-
v0.2.0 Stable
rimskij released this
2026-06-04 21:11:16 +02:00 | 3 commits to dev since this releasev0.2.0
Security
- HMAC-signed, claim-bound admin auth cookies; hardened upload-file path traversal (RCE incident)
- Required SESSION_SECRET for cookie signing; awaited isFullyAuthenticated in admin config PUT routes (dead guard → enforced)
- Next.js 15.3.1→15.3.8, React 19.1.0→19.1.2 (CVE-2025-66478 / CVE-2025-55182)
Refactoring (Streamline #302)
- Config, sortSongs, SearchResult, FileDetails, byte-formatters, and highlightMatch all deduplicated to single sources of truth
- Root page redirects to default locale (removed duplicate home surface); getFeaturedSongs extracted; Yiddish locale removed
Net: 58 files, +1411 / −3382.
Downloads
-
Source code (ZIP)
0 downloads
-
Source code (TAR.GZ)
0 downloads