release: v0.39.0

Auth security round: SB3 (email tokens out of URL query → fragment), SA4 (server-side
session revocation + 'Log out other sessions'), SA3 (trusted-proxy X-Forwarded-For so
rate limits can't be bypassed via a forged header).
This commit is contained in:
npeter83 2026-07-12 03:49:55 +02:00
parent 776fb38b9b
commit 56dfa9b427
2 changed files with 9 additions and 1 deletions

View file

@ -1 +1 @@
0.38.0 0.39.0

View file

@ -14,6 +14,14 @@ export interface ReleaseEntry {
} }
export const RELEASE_NOTES: ReleaseEntry[] = [ export const RELEASE_NOTES: ReleaseEntry[] = [
{
version: "0.39.0",
date: "2026-07-12",
summary: "Sign-in security hardening.",
features: [
"New “Log out other sessions” button in Settings → Account, to sign out everywhere else.",
],
},
{ {
version: "0.38.0", version: "0.38.0",
date: "2026-07-12", date: "2026-07-12",