Changelog

January 29, 2026

3.34.6

(fix): Fix wire test generation importing types from the wrong package when multiple services have endpoints with the same HTTP method and path. The generator now uses endpoint IDs to resolve the correct endpoint instead of relying solely on method and path matching.

January 26, 2026

3.34.5

(fix): Fix streaming endpoints incorrectly setting Accept: application/json header. Streaming endpoints (SSE, NDJSON, etc.) now omit the Accept header entirely, allowing the server to negotiate the appropriate streaming format.

3.34.4

(fix): Fix Java SDK compilation error when a path parameter is named key. The lambda variable in requestOptions.getQueryParameters().forEach((key, value) -> {...}) was shadowing the path parameter, causing a “variable key is already defined” compilation error. Lambda variables are now prefixed with underscore to avoid conflicts.

January 23, 2026

3.34.3

(fix): Fix Java SDK generation failure when an environment name is a Java reserved keyword (e.g., “default”) for multi-environment APIs.

3.34.2

(fix): Change wire tests to use resource files for JSON strings above a certain length to prevent undue stress to :spotlessJava and cut down on code duplication.

January 22, 2026

3.34.1

(fix): Fix output-directory config option to also apply to test files. When using source-root mode, test files are now written directly to the output path instead of always using src/test/java/.

January 21, 2026

3.34.0

(feat): Add output-directory config option to control where Java files are written during local generation.

project-root (default): Files written to <path>/src/main/java/ (current behavior)
source-root: Files written directly to <path>/ (pre-v3.8.2 behavior for embedding SDKs into existing projects)

This allows customers embedding SDKs into existing projects to avoid double src/main/java paths.

3.33.2

(chore): Re-publish to verify Docker Hub and generator registry sync.

3.33.1

(fix): Fix compilation error in generated InputStream overloads for file upload endpoints. The requestOptions.getQueryParameters() code block is now only emitted in methods that have RequestOptions as a parameter.

January 20, 2026

3.33.0

(feat): Generate body-only method overloads for endpoints with required body and optional headers/query params. This prevents breaking changes when optional headers or query params are added to existing endpoints.

3.32.1

(fix): Update container to fix CVE-2026-23745 (node-tar path traversal via hardlinks/symlinks) and CVE-2025-66293 (libpng out-of-bounds read). Patches npm’s bundled tar to 7.5.3 and updates libpng16-16 to the latest available version.

January 15, 2026

3.32.0

(feat): Add endpoint-level security support with routing auth providers. APIs can now define different authentication requirements per endpoint using the ENDPOINT_SECURITY auth mode. The SDK generates individual auth providers (Bearer, Basic, ApiKey, OAuth, InferredAuth) and a RoutingAuthProvider that routes requests to the appropriate provider based on each endpoint’s security requirements. Supports OR (any of) and AND (all of) auth requirement combinations.

To enable, add auth: endpoint-security: {} to your api.yml and define per-endpoint auth in your service definitions using the auth field on each endpoint.

3.31.0

(feat): Add additionalQueryParameters support to RequestOptions, allowing users to add query parameters to API requests at runtime. Query parameters added via RequestOptions override any request-defined parameters with the same key. This mirrors the existing addHeader pattern.

Usage example:

1 client.endpoint(
2     Request.builder().build(),
3     RequestOptions.builder()
4         .addQueryParameter("key", "value")
5         .build()
6 );

3.30.0

(feat): Add enable-gradle-profiling configuration option for profiling Gradle commands during generation.

3.29.2

(fix): Add notify, notifyAll, and wait to reserved method names to prevent generated SDK methods from conflicting with final methods in Java’s Object class. This fixes compilation errors when an API has a subpackage named “notify” (e.g., Twilio’s Notify API).

3.29.1

(fix): Fix _Builder class to support all builder methods (url, timeout, environment, maxRetries, httpClient, addHeader) so method chaining works in any order. This allows customers upgrading from 3.18.x who wrote builder().url().token() to continue working without compile errors. Configuration values set on _Builder are now properly passed through to _TokenAuth and _CredentialsAuth when token() or credentials() is called.

January 14, 2026

3.29.0

(feat): Add backward-compatible builder() method for OAuth client credentials authentication. This restores support for the classic builder pattern Client.builder().token("...") and Client.builder().credentials("...", "...") alongside the existing withToken() and withCredentials() shortcuts. This prevents breaking changes for customers who upgraded.

January 13, 2026

3.28.2

(chore): Update Dockerfile to use the latest generator-cli with improve reference.md generation.

3.28.1

(fix): Update libtasn1-6 and gnupg packages in container to fix CVE-2021-46848, CVE-2025-13151, CVE-2025-68973.

January 12, 2026

3.28.0

(chore): Upgrade IR version to 63.