release: v0.39.0
Auth security round: SB3 (email tokens out of URL query → fragment), SA4 (server-side session revocation + 'Log out other sessions'), SA3 (trusted-proxy X-Forwarded-For so rate limits can't be bypassed via a forged header).
This commit is contained in:
parent
776fb38b9b
commit
56dfa9b427
2 changed files with 9 additions and 1 deletions
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
||||||
0.38.0
|
0.39.0
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,14 @@ export interface ReleaseEntry {
|
||||||
}
|
}
|
||||||
|
|
||||||
export const RELEASE_NOTES: ReleaseEntry[] = [
|
export const RELEASE_NOTES: ReleaseEntry[] = [
|
||||||
|
{
|
||||||
|
version: "0.39.0",
|
||||||
|
date: "2026-07-12",
|
||||||
|
summary: "Sign-in security hardening.",
|
||||||
|
features: [
|
||||||
|
"New “Log out other sessions” button in Settings → Account, to sign out everywhere else.",
|
||||||
|
],
|
||||||
|
},
|
||||||
{
|
{
|
||||||
version: "0.38.0",
|
version: "0.38.0",
|
||||||
date: "2026-07-12",
|
date: "2026-07-12",
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue