9.6.2
- Lottie: fix issue parsing font lists - by VicenteCartas (#18436)
9.6.1
- Lottie: fix issue parsing font lists - by VicenteCartas (#18436)
v16.3.0-canary.15
- [devtools] Force ANSI colors on overlay code frames regardless of TTY: #93550
- Turbopack: Match proxy matchers with webpack implementation: #93594
- Track
searchParamsaccess through a Proxy to catch missing-key reads: #93549 - Cherry-pick ghsa commits to canary: #93614
- docs: escape literal triple-backticks in contribution guide: #93584
- [test] Pin package manager to patch versions: #93592
- turbo-rcstr: replace
rcstr!macro_rules with proc macro: #93551 - Turbopack: Fix middleware matcher suffix: #93590
- Turbopack: Change DynEffect::dyn_value to DynEffect::value_hash, a simple u128: #93552
- [ci] Ensure graphite_ci_optimizer fails open even if github fails to fetch the action: #93615
Huge thanks to @aurorascharff, @icyJoseph, @eps1lon, @lukesandberg, @timneutkens, @unstubbable, and @bgw for helping!
create-rari-app@0.5.7
- d95cd834 chore(deps): bump rari-binaries to 0.13.3
- 4c8481e7 release: create-rari-app@0.5.6
- f139f797 chore(deps): update dependencies and improve code splitting
Full Changelog: https://github.com/rari-build/rari/compare/create-rari-app@0.5.5...create-rari-app@0.5.7
rari@0.13.4
- 0d179530 release: rari@0.13.3
- 10a3951f chore(rari): downgrade version to 0.13.2
Full Changelog: https://github.com/rari-build/rari/compare/rari@0.13.3...rari@0.13.4
v15.5.18
This release contains security fixes for the following advisories:
High:
- GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
- GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
- GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
- GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
- GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
- GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
- GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n
Moderate:
- GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
- GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
- GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
- GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses
Low:
v16.2.6
This release contains security fixes for the following advisories:
High:
- GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
- GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
- GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
- GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
- GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
- GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
- GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n
Moderate:
- GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
- GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
- GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
- GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses
Low:
v0.13.3
- fb248889 chore(deps): bump rari to 0.13.3
Full Changelog: https://github.com/rari-build/rari/compare/v0.13.2...v0.13.3