Skip to content

v0.10.2
Compare
Choose a tag to compare
@aleksasiriski aleksasiriski released this 11 Jun 23:37
· 755 commits to main since this release
v0.10.2
ac522f2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

XSS VULNERABILITY FIXED

Please update to this release ASAP since it fixes a XSS attack made possible with the introduction of favicons.

What's Changed

  • chore(deps-dev): bump svelte from 5.0.0-next.141 to 5.0.0-next.142 by @dependabot in #268
  • chore(deps-dev): bump vite from 5.2.11 to 5.2.12 by @dependabot in #270
  • chore(deps-dev): bump svelte from 5.0.0-next.142 to 5.0.0-next.143 by @dependabot in #269
  • chore(deps-dev): bump @sveltejs/vite-plugin-svelte from 3.1.0 to 3.1.1 by @dependabot in #271
  • chore(deps-dev): bump svelte-check from 3.7.1 to 3.8.0 by @dependabot in #273
  • fix(general)!: remove favicons because of dangers when loading them directly from websites by @aleksasiriski in #284

Full Changelog: v0.10.1...v0.10.2

Contributors

dependabot and aleksasiriski
Assets 2
Loading