• Resolve syntax error related to import renaming in ESM build
• Add new browser: HiBrowser, Opera Neon
• Add new engine: Dillo
• Improve browser detection: Brave, TikTok
• Improve device detection: OnePlus
• Improve OS detection: Firefox OS
• extensions submodule:
  • Add new CLI: PowerShell
  • Add new email: Alpine, Android, AquaMail, Balsa, Barca, Canary, Claws Mail, eM Client, Eudora, FairEmail, Geary, Gnus, Horde::IMP, Lotus-Notes, IncrediMail, K-9 Mail, Mailbird, MailMate, Mailspring, Mutt, Newton, Nine, NylasMail, Outlook-Express, Pegasus Mail, PocoMail, Postbox, ProtonMail Bridge, Quala, R2Mail2, Rainloop, Roundcube Webmail, SamsungEmail, Spicebird, SquirrelMail, Sylpheed, The Bat!, Trojita, Turnpike, tutanota-desktop, Wanderlust, Windows-Live-Mail
  • Add new library: http.rb, Jetty, ocaml-cohttp
• helpers submodule:
  • Add new method: getOutlookEdition() to map Outlook versions to their marketing editions

• Improve existing browser detection for Tiktok by @giantyo26 in https://github.com/faisalman/ua-parser-js/pull/817
• feat(email): expand email client detection & add Outlook edition helper by @cougrimes in https://github.com/faisalman/ua-parser-js/pull/819
• chore: update pattern to ONLY include top-level js files in dist by @hyperz111 in https://github.com/faisalman/ua-parser-js/pull/820

• @giantyo26 made their first contribution in https://github.com/faisalman/ua-parser-js/pull/817
• @cougrimes made their first contribution in https://github.com/faisalman/ua-parser-js/pull/819
• @hyperz111 made their first contribution in https://github.com/faisalman/ua-parser-js/pull/820

Full Changelog: https://github.com/faisalman/ua-parser-js/compare/2.0.7...2.0.8

• all: Enforce on security vulnerability (c69320a), closes #4078

• two-col layout should accept left slot for consistency  -  by @kermanx in https://github.com/slidevjs/slidev/issues/2420 (66b84)

• 🛠 Button, Masonry, Mentions, Select, Space, Splitter, Steps and other components batch use genCssVar method to generate more stable CSS variable names. #56562 #56559 #56557 #56555 #56550 #56547 #56546 #56529 @li-jia-nan
• 🆕 QRCode adds marginSize property for displaying QR code margin area. #56569 @afc163
• 🆕 Tour adds keyboard property to configure keyboard operations. #56581 @cactuser-Lu
• Tooltip
  • 🆕 Tooltip adds maxWidth design token. #56540 @guoyunhe
  • 🆕 Tooltip/Popover/Popconfirm can be closed with ESC by default. #56492 @aojunhao123
• 🛠 Steps remove useless styles. #56565 @li-jia-nan
• 🆕 Form supports tel type validation. #56533 @guoyunhe
• 🐞 Fix Badge ref not working when using text property. #56532 @zombieJ
• 🆕 Calendar and DatePicker locale configuration now supports partial content filling. #56376 @QDyanbing
• 🐞 Fix ConfigProvider theme.cssVar configuration not working for icons. #56504 @seanparmelee
• 🐞 Fix Collapse items semantic properties not working. #56517 @zombieJ
• Modal
  • 🆕 Modal supports focusable.trap to configure whether to lock focus within the Modal. #56500 @zombieJ
  • 🛠 Remove useless DOM structure from Modal and optimize focus capture to prevent accidental focus escape outside the Modal. #56142 @zombieJ
• ConfigProvider
  • 🆕 ConfigProvider supports pagination configuration for totalBoundary and showSizeChanger properties. #56475 @chiaweilee
  • 🆕 ConfigProvider supports configuring Alert global icons. #56241 @guoyunhe
• Drawer
  • 🆕 Drawer adds focusable to configure focus behavior after opening, supporting focus locking within the container and focus returning after closing. #56463 @zombieJ
  • 🐞 Fix Drawer size definition not supporting string type. #56358 @ug-hero
• 🐞 Fix Image nested in Modal cannot be closed sequentially with Esc. #56386 @aojunhao123
• 🆕 Pagination supports size property. #56009 @guoyunhe
• 🆕 Breadcrumb supports dropdownIcon customization. #56250 @guoyunhe
• 🆕 Checkbox.Group supports role configuration. #56126 @Pareder
• 💄 Mentions fix invalid style padding: undefined in different sizes. #56564 @li-jia-nan
• 🐞 Fix Select clear button alignment issue when size="small". #56525 @QDyanbing

• 🛠 Button、Masonry、Mentions、Select、Space、Splitter、Steps 等组件批量使用 genCssVar 方法以生成更加稳定的 css 变量名。#56562 #56559 #56557 #56555 #56550 #56547 #56546 #56529 @li-jia-nan
• 🆕 QRCode 新增 marginSize 属性用于展示二维码留白区。#56569 @afc163
• 🆕 Tour 新增 keyboard 属性以配置键盘操作。#56581 @cactuser-Lu
• Tooltip
  • 🆕 Tooltip 增加 maxWidth design token。#56540 @guoyunhe
  • 🆕 Tooltip/Popover/Popconfirm 默认情况下可以通过 ESC 关闭。#56492 @aojunhao123
• 🛠 Steps 移除无用的样式。#56565 @li-jia-nan
• 🆕 Form 支持 tel 类型校验。#56533 @guoyunhe
• 🐞 修复 Badge 在使用 text 属性时，ref 无效的问题。#56532 @zombieJ
• 🆕 Calendar 和 DatePicker 的 locale 配置现在支持只填充部分内容。#56376 @QDyanbing
• 🐞 修复 ConfigProvider 配置 theme.cssVar 对图标无效的问题。#56504 @seanparmelee
• 🐞 修复 Collapse items 语义化属性无效的问题。#56517 @zombieJ
• Modal
  • 🆕 Modal 支持 focusable.trap 以配置是否将焦点锁定在 Modal 内部。#56500 @zombieJ
  • 🛠 移除 Modal 无用的 DOM 结构并且优化焦点捕获以防止意外的焦点逃逸到 Modal 外的情况。#56142 @zombieJ
• ConfigProvider
  • 🆕 ConfigProvider 支持 pagination 配置 totalBoundary 与 showSizeChanger 属性。#56475 @chiaweilee
  • 🆕 ConfigProvider 支持配置 Alert 全局图标。#56241 @guoyunhe
• Drawer
  • 🆕 Drawer 新增 focusable 以配置展开后的焦点行为，支持配置锁定焦点在框内、关闭后是否返回焦点。#56463 @zombieJ
  • 🐞 修复 Drawer size 定义不支持 string 的问题。#56358 @ug-hero
• 🐞 修复 Image 嵌套在 Modal 内时，Esc无法顺序关闭。#56386 @aojunhao123
• 🆕 Pagination 支持 size 属性。#56009 @guoyunhe
• 🆕 Breadcrumb 支持 dropdownIcon 自定义。#56250 @guoyunhe
• 🆕 Checkbox.Group 支持 role 配置。#56126 @Pareder
• 💄 Mentions 修复不同尺寸下 padding: undefined 的无效样式。#56564 @li-jia-nan
• 🐞 修复 Select 在 size="small" 时，清除按钮位置对齐问题。#56525 @QDyanbing

Note: This is a beta release. Please file new issues for any bugs you find in it.

This release is published to npm under the beta tag and can be installed via npm install electron@beta, or npm install electron@40.0.0-beta.8.

• Added support for WebSocket authentication through the login event on webContents. #49064

• Fixed an issue on Windows and Linux where no cookie encryption key provider was passed into the network service when cookie encryption was enabled. #49375

Fixed a JWT algorithm confusion issue in the JWT and JWK/JWKS middleware.

Both middlewares now require an explicit algorithm configuration to prevent the verification algorithm from being influenced by untrusted JWT header values.

