release: v0.39.0
Auth security round: SB3 (email tokens out of URL query → fragment), SA4 (server-side session revocation + 'Log out other sessions'), SA3 (trusted-proxy X-Forwarded-For so rate limits can't be bypassed via a forged header).
This commit is contained in:
parent
776fb38b9b
commit
56dfa9b427
2 changed files with 9 additions and 1 deletions
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
0.38.0
|
||||
0.39.0
|
||||
|
|
|
|||
|
|
@ -14,6 +14,14 @@ export interface ReleaseEntry {
|
|||
}
|
||||
|
||||
export const RELEASE_NOTES: ReleaseEntry[] = [
|
||||
{
|
||||
version: "0.39.0",
|
||||
date: "2026-07-12",
|
||||
summary: "Sign-in security hardening.",
|
||||
features: [
|
||||
"New “Log out other sessions” button in Settings → Account, to sign out everywhere else.",
|
||||
],
|
||||
},
|
||||
{
|
||||
version: "0.38.0",
|
||||
date: "2026-07-12",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue