release: v0.39.0

Auth security round: SB3 (email tokens out of URL query → fragment), SA4 (server-side
session revocation + 'Log out other sessions'), SA3 (trusted-proxy X-Forwarded-For so
rate limits can't be bypassed via a forged header).
This commit is contained in:
npeter83 2026-07-12 03:49:55 +02:00
parent 776fb38b9b
commit 56dfa9b427
2 changed files with 9 additions and 1 deletions

View file

@ -14,6 +14,14 @@ export interface ReleaseEntry {
}
export const RELEASE_NOTES: ReleaseEntry[] = [
{
version: "0.39.0",
date: "2026-07-12",
summary: "Sign-in security hardening.",
features: [
"New “Log out other sessions” button in Settings → Account, to sign out everywhere else.",
],
},
{
version: "0.38.0",
date: "2026-07-12",