• Fix parsing of long GraphQL queries from request body
• Disable follow mode for redirects on Bot Protect API responses to forward them to clients

• Add safe handling for nullable WebResourceRequest.requestHeaders in WebViewClient.shouldInterceptRequest to prevent crashes
• Fix missing requestId in manual integration when invoking onComplete(requestId) after challenge resolution

• Add support for account update events DataDomeAccountUpdateEvent
• Add support for password update events DataDomePasswordUpdateEvent
• Add optional session, user, and authentication to the login and registration events
• Add display_name, description, external_urls, picture_urls, payment_method_updated to the user model

Breaking changes

• Add handlers optional parameter to allow overriding fields in payloads sent to the Bot Protect API
• Exclude empty fields from payloads sent to the Bot Protect API

• Allow parsing of GraphQL queries when the Content-Type header contains additional directives like charset and is not strictly equal to application/json
• Disable follow mode for redirects on Bot Protect API responses to forward them to clients

• Fix CVE-2025-4802, CVE-2025-31484 and CVE-2025-32990

• Fix an iOS bug that prevents a request from being retried after a challenge resolution

• Fix an iOS bug that prevents a request from being retried after a challenge resolution

• Add support of activation and expiration dates for custom rules
• Update dependencies to fix vulnerabilities