From 02a43f5fa0d2496f2433a2356d2ff96964b2f696 Mon Sep 17 00:00:00 2001
From: Koushik SK <koushik.sk@ip-10-10-55-180.ap-south-1.compute.internal>
Date: Fri, 17 Apr 2026 08:38:28 +0530
Subject: [PATCH 1/3] fix: prevent PhoneNumberComplianceGetter.toMap() from
 leaking id as query param

Override toMap() to remove inherited id and secondaryId fields from the
query parameter map, so GET requests send only ?expand=... instead of
?id=<complianceId>&expand=...

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../PhoneNumberComplianceGetter.java                     | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/main/java/com/plivo/api/models/phonenumbercompliance/PhoneNumberComplianceGetter.java b/src/main/java/com/plivo/api/models/phonenumbercompliance/PhoneNumberComplianceGetter.java
index 5c3ec262..d2657137 100644
--- a/src/main/java/com/plivo/api/models/phonenumbercompliance/PhoneNumberComplianceGetter.java
+++ b/src/main/java/com/plivo/api/models/phonenumbercompliance/PhoneNumberComplianceGetter.java
@@ -1,6 +1,7 @@
 package com.plivo.api.models.phonenumbercompliance;
 
 import com.plivo.api.models.base.Getter;
+import java.util.Map;
 import retrofit2.Call;
 
 public class PhoneNumberComplianceGetter extends Getter<PhoneNumberComplianceGetResponse> {
@@ -20,6 +21,14 @@ public PhoneNumberComplianceGetter expand(String expand) {
         return this;
     }
 
+    @Override
+    protected Map<String, Object> toMap() {
+        Map<String, Object> map = super.toMap();
+        map.remove("id");
+        map.remove("secondaryId");
+        return map;
+    }
+
     @Override
     protected Call<PhoneNumberComplianceGetResponse> obtainCall() {
         return client().getApiService().phoneNumberComplianceGet(client().getAuthId(), id, toMap());

From b807f8ccda66b816c303e9bd999c0b823ee028c1 Mon Sep 17 00:00:00 2001
From: Koushik SK <koushik.sk@ip-10-10-55-180.ap-south-1.compute.internal>
Date: Fri, 17 Apr 2026 08:47:45 +0530
Subject: [PATCH 2/3] chore: bump version to 5.47.1

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 CHANGELOG.md | 5 +++++
 pom.xml      | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d1640abd..90f83bab 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Change Log
 
+## [5.47.1](https://github.com/plivo/plivo-java/tree/v5.47.1) (2026-04-17)
+**Bug Fix - PhoneNumber Compliance API**
+- Fixed RequirementLister to not extend Getter, preventing id query parameter leak
+- Fixed PhoneNumberComplianceGetter to exclude id from query parameters
+
 ## [5.47.0](https://github.com/plivo/plivo-java/tree/v5.47.0) (2026-04-08)
 **Feature - PhoneNumber Compliance API support**
 - Added `PhoneNumberComplianceRequirement` resource with `lister()` for discovering compliance requirements by country, number type, and user type
diff --git a/pom.xml b/pom.xml
index 787d4f56..e8a5f45a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.plivo</groupId>
   <artifactId>plivo-java</artifactId>
-  <version>5.47.0</version>
+  <version>5.47.1</version>
   <name>plivo-java</name>
   <description>A Java SDK to make voice calls &amp; send SMS using Plivo and to generate Plivo XML</description>
   <licenses>

From 23e441990a6de1f4750b085014fd876cb8c01efa Mon Sep 17 00:00:00 2001
From: Koushik SK <koushik.sk@ip-10-10-55-180.ap-south-1.compute.internal>
Date: Fri, 17 Apr 2026 10:36:57 +0530
Subject: [PATCH 3/3] fix: update version.txt, correct changelog, and add
 getter id-leak regression test

- Updated version.txt from 5.46.7 to 5.47.1 for correct User-Agent header
- Fixed CHANGELOG 5.47.1 entry to accurately describe only the toMap() override fix
- Added regression test verifying PhoneNumberComplianceGetter does not leak id in query params

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 CHANGELOG.md                                  |  3 +--
 src/main/resources/com/plivo/api/version.txt  |  2 +-
 .../plivo/api/PhoneNumberComplianceTest.java  | 26 +++++++++++++++++++
 3 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 90f83bab..a70b41ee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,8 +2,7 @@
 
 ## [5.47.1](https://github.com/plivo/plivo-java/tree/v5.47.1) (2026-04-17)
 **Bug Fix - PhoneNumber Compliance API**
-- Fixed RequirementLister to not extend Getter, preventing id query parameter leak
-- Fixed PhoneNumberComplianceGetter to exclude id from query parameters
+- Fixed PhoneNumberComplianceGetter to exclude `id` from query parameters via toMap() override
 
 ## [5.47.0](https://github.com/plivo/plivo-java/tree/v5.47.0) (2026-04-08)
 **Feature - PhoneNumber Compliance API support**
diff --git a/src/main/resources/com/plivo/api/version.txt b/src/main/resources/com/plivo/api/version.txt
index c31fb1e4..064c2982 100644
--- a/src/main/resources/com/plivo/api/version.txt
+++ b/src/main/resources/com/plivo/api/version.txt
@@ -1 +1 @@
-5.46.7
+5.47.1
diff --git a/src/test/java/com/plivo/api/PhoneNumberComplianceTest.java b/src/test/java/com/plivo/api/PhoneNumberComplianceTest.java
index 3c674afb..f79f9af9 100644
--- a/src/test/java/com/plivo/api/PhoneNumberComplianceTest.java
+++ b/src/test/java/com/plivo/api/PhoneNumberComplianceTest.java
@@ -3,6 +3,7 @@
 import static com.plivo.api.TestUtil.loadFixture;
 import static junit.framework.TestCase.assertEquals;
 import static junit.framework.TestCase.assertNotNull;
+import static junit.framework.TestCase.assertFalse;
 import static junit.framework.TestCase.assertNull;
 import static junit.framework.TestCase.assertTrue;
 
@@ -534,4 +535,29 @@ public void linkCreateVerifyRequestBodyShouldSucceed() throws Exception {
       recordedRequest.getPath()
     );
   }
+
+  // =========================================================================
+  // Test 21: Getter - toMap() should NOT contain id in query parameters
+  // =========================================================================
+  @Test
+  public void getterShouldNotLeakIdInQueryParams() throws Exception {
+    String complianceId = "comp-uuid-leak-test";
+    expectResponse("phoneNumberComplianceGetResponse.json", 200);
+
+    PhoneNumberCompliance.getter(complianceId)
+      .expand("end_user")
+      .get();
+
+    RecordedRequest recordedRequest = server.takeRequest();
+    assertEquals("GET", recordedRequest.getMethod());
+    String path = recordedRequest.getPath();
+    // The URL path must contain the compliance ID
+    assertTrue(path.contains(
+      String.format("PhoneNumber/Compliance/%s/", complianceId)));
+    // The query string must NOT contain id= (the bug we fixed via toMap() override)
+    String query = path.contains("?") ? path.substring(path.indexOf("?")) : "";
+    assertFalse("Query string should not contain 'id=' parameter", query.contains("id="));
+    // expand should still be present
+    assertTrue(query.contains("expand=end_user"));
+  }
 }