial Category version fields enums.
  • [Breaking] Remove /user/items/list endpoint (not used by or exposed to any customers)

OpenAPI Schema Changes

2020-09-14_1.680.0
  • Add Facial Duplicate data to IDV APIs.
2020-09-14_1.679.1
  • Fix description and summary field for /user/get
2020-09-14_1.679.0
  • Fix invalid OpenAPI syntax in IdentityVerificationListRequest schema object
  • Extensive documentation changes (including field re-ordering) to support new user_id and new user APIs
2020-09-14_1.678.3
  • [Breaking] Remove /user/items/list endpoint (not used by or exposed to any customers)
2020-09-14_1.678.2
  • Add required_account_subtypes and provided_account_subtypes to Error response object for NO_ACCOUNTS errors (currently only populated when investments_auth present in enabled_products)
2020-09-14_1.678.1
  • Internal changes only
2020-09-14_1.678.0
  • Add request_guarantee to /transfer/authorization/create
  • Mark with_guarantee deprecated in /transfer/authorization/create
2020-09-14_1.677.3
  • Add user_id to /link/token/get response.
  • Remove beta from NewUserID description.
2020-09-14_1.677.2
  • Add user_id to /sandbox/public_token/create request object
2020-09-14_1.677.1
  • [BREAKING for Go] Add user_id to /user/items/get request object and make user_token optional.
2020-09-14_1.677.0
  • [BREAKING for Go] (beta) Add user_id to /sandbox/user/reset_login request object and make user_token optional.
2020-09-14_1.676.0
  • [BREAKING] Make Personal Financial Category version fields enums.

v40.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.675.0

Breaking changes in this version

  • [Breaking for Go] make user_token not required for sandbox/cra/cashflow_updates/update

  • [Breaking] make user_token not required for cra/monitoring_insights/get, cra/check_report/create and cra/monitoring_insights/subscribe

OpenAPI Schema Changes

2020-09-14_1.675.0
  • [Breaking for Go] make user_token not required for sandbox/cra/cashflow_updates/update
2020-09-14_1.674.1
  • (beta) Add /user/products/terminate endpoint
2020-09-14_1.674.0
  • [Breaking] make user_token not required for cra/monitoring_insights/get, cra/check_report/create and cra/monitoring_insights/subscribe
2020-09-14_1.673.4
  • (beta) Remove unused IDENTITY_ERROR error type
2020-09-14_1.673.3
  • Fix validation errors in OpenAPI spec
2020-09-14_1.673.2
  • Add network_insights to cra_options
2020-09-14_1.673.1
  • Add income_provider field to bank_income_sources objects returned by /cra/check_report/income_insights/get
2020-09-14_1.673.0
  • Add status field to /cra/check_report/income_insights/get's bank_income_source object
2020-09-14_1.672.5
  • Add CRA User webhooks
2020-09-14_1.672.5
  • (beta) Remove references to the PLAID-NEW-USER-API-ENABLED header in favor of the with_upgraded_user request field
2020-09-14_1.672.4
  • Make latest_scored_protect_event visible on /identity_verification/get, /identity_verification/create and /identity_verification/retry response
  • Make user_id visible on /link/token/create response
2020-09-14_1.672.3
  • (beta) removed IdentityCreationResult from /user/create and /user/update
2020-09-14_1.672.2
  • (beta) Add new error type USER_ERROR
  • (beta) Add new error type IDENTITY_ERROR
2020-09-14_1.672.1
  • Make IncomeProvider nullable in /cra/check_report/income_insights/get
2020-09-14_1.672.0
  • Add sub-fields to new Account Insights (Europe only) object: minimum_balance, transfers_in, total_income, and income_excluding_transfers.
  • Fix category_details missing a type definition (type: array) within the LoanDisbursementsIndicators object.
  • Add document issue_date to Identity Verification endpoints
2020-09-14_1.671.6
  • Add CFU V2 webhook object
2020-09-14_1.671.5
2020-09-14_1.671.4
2020-09-14_1.671.4
  • (beta) Rename require_upgraded_user boolean field in /user/create to with_upgraded_user
2020-09-14_1.671.3
  • Add IncomeProvider to /cra/check_report/income_insights/get
2020-09-14_1.671.2
  • (beta) Add require_upgraded_user boolean field to the /user/create request
2020-09-14_1.671.1
  • Remove PlaidError schema from irrelevant endpoints
2020-09-14_1.671.0
  • Add missing PlaidError schema to all endpoints

v39.1.0

Compare Source

  • Updating to OAS 2020-09-14_1.670.0

OpenAPI Schema Changes

2020-09-14_1.670.0
  • Add support for investments to /cra/check_report/verification/get
2020-09-14_1.669.0
  • Add AccountInsights to /asset_report/get
2020-09-14_1.668.3
  • Update identity_creation_result to be null for V0 /user/create routes
2020-09-14_1.668.2
  • (beta) use user_id in /user/third_party_token/create
2020-09-14_1.668.1
  • Add options for network_insights in link/token/create, cra/check_report/create, and cra/check_report/network_insights/get
2020-09-14_1.668.0
  • Add support for Cashflow Insights and LendScore, including adding cra_cashflow_insights and cra_lend_score to Products array and creating new PlaidLendScoreVersion schema object.
  • Documentation-only changes to support a single, shared Signal Rules-based integration path for Balance and Signal Transaction Scores using /signal/evaluate.
  • Documentation-only changes to support Transfer for Platforms.
2020-09-14_1.667.6
  • (beta) new /protect/report/create endpoint
2020-09-14_1.667.5
  • Publish /transfer/platform/originator/create to docs
  • Publish /transfer/platform/person/create to docs
  • Publish /transfer/platform/requirement/submit to docs
2020-09-14_1.667.4
  • Fixed a broken documentation link
2020-09-14_1.667.3
  • Add cra_partner_insights as possible add_ons for cra/check_report/pdf/get
2020-09-14_1.667.2
  • (beta) updated street_1, city, region, and postal_code to no longer be required
2020-09-14_1.667.1
  • (beta) Allow ClientUserIdentityName to be nullable

v39.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.667.0

Breaking changes in this version

  • (breaking) Remove cra/check_report/plaid_credit_score/get
  • [BREAKING] Add item_id to /cra/monitoring_insights/subscribe request

OpenAPI Schema Changes

2020-09-14_1.667.0
  • Add errors field to institutions objects in /partner/customer/oauth_institutions/get response
2020-09-14_1.666.10
  • Add cra_update_results field to results objects in /link/token/get response
2020-09-14_1.666.9
  • Updated count field from TransferEventSyncRequest to maximum of 500 and default of 100
2020-09-14_1.666.8
  • Removed unused id_numbers field from UserCreateRequest (field was never processed by application logic)
  • (beta) updated ClientUserIdentity.id_numbers to use UserIDNumber from cognito.yml instead of the custom ClientUserIdentityIdNumber schema
2020-09-14_1.666.7
  • (beta) remove ClientUserIdentityAddressType from ClientUserIdentityAddress
2020-09-14_1.666.6
  • (beta) added primary boolean to ClientUserIdentityEmail, ClientUserIdentityPhoneNumber, and ClientUserIdentityAddress
2020-09-14_1.666.5
  • (beta) added SSN to ClientUserIdNumberType
2020-09-14_1.666.4
  • (beta) updated 'IdentityCreationResultType' enums to be capital
  • (beta) update SSN_LAST_4 to SSN_LAST_FOUR
2020-09-14_1.666.3
  • Updated /user/get client_user_id field properties to be nullable
  • Removed /user/get updated_at field nullable property
2020-09-14_1.666.2
  • (beta) Add cra_lend_score support to link/token/create, cra/check_report/create, and cra/check_report/lend_score/get
  • (breaking) Remove cra/check_report/plaid_credit_score/get
2020-09-14_1.666.1
  • (beta) updated ErrorType on IdentityCreationResult to be optional
2020-09-14_1.666.0
  • (beta) Add /user/get endpoint to retrieve user identity and information.
2020-09-14_1.665.6
  • (beta) Add new version of /user/update
2020-09-14_1.665.5
  • Mark expected_settlement_date deprecated in transfer
2020-09-14_1.665.4
  • (beta) updated UserCreateRequest to include identity
  • (beta) updated UserCreateResponse to include identity_creation_result
  • (beta) renamed UserIdentity to ClientUserIdentity
2020-09-14_1.665.3
  • (beta) created IdentityCreationResult shared object
2020-09-14_1.665.2
  • (beta) created UserIdentity shared object
2020-09-14_1.665.1
  • Hide cashflow_insights references
2020-09-14_1.665.0
  • [BREAKING] Add item_id to /cra/monitoring_insights/subscribe request
2020-09-14_1.664.1
  • Deprecate baseline values in /cra/monitoring_insights/get response

v38.1.0

Compare Source

  • Updating to OAS 2020-09-14_1.664.0

OpenAPI Schema Changes

2020-09-14_1.664.0
  • Add investments_auth to enum values for the additional_consented_products array in the /link/token/create request schema.
2020-09-14_1.663.3
  • (beta) Add cra_plaid_credit_score support to link/token/create
  • (beta) Add cra_plaid_credit_score support to cra/check_report/create
  • (beta) Add cra/check_report/plaid_credit_score/get endpoint
2020-09-14_1.663.2
  • Add user_id to cra/* endpoints
2020-09-14_1.663.1
  • Add overdraft account type to the LoanAccountSubtype object, where it was erroneously missing
  • Correct missing and incorrect enum values for ItemConsentedDataScope object
2020-09-14_1.663.0
  • (beta) Add /user/items/associate endpoint
2020-09-14_1.662.1
  • Internal changes only
2020-09-14_1.662.0
  • Add balance_to_transaction_amount_ratio to /signal/evaluate
2020-09-14_1.661.0
  • Add personal_finance_category_version to /transactions/get, /transactions/sync and /transactions/enrich request options as well as version field in response.
2020-09-14_1.660.0
  • Add gse_options to base_report options in /link/token/create and cra/check_report/create
2020-09-14_1.659.0
  • Deprecate the sedol field in the Investments Security object.
  • Deprecate the sedol field in the Investments SecurityOverride object.

v38.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.658.0

Breaking changes in this version

  • [BREAKING] To improve consistency and resolve a bug in a third-party client library, changed MonitoringConsumerReportPermissiblePurpose schema object title from ConsumerReportPermissiblePurpose to MonitoringConsumerReportPermissiblePurpose. This may be a breaking change for certain client libraries.

OpenAPI Schema Changes

2020-09-14_1.658.0
  • (beta) Add user_id field to /session/token/create request.
  • [BREAKING for Go] (beta) Make user object optional in /session/token/create if user_id is included.
2020-09-14_1.657.0

Add Add subtype property to the Security model.

2020-09-14_1.656.1
  • Renamed protect_sdk_session_id field in the request of /protect/event/send to protect_session_id for consistency across endpoints.
2020-09-14_1.656.0
  • Added aamva_verification object in the responses of documentary_verification.documents[].analysis. This impacts the following endpoints:
    • identity_verification/create
    • identity_verification/get
    • identity_verification/list
    • identity_verification/retry
2020-09-14_1.655.0
  • Add max_amount and iso_currency_code to rfp in /transfer/capabilitied/get response
2020-09-14_1.654.0
  • [BREAKING] To improve consistency and resolve a bug in a third-party client library, changed MonitoringConsumerReportPermissiblePurpose schema object title from ConsumerReportPermissiblePurpose to MonitoringConsumerReportPermissiblePurpose. This may be a breaking change for certain client libraries.
2020-09-14_1.653.0
  • (beta) Add optional user_id field to identity_verification/create and identity_verification/list requests. When user_id is present during creation and client_user_id is not, the client_user_id from the associated user will be set on the created identity verification. If user_id is present during creation, the user object may not also be present. Modifying user data should be done via the user/update endpoint.
  • [BREAKING for Go] (beta) Make client_user_id optional in identity_verification/list if user_id is included.
  • (beta) Add nullable user_id to the response of all of the identity verification endpoints:
    • identity_verification/create
    • identity_verification/get
    • identity_verification/list
    • identity_verification/retry
2020-09-14_1.652.3
  • Added support for cra_monitoring to Products array.
2020-09-14_1.652.2
  • (beta) Add /user/items/list endpoint
2020-09-14_1.652.1
  • Add /transfer/ledger/event/list endpoint

