Skip to content

chore(deps): bump pinocchio-token from 0.5.0 to 0.6.0#626

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/pinocchio-token-0.6.0
Open

chore(deps): bump pinocchio-token from 0.5.0 to 0.6.0#626
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/pinocchio-token-0.6.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps pinocchio-token from 0.5.0 to 0.6.0.

Release notes

Sourced from pinocchio-token's releases.

pinocchio-token@v0.6.0

New instructions

SIMD-0226 (p-token) introduces new instruction to the Token program. These are now supported.

WithdrawExcesssLamports

The WithdrawExcessLamports (instruction discriminator 38) allows recovering "bricked" SOL from mint (e.g., USDC mint as ~323 SOL in excess) and multisig accounts. The logic of this instruction is similar to the current SPL Token-2022 instruction: the mint authority must be a signer (for mint accounts) or the multisig (for multisig accounts) to authorize the withdraw. Additionally, for mint accounts that do not have a mint authority set, it is possible to authorize the withdraw using the mint account as the signing authority — the instruction will need to be signed using the mint private key. Note that economic consequences may occur depending on the quantity of "unbricked" SOL; the total amount of SOL that could be freed up in this manner has yet to be calculated.

The instruction definition can be found here.

UnwrapLamports

The UnwrapLamports (instruction discriminator 45) allows transferring out lamports from native SOL token accounts directly to any destination account. This eliminates the need for creating temporary native token accounts for the recipient. The instruction supports transferring a specific amount or the entire amount of the account.

The instruction definition can be found here.

Batch

The Batch (instruction discriminator 255) enables efficient CPI interaction with the Token program. This is a new instruction that can execute a variable number of Token instructions in a single invocation of the Token program. Therefore, the base CPI invoke units (currently 1000 CUs) are only consumed once, instead of for each CPI instruction — this significantly improves the CUs required to perform multiple Token instructions in a CPI context. Almost every DeFi protocol on Solana performs multiple CPIs to the Token program in one instruction. For example, an AMM performs two transfers during swap, or transfers tokens and mints others during an LP deposit. Programs can use the batch instruction for even more CU gains.

The instruction definition can be found here and an example of a batch invocation here.

Changes to existing instructions

SyncNative

The SyncNative (instruction discriminator 17) has been updated to accommodate changes to the rent-exempt requirement. When the minimum rent-exempt balance for an account changes, any excess will now be treated as part of the native amount. To support this change, the instruction now requires the Rent sysvar. It will either call the Rent::get() syscall (~100 CUs) or expect the Rent sysvar account to be provided as the second account in the instruction.

Note that this may cause problems for programs that already pass extra accounts to SyncNative. In that case, there are two options:

  1. The first extra account (second account) passed to SyncNative must be the Rent sysvar account. Any additional accounts can follow.
  2. Remove any extra accounts passed to SyncNative.

The instruction definition can be found here.

What's new

Commits
  • cc937fe Publish pinocchio-token v0.6.0
  • eb22a63 Publish pinocchio v0.11.0
  • 9691848 programs/token: Add batch header data length helper (#398)
  • 5dea221 programs/token-2022: Add missing discriminator to ScaledUiAmount extension ...
  • 8a499c0 programs/token-2022: Improve account validation (#400)
  • f200b4e programs/token: Rename account type (#401)
  • 760c371 sdk: Use correct MAX_SIZE (#393)
  • 879f43b sdk: Add alignment check to Clock::from_bytes (#394)
  • 3c24f09 programs/token-2022: Set mint as readonly in `WithdrawWithheldTokensFromAccou...
  • 3a758df programs/system: Add data len check in create account helper (#399)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pinocchio-token](https://github.com/anza-xyz/pinocchio) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/anza-xyz/pinocchio/releases)
- [Commits](https://github.com/anza-xyz/pinocchio/compare/pinocchio-token@v0.5.0...pinocchio-token@v0.6.0)

---
updated-dependencies:
- dependency-name: pinocchio-token
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants