Various fixes, part 6

[quietbits]

Fixed issues from the doc.

• nativeToScVal string-to-u32/i32 — strict parsing: Replaced parseInt() with BigInt() for the string path. Rejects trailing junk ("123abc"), correctly parses hex/octal/binary prefixes (e.g., "0x10" → 16 instead of 0), and applies the same range validation as the number/bigint path.

• Memo.id() — reject non-plain-digit strings: Added a /^[0-9]+$/ regex guard to reject scientific notation ("1e18") and decimal strings ("1.0") that passed BigNumber validation but crashed in BigInt() during XDR serialization.

• TransactionBuilder.build() — fee overflow protection: Total fee (baseFee * operations, plus resourceFee for Soroban) is now checked against the uint32 maximum before XDR construction. Previously, overflow produced an invalid XDR value caught only at serialization with a confusing error.

• TransactionBuilder.cloneFrom() — zero-operation guard: Rejects transactions with no operations upfront, instead of silently producing a builder with baseFee set to Infinity (from division by zero).

• toXDRPrice — early validation for invalid prices: Zero, negative, NaN, and Infinity values are now rejected with "price must be positive" before reaching best_r(), instead of producing confusing downstream errors.

• Keypair.signPayloadDecorated — clarity refactor: Changed 4 - dataBuffer.length to 4 - hint.length in the padding calculation. No behavior change — the values are always equal in context — but makes the intent ("pad hint to 4 bytes") self-evident.

[github-actions]

Size Change: +4.18 kB (+0.24%)

Total Size: 1.77 MB

📦 View Changed

Filename	Size	Change
dist/stellar-base.cjs.js	700 kB	+1.55 kB (+0.22%)
dist/stellar-base.js	720 kB	+1.59 kB (+0.22%)
dist/stellar-base.min.js	347 kB	+1.05 kB (+0.3%)

_{compressed-size-action}

[Copilot]

Pull request overview

This PR continues the “various fixes” series by tightening input validation and error handling around numeric parsing/encoding and transaction fee computation, with accompanying unit tests and changelog updates.

Changes:

• Add stricter numeric validation paths (e.g., toXDRPrice, nativeToScVal string→u32/i32, Memo.id string format checks).
• Add transaction builder protections (fee overflow checks; cloneFrom guard for zero-operation transactions).
• Add range validation for XdrLargeInt.toI128() / toI256() to prevent silent signed overflow behavior.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
test/unit/transaction_builder.test.ts	Updates/extends tests for fee overflow handling and cloneFrom zero-op guard.
test/unit/scval.test.ts	Adds tests for stricter string parsing behavior in nativeToScVal for u32/i32.
test/unit/operation.test.ts	Adds tests asserting earlier/clearer toXDRPrice validation errors.
test/unit/numbers/xdr_large_int.test.ts	Adds tests for signed-range rejection in toI128()/toI256().
test/unit/memo.test.ts	Adds coverage for rejecting non-plain-digit Memo.id() strings; minor formatting cleanups.
src/util/operations.ts	Implements early numeric validation for toXDRPrice before calling best_r().
src/transaction_builder.ts	Adds uint32 fee overflow checks and cloneFrom() zero-op guard.
src/scval.ts	Replaces parseInt() with BigInt() for string→u32/i32 conversion with bounds checks.
src/numbers/xdr_large_int.ts	Adds signed-range checks for toI128() and toI256() using BigInt.asIntN.
src/memo.ts	Rejects Memo.id() non-digit-only strings early to avoid BigInt() serialization crashes.
src/keypair.ts	Clarifies payload hint padding calculation (hint.length vs dataBuffer.length).
CHANGELOG.md	Documents the behavioral changes introduced in this PR.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Ryang-21]

These checks are redundant since they are now done in js-xdr