v37.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.652.0

Breaking changes in this version

  • [Breaking] Replacing voe references to instead be employment_refresh in /cra/check_report/verification/get and /cra/check_report/create
    • /cra/check_report/verification/get's reports_requested options are now VOA and employment_refresh
    • voe_options in the request is now employment_refresh_options
    • /cra/check_report/verification/get's response now has report.employment_refresh instead of report.voe
    • gse_options.report_type in /cra/check_report/create are now VOA and employment_refresh

OpenAPI Schema Changes

2020-09-14_1.652.0
  • Add optional cursor and count fields to the /payment_initiation/recipient/list request and next_cursor to its response
2020-09-14_1.651.2
  • (beta) Add user_id field to link/token/create request
  • [BREAKING for Go] (beta) Make user object optional in link/token/create if user_id is included
2020-09-14_1.651.1
  • Add error field to WALLET_TRANSACTION_STATUS_UPDATE webhook and to responses of /wallet/transaction/get and /wallet/transaction/list, containing error details for failed transactions.
2020-09-14_1.651.0
  • Rename all /verify/client/* routes to /protect/client/* and update request/response body and field names accordingly.
2020-09-14_1.650.1
  • Update description for days_required
2020-09-14_1.650.0
  • Add account_numbers to Counterparty in /transaction/get and /transaction/sync
2020-09-14_1.649.2
  • Add InsitutionID and InstitutionName to /cra/monitoring_insights/get response
2020-09-14_1.649.1
  • Update max value for cra_options.days_requested in link/token/create to 731 (2 years + 1 days for leap year)
  • Reduce max value for cra_options.days_required in link/token/create to 184 (most number of days in a 6 month period) from 730
  • Set max value for days_required in cra/check_report/create to 184 (most number of days in a 6 month period)
2020-09-14_1.649.0
  • Add wire_return_fee to Transfer and Transfer Event objects
2020-09-14_1.648.2
  • Docs-only change to add additional subtypes to the accounts schema
2020-09-14_1.648.1
  • Add last_successful_update_time to /cashflow_report/get
2020-09-14_1.648.0
  • Add require_identity to cra_options.base_report in link/token/create and /cra/check_report/create requests
2020-09-14_1.647.1
  • Update /transfer/ledger/distribute summary
2020-09-14_1.647.0
  • Add webhook_codes field to /sandbox/cashflow_updates/update request
2020-09-14_1.646.0
  • [Breaking] Replacing voe references to instead be employment_refresh in /cra/check_report/verification/get and /cra/check_report/create
    • /cra/check_report/verification/get's reports_requested options are now VOA and employment_refresh
    • voe_options in the request is now employment_refresh_options
    • /cra/check_report/verification/get's response now has report.employment_refresh instead of report.voe
    • gse_options.report_type in /cra/check_report/create are now VOA and employment_refresh
2020-09-14_1.645.1
  • Update description of /transfer/ledger/distribute

v36.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.645.0

OpenAPI Schema Changes

2020-09-14_1.645.0
  • Removes the payment_details field from /accounts/balance/get request
  • Removes the payment_risk_assessment from /accounts/balance/get response
2020-09-14_1.644.1
  • Fixed incorrect event type in example for ProtectUserEventWebhook.
2020-09-14_1.644.0
  • [Breaking] For Signal, remove enum values REAL_TIME_PAYMENTS and DEBIT_CARD as these payment methods are not supported by the Signal product.
  • [Breaking] Rename client library /cra/check_report/create's partner_insights object to type CraCheckReportCreatePartnerInsightsOptions instead of CraCheckReportPartnerInsightsGetOptions. All the object fields are identical.
  • [Breaking] Rename client library /cra/check_report/partner_insights/get's option.prism_versions object to type PrismVersionsDeprecated instead of PrismVersions. All the object fields' are identical.
2020-09-14_1.642.2
  • Added ProtectUserEventWebhook.
2020-09-14_1.642.1
  • Deprecated /link/token/create's base_report. Revert erroneous deprecation of cra_options.base_report.
2020-09-14_1.642.0
  • Add error field to responses of /payment_initiation/payment/get and /payment_initiation/consent/payment/execute containing error details when the payment fails.