If you are using the JWT or JWK/JWKS middleware, please update to the latest version as soon as possible.

import { jwt } from 'hono/jwt'

app.use(
  '/auth/*',
  jwt({
    secret: 'it-is-very-secret',
    alg: 'HS256', // required
  })
)

import { jwk } from 'hono/jwk'

app.use(
  '/auth/*',
  jwk({
    jwks_uri: 'https://example.com/.well-known/jwks.json',
    alg: ['RS256'], // required (asymmetric algorithms only)
  })
)

For more details, see the Security Advisory.

• https://github.com/honojs/hono/security/advisories/GHSA-f67f-6cw9-8mq4
• https://github.com/honojs/hono/security/advisories/GHSA-3vhc-576x-3qv4

• test(utils/jwt): add missing algorithm types in jwa.test.ts by @flathill404 in https://github.com/honojs/hono/pull/4607
• chore: bump @hono/eslint-config and enable curly rule by @yusukebe in https://github.com/honojs/hono/pull/4620
• docs(bun/websocket): Fixed a typo in hono/bun deprecation message and updated test. by @Itsnotaka in https://github.com/honojs/hono/pull/4618
• test: support alg option for JWT middleware by @yusukebe in https://github.com/honojs/hono/pull/4624

• @flathill404 made their first contribution in https://github.com/honojs/hono/pull/4607
• @Itsnotaka made their first contribution in https://github.com/honojs/hono/pull/4618

Full Changelog: https://github.com/honojs/hono/compare/v4.11.3...v4.11.4

• Revert "prevent browser cache from using stale RSC responses from pre…: #88457

Huge thanks to @ztanner for helping!

• Don't import typescript at runtime: #88321
• fix: use RDC for server action requests: #88129
• Warn when overriding Cache-Control header on /_next/ routes: #88353
• [prebuilt-skew-protection] feat: adding in automatic deploymentId: #88012
• Revert "[prebuilt-skew-protection] feat: adding in automatic deploymentId": #88449
• Turbopack: Update reqwest, remove experimental system TLS feature: #88290

• Update AGENTS.md with PR template and test generation requirements: #88417
• Add .cursor/worktrees.json configuration: #88415
• docs: add guidance for code block highlight line numbers to AGENTS.md: #88430
• [turbopack] Compute transitive side effects and use them to trim imports: #86675
• fix(turbo-tasks-backend): use correct TaskDataCategory for is_immutable check: #88331
• perf(turbo-tasks-backend): use DefaultStorage for AggregationNumber to save memory: #88336
• [Turbopack] Move DirList to its own module: #88256
• docs: add rebuild guidance and ICE troubleshooting to AGENTS.md: #88337
• Type-check run-tests.js and remove unused related flag: #88433
• [test] Remove obsolete reference to NEXT_TEST_SKIP_RETRY_MANIFEST: #88434
• Revert "[Turbopack] Move DirList to its own module": #88441
• [scripts] Avoid conflicting type for pack-next --compress: #88439
• Update Rspack production test manifest: #88403
• Update Rspack development test manifest: #88404

Huge thanks to @mischnic, @timneutkens, @lukesandberg, @ztanner, @andrewimm, @unstubbable, @eps1lon, @brookemosby, @vercel-release-bot, and @bgw for helping!

• #5179: Fixes monaco editor build
• #5155: Exported modules reorganization
• #5174: Removes stale comment
• #5170: Update SECURITY.md to version 1.0.0
• #5150: fixes browser tests
• #5149: Build scripts dont need to be compiled anymore
• #5146: Logs the sha of dependencies
• #5147: Updates node to 22.21.1
• #5130: Bump node-forge from 1.3.1 to 1.3.2 in /website
• #5138: Bump node-forge from 1.3.1 to 1.3.3 in /samples

Version 1.149.2 - 1/12/26, 8:31 PM

• properly handle sass in dev styles (#6372) (bbfa5d3) by Manuel Schiller

• @tanstack/start-plugin-core@1.149.2
• @tanstack/solid-start@1.149.2
• @tanstack/vue-start@1.149.2
• @tanstack/react-start@1.149.2
• @tanstack/start-static-server-functions@1.149.2