• \imath and other \html@mathml macros in arguments (#4139) (a850cce)

Version 1.162.2 - 2/22/26, 8:41 AM

• router-core: remove unnecessary interpolatePath() in buildLocation (#6721) (63e9e71) by @Sheraff

• @tanstack/router-core@1.162.2
• @tanstack/solid-router@1.162.2
• @tanstack/react-router@1.162.2
• @tanstack/vue-router@1.162.2
• @tanstack/solid-router-ssr-query@1.162.2
• @tanstack/react-router-ssr-query@1.162.2
• @tanstack/vue-router-ssr-query@1.162.2
• @tanstack/router-ssr-query-core@1.162.2
• @tanstack/zod-adapter@1.162.2
• @tanstack/valibot-adapter@1.162.2
• @tanstack/arktype-adapter@1.162.2
• @tanstack/router-devtools@1.162.2
• @tanstack/solid-router-devtools@1.162.2
• @tanstack/react-router-devtools@1.162.2
• @tanstack/vue-router-devtools@1.162.2
• @tanstack/router-devtools-core@1.162.2
• @tanstack/router-generator@1.162.2
• @tanstack/router-cli@1.162.2
• @tanstack/router-plugin@1.162.2
• @tanstack/router-vite-plugin@1.162.2
• @tanstack/solid-start@1.162.2
• @tanstack/solid-start-client@1.162.2
• @tanstack/solid-start-server@1.162.2
• @tanstack/vue-start@1.162.2
• @tanstack/vue-start-client@1.162.2
• @tanstack/vue-start-server@1.162.2
• @tanstack/start-client-core@1.162.2
• @tanstack/start-server-core@1.162.2
• @tanstack/start-storage-context@1.162.2
• @tanstack/react-start@1.162.2
• @tanstack/react-start-client@1.162.2
• @tanstack/react-start-server@1.162.2
• @tanstack/start-plugin-core@1.162.2
• @tanstack/start-static-server-functions@1.162.2

2026-02-22

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

• #6275: Validate bundle stays within output dir (@lukastaegert)

2026-02-22

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

• #6276: Validate bundle stays within output dir (@lukastaegert)

• bb29e996 chore(rari): bump optional dependencies to 0.10.2
• 41c75c59 fix(rendering,rsc-client,sentry): enhance security and sanitization
• 5e0d946c fix(rendering,rsc-client,sentry): enhance security and accessibility
• 4db021a0 fix(rendering,router,runtime,sentry): enhance security and error handling
• f375c83d fix(rendering,router,runtime,sentry): improve security and error handling
• 590edccc fix(router): improve JSON parsing resilience in route info client
• d33089d8 fix(router,sentry): improve JSON parsing resilience and error handling
• b808452d refactor(rsc): replace innerHTML with DOM API in HMR error overlay
• 604da895 fix(rsc,router,sentry): sanitize JSON parsing and secure boundary updates
• 23dba633 fix(router): separate event listener registration from stale window effect
• 7e82dde2 fix(router): refactor effect dependencies and improve test reliability
• 0b5bfac9 fix(router): ensure stale window and navigate refs update correctly with dependency changes
• aeeb5a1b test(e2e): enhance mobile routing and cache stability with configurable stale window
• c8bfb090 test(e2e): improve mobile routing cache tests and visibility handling
• 2c9a8e51 test(e2e): add Playwright end-to-end testing suite

Full Changelog: https://github.com/rari-build/rari/compare/rari@0.10.1...rari@0.10.2

• 2c9a8e51 test(e2e): add Playwright end-to-end testing suite
• 1a4e255e chore(deps): update dependencies

Full Changelog: https://github.com/rari-build/rari/compare/create-rari-app@0.4.13...create-rari-app@0.4.14

• 41c75c59 fix(rendering,rsc-client,sentry): enhance security and sanitization
• 5e0d946c fix(rendering,rsc-client,sentry): enhance security and accessibility
• 4db021a0 fix(rendering,router,runtime,sentry): enhance security and error handling
• f375c83d fix(rendering,router,runtime,sentry): improve security and error handling
• 604da895 fix(rsc,router,sentry): sanitize JSON parsing and secure boundary updates
• 884b54e0 refactor(rendering): consolidate HTML escaping and improve attribute safety
• 4cdcf568 refactor(rendering): consolidate HTML escaping and improve metadata injection
• 35dc4a06 fix(rendering): reorder metadata and asset injection for correct HTML structure
• 64c835e1 chore(lint): reorganize eslint config and update linting rules

Full Changelog: https://github.com/rari-build/rari/compare/v0.10.1...v0.10.2

• Turbopack: support Subresource Integrity : #90152
• segment cache: add test for passing unawaited promise to context provider: #89339

Huge thanks to @mischnic and @ztanner for helping!

Version 1.162.1 - 2/21/26, 9:58 PM

• router-core: don"t set isServer if NODE_ENV test (#6727) (fdb8d2e) by Manuel Schiller

• remove fork guard from bundle-size PR comment step (#6728) (41528ea) by @Sheraff

• @tanstack/router-core@1.162.1
• @tanstack/solid-router@1.162.1
• @tanstack/react-router@1.162.1
• @tanstack/vue-router@1.162.1
• @tanstack/solid-router-ssr-query@1.162.1
• @tanstack/react-router-ssr-query@1.162.1
• @tanstack/vue-router-ssr-query@1.162.1
• @tanstack/router-ssr-query-core@1.162.1
• @tanstack/zod-adapter@1.162.1
• @tanstack/valibot-adapter@1.162.1
• @tanstack/arktype-adapter@1.162.1
• @tanstack/router-devtools@1.162.1
• @tanstack/solid-router-devtools@1.162.1
• @tanstack/react-router-devtools@1.162.1
• @tanstack/vue-router-devtools@1.162.1
• @tanstack/router-devtools-core@1.162.1
• @tanstack/router-generator@1.162.1
• @tanstack/router-cli@1.162.1
• @tanstack/router-plugin@1.162.1
• @tanstack/router-vite-plugin@1.162.1
• @tanstack/solid-start@1.162.1
• @tanstack/solid-start-client@1.162.1
• @tanstack/solid-start-server@1.162.1
• @tanstack/vue-start@1.162.1
• @tanstack/vue-start-client@1.162.1
• @tanstack/vue-start-server@1.162.1
• @tanstack/start-client-core@1.162.1
• @tanstack/start-server-core@1.162.1
• @tanstack/start-storage-context@1.162.1
• @tanstack/react-start@1.162.1
• @tanstack/react-start-client@1.162.1
• @tanstack/react-start-server@1.162.1
• @tanstack/start-plugin-core@1.162.1
• @tanstack/start-static-server-functions@1.162.1