v35.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.641.1

Breaking changes in this version

  • [Breaking] Add /cashflow_report/transactions/get route, identital to /cashflow_report/get minus days_requested request parameter

OpenAPI Schema Changes

2020-09-14_1.641.1
  • Fix descriptions for BaseReportAccountMetadata
2020-09-14_1.641.0
  • Deprecated /link/token/create's cra_options.base_report object in favor of cra_options.client_report_id
2020-09-14_1.640.0
  • [Breaking] Add /cashflow_report/transactions/get route, identital to /cashflow_report/get minus days_requested request parameter
  • Remove historical_balances from BusinessAccounts object
2020-09-14_1.639.0
  • Add webhook field to /session/token/create request
2020-09-14_1.638.6
  • Deprecate Prism Products field from Partner Insights generation and retrieval
2020-09-14_1.638.5
  • Add client report id to partner insights
2020-09-14_1.638.4
  • Remove unused enums for MonitoringInsightsStatus and MonitoringItemStatusCode
2020-09-14_1.638.3
  • Add Prism Detect and Extend cashscores to CRA Partner Insights
2020-09-14_1.638.2
  • (beta) expect a boolean instead of a string in generated client interfaces for PLAID-NEW-USER-API-ENABLED
2020-09-14_1.638.1
  • Support for upcoming results in link/token/get.
2020-09-14_1.638.0
  • (pre-release) Preparation for upcoming products.
2020-09-14_1.637.6
  • Deprecate report.items.accounts.account_insights for /cra/check_report/base_report/get

v34.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.637.5

Breaking changes in this version

  • [BREAKING] (beta) Updated user_token field in UserCreateResponse to be optional.

OpenAPI Schema Changes

2020-09-14_1.637.5
  • Fix incorrect placement of nullable: true on AccountBaseNullable object, making the object actually nullable.
2020-09-14_1.637.4
  • Add missing unsent value as a possible verification_status to reflect actual API behavior.
2020-09-14_1.637.3
  • (beta) Add PLAID-NEW-USER-API-ENABLED as a header parameter to /user/create. This header is only for the use of customers in the new user API beta; customers should not use this parameter unless they have been advised to do so by Plaid.
  • (beta) Add PLAID-NEW-USER-API-ENABLED as a header parameter to /user/remove. This header is only for the use of customers in the new user API beta; customers should not use this parameter unless they have been advised to do so by Plaid.
2020-09-14_1.637.2
  • (beta) Add user_id to /session/token/create response
2020-09-14_1.637.1
  • Add optional institution_id to /item/import
2020-09-14_1.637.0
  • Add android_package_name to /session/token/create
2020-09-14_1.636.0
  • Update average_inflow_amount to be positive.
2020-09-14_1.635.4
  • [BREAKING] (beta) Updated user_token field in UserCreateResponse to be optional.
  • [BREAKING for Go] (beta) Updated user_token field in UserRemoveRequest to be optional.
  • Other hidden changes.
2020-09-14_1.635.3
  • (beta) Add user_id to /link/token/create response

v33.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.635.2

Breaking changes in this version

  • [BREAKING] Move result from triggered_rule_details to ruleset in response of /signal/evaluate
  • [BREAKING] client_user_id is now required for /session/token/create

OpenAPI Schema Changes

2020-09-14_1.635.2
  • Update description of ruleset.outcome in /signal/evaluate response
2020-09-14_1.635.1
  • Fix description undeprecating report.items.accounts.attributes after it was mistakenly deprecated for /cra/check_report/base_report/get
2020-09-14_1.635.0
  • Add expected_funds_available_date to transfer and sweep objects in responses for /transfer/create, /transfer/get, /transfer/list, /transfer/sweep/get, /transfer/sweep/list
2020-09-14_1.634.3
  • Undeprecated report.items.accounts.attributes after it was mistakenly deprecated for /cra/check_report/base_report/get
2020-09-14_1.634.2
  • Removed deposit_switch from the products field in the /link/token/create request
2020-09-14_1.634.1
  • [BREAKING] Move result from triggered_rule_details to ruleset in response of /signal/evaluate
2020-09-14_1.634.0
  • [BREAKING] client_user_id is now required for /session/token/create

v32.0.0

Compare Source

  • Updating to OAS 2020-09-14_1.633.1

Breaking changes in this version

  • [BREAKING] Update account object to nullable in /processor/transactions/sync response
  • [BREAKING] Update webhook field in IssuesSubscribeRequest to be required
  • [BREAKING] Correct the schema object returned by AssetReport investments field -- it is now correctly represented as an AssetReportInvestments object, not an AssetReportInvestmentsTransaction object, to accurately reflect the API behavior.
  • [BREAKING] Date of birth is now required within consumer report user identity for user/create and user/update
  • [BREAKING] Update posted_date field on /statements/list response to be nullable
  • [BREAKING] Updated the investments schema returned by /asset_report/get (AssetReportInvestments) to accurately reflect the actual API behavior, including renaming the schema object
  • [BREAKING] Changed score in PlaidCheckScore from a float to an integer

OpenAPI Schema Changes

2020-09-14_1.633.1
  • [BREAKING] Update account object to nullable in /processor/transactions/sync response
2020-09-14_1.633.0
  • Move user_id field of /session/token/create request to be within user
2020-09-14_1.632.6
  • Update descriptions for CashFlowUpdatesLowBalanceWebhook and CashFlowUpdatesLargeDepositWebhook
2020-09-14_1.632.5
  • Add new CashFlowUpdatesInsightsWebhook for Cash Flow Updates
2020-09-14_1.632.4
  • Add triggered_rule_details to /signal/evaluate response
2020-09-14_1.632.3
  • [BREAKING] Update webhook field in IssuesSubscribeRequest to be required
2020-09-14_1.632.2
  • Update the warnings field in /cra/check_report/verification/get response to be required
2020-09-14_1.632.1
  • Add AT and FI to the list of available countries
2020-09-14_1.632.0
  • Add user_id field to /session/token/create request
2020-09-14_1.631.0
  • [BREAKING] Correct the schema object returned by AssetReport investments field -- it is now correctly represented as an AssetReportInvestments object, not an AssetReportInvestmentsTransaction object, to accurately reflect the API behavior.
2020-09-14_1.630.0
  • Add optional income_categories param to /cra/monitoring_insights/subscribe request
2020-09-14_1.629.0
  • [Breaking] Date of birth is now required within consumer report user identity for user/create and user/update
2020-09-14_1.628.4
  • Renamed CRA Cash Flow Updates webhook types
2020-09-14_1.628.3
  • Adde warnings to responses for cra/check_report/income_insights/get, cra/check_report/network_insights/get, cra/check_report/cashflow_insights/get, and cra/check_report/partner_insights/get
2020-09-14_1.628.2
  • Update description for the options.add_ons field in asset_reports/create
2020-09-14_1.628.1
  • Add client_report_id field to cra/check_report/create request and deprecate base_report.client_report_id field in cra/check_report/create.
  • Add client_report_id field to LinkTokenCreateRequestCraOptions field
  • Deprecate client_report_id field in LinkTokenCreateRequestBaseReport
  • Add client_report_id field to CraIncomeInsights
2020-09-14_1.628.0
  • Add redirect_uri field to /session/token/create request
2020-09-14_1.627.1
  • Update description of transfer_id field on TransferEvent schema to be empty string for Plaid Ledger Sweep events
2020-09-14_1.627.0
  • [BREAKING] Update posted_date field on /statements/list response to be nullable
2020-09-14_1.626.0
  • Add reason_code field to /transfer/cancel request
2020-09-14_1.625.2
  • Add USER_PERMISSION_REVOKED and USER_ACCOUNT_REVOKED webhook codes to WebhookCodeEnum in SandboxItemFireWebhookRequest to reflect actual API behavior.
2020-09-14_1.625.1
  • Add new verification_name field to Account
2020-09-14_1.625.0
  • Add new posted_date field to /statements/list response
2020-09-14_1.624.0
  • (pre-release) Add human_review object to the analysis object within each documentary_verification.documents object. This change affects the response of all of the identity verification endpoints:
    • identity_verification/create
    • identity_verification/get
    • identity_verification/list
    • identity_verification/retry
2020-09-14_1.623.0
2020-09-14_1.622.0
  • [BREAKING] Updated the investments schema returned by /asset_report/get (AssetReportInvestments) to accurately reflect the actual API behavior, including renaming the schema object
  • Updated the Auth descriptions to reflect the fact that the preferred method to enable database and micro-deposit-based Auth verification flows is now the Dashboard, and that Database Insights has been deprecated and replaced by the similar product Database Auth.
2020-09-14_1.621.0
  • [BREAKING] Changed score in PlaidCheckScore from a float to an integer

