Skip to content

v5.0.7

Latest

Choose a tag to compare

@ankitskvmdam ankitskvmdam released this 07 Jul 08:04
cc95ace

A patch release focused on dependency security, a small TypeDoc cleanup, and clearer package docs. No breaking changes and no user-facing behavior change.

Security

Cleared all open Socket and Dependabot advisories:

  • esbuild (dwar, production dependency) → ^0.28.1 — resolves the dev-server request / arbitrary-file-read advisories.
  • Dev/build toolchain: happy-dom^20, vitest^4.1.10, vite^8.1.3, turbo^2.10.4.
  • Transitive overrides for markdown-it, linkify-it, shell-quote, fast-uri, brace-expansion, and js-yaml (CVE-2026-53550).

The remaining Socket "obfuscated code" flags on preact / underscore / brace-expansion / es-module-lexer are false positives on minified dist output, not vulnerabilities.

Changed

  • setu / typedoc — removed the inert sectionOrder / clubSidebarItems handling under the TypeDoc flavor. Under TypeDoc the module hierarchy owns the API sidebar and doc groups order via docGroups; these options were accepted but had no effect. No behavior change.

Docs

  • Corrected the TypeDoc sidebar-lever documentation (getting-started, structure-your-sidebar, configuration) across all locales.
  • Made the clean-jsdoc-theme and @clean-jsdoc-theme/typedoc package READMEs standalone, each centered on its own toolchain.

Full changelog: v5.0.6...v5.0.7