Skip to content

v1.6.0

Choose a tag to compare

@arcjet-arcjet-js-release-please arcjet-arcjet-js-release-please released this 30 Jun 19:31
Immutable release. Only release title and notes can be modified.
b9a0809

1.6.0 (2026-06-30)

🚀 New Features

  • add outbound proxy support to @arcjet/transport and @arcjet/guard (#6089) (0048dfa)
  • arcjet-guard: add per-request metadata to experimental_moderateContent (#6100) (fe28505)
  • arcjet-guard: export experimental_moderateContent from node and fetch entrypoints (#6097) (1b7fc90)
  • expose correlationId on protect() and guard() (#6104) (14a3a1f)
  • guard: add experimental_moderateContent rule (#6059) (b001765)
  • guard: error/warning decision model with hasFailedOpen() gate (#6096) (8bbb885)
  • nosecone-next: add nonce API to get the CSP nonce (#6109) (165dc49)
  • protocol: regenerate clients with correlation_id field (#6098) (71346b3)
  • require Node.js >=22.21.0 and drop EOL Node.js 20 (#6090) (d002118)

🪲 Bug Fixes

  • arcjet-guard: accept object input on string-input rules (#6114) (8e828d0)
  • guard: split errorResult() from result() so errors aren't up-cast (#6107) (b5317ed)
  • transport: make HTTP/2-over-CONNECT-proxy work on Node >= 26 (#6119) (2b72b6c)
  • transport: skip Node 26-broken http2-proxy tests (revert force-exit) (#6112) (3ae2731)

🏎️ Performance Improvements

  • analyze-wasm: regenerate js_req wasm (Aho-Corasick bot parser + Wizer) (#6066) (5f62631)

📝 Documentation

  • use unified Arcjet skill install command (#6115) (3007110)

🧹 Miscellaneous Chores

📚 Tests

  • arcjet: force test runner to exit; add CI test-job timeouts (#6108) (a34473b)
  • arcjet: verify protect() runs on Cloudflare Workers (#6110) (76a86fb)

🔨 Build System

  • deps-dev: bump js-yaml from 4.1.1 to 4.2.0 in /examples/nextjs-sensitive-info (#6080) (9b9a307)
  • deps-dev: bump js-yaml from 4.1.1 to 4.2.0 in /examples/sveltekit (#6072) (95f14c6)
  • deps-dev: bump js-yaml from 4.1.1 to 4.3.0 in /examples/nextjs-decorate (#6085) (c46f133)
  • deps-dev: bump js-yaml from 4.1.1 to 4.3.0 in /examples/nextjs-ip-details (#6106) (6d254d1)
  • deps-dev: bump js-yaml from 4.1.1 to 4.3.0 in /examples/nextjs-pages-wrap (#6084) (7a0ea5a)
  • deps-dev: bump js-yaml from 