Configuration

📅 Schedule: Branch creation - "every weekday after 2:00 am before 6:00 am,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot assigned Betree Jan 7, 2026
@znarf
Copy link
Member

znarf commented Jan 7, 2026

Looks like we should review client_id usage.

  • High: client_id is still sent in the request body for Plaid calls, which conflicts with Plaid v41’s credential handling and can cause request rejection when the server enforces the new schema. This
    affects both refresh and sync calls at server/lib/plaid/sync.ts:21 and server/lib/plaid/sync.ts:96.

Why this is a real issue

  • The Plaid client is already configured with PLAID-CLIENT-ID/PLAID-SECRET headers in server/lib/plaid/client.ts, so client_id in the body is redundant. With v41, Plaid’s OpenAPI schema removes client_id
    from request bodies; if the API enforces this, these calls will fail with validation errors and block transaction syncs.

Proposed fix

  • Remove client_id from both request payloads in server/lib/plaid/sync.ts. Keep access_token (required) and the other fields.

@renovate renovate bot force-pushed the renovate/plaid-41.x branch from 84ed951 to 225ef3e Compare January 8, 2026 18:46
sentry[bot]
sentry bot reviewed Jan 8, 2026
View reviewed changes
package.json Outdated
"pg-format": "1.0.4",
"pg-listen": "1.7.0",
"plaid": "31.1.0",
"plaid": "41.0.0",

This comment was marked as outdated.

Sign in to view

@renovate renovate bot force-pushed the renovate/plaid-41.x branch 2 times, most recently from bff56f1 to 6028bdf Compare January 23, 2026 18:02
@renovate renovate bot force-pushed the renovate/plaid-41.x branch from 6028bdf to 8157875 Compare January 27, 2026 05:05
@renovate renovate bot force-pushed the renovate/plaid-41.x branch from 8157875 to 1ebe20d Compare January 27, 2026 07:16
sentry[bot]
sentry bot reviewed Jan 27, 2026
View reviewed changes
package.json
@@ -118,7 +118,7 @@
"pg-connection-string": "2.9.1",
Copy link

@sentry sentry bot Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The Plaid API can return null for mask and official_name, but the Zod schema expects non-null strings, causing a silent failure when updating accounts.
Severity: MEDIUM

Suggested Fix

In server/lib/plaid/connect.ts, handle potential null values from the Plaid API for account.mask and account.official_name. Coalesce null to an empty string (e.g., account.mask ?? '') before calling transactionsImport.update() to ensure the data conforms to the Zod schema's non-null string requirement.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: package.json#L118

Potential issue: The Plaid API can return `null` for `account.mask` and
`account.official_name`. The code in `server/lib/plaid/connect.ts` unconditionally uses
these values when updating a `transactionsImport`. However, the Zod schema in
`server/models/TransactionsImport.ts` defines `mask` and `officialName` as required,
non-null strings. When `transactionsImport.update()` is called with `null` values, the
validation fails. This error is caught and reported to Sentry, but it silently prevents
the list of available accounts from being updated, meaning users will not see their
accounts after a refresh.

Did we get this right? 👍 / 👎 to inform future reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@Betree Betree

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@znarf @Betree