Skip to content

v1.5.3

Choose a tag to compare

@github-actions github-actions released this 02 Jul 07:54
732563e

1.5.3 (2026-07-02)

Bug Fixes

  • security: pin the transitive form-data dependency to 4.0.6 via an npm overrides entry, resolving the HIGH-severity CRLF-injection advisory GHSA-hmw2-7cc7-3qxx (affecting >=4.0.0 <4.0.6) that osv-scanner flagged in package-lock.json. form-data is a dev-only transitive dependency (via jest-environment-jsdomjsdom) and is not part of the shipped plugin bundle; npm audit now reports 0 high/critical vulnerabilities. No plugin runtime changes from 1.5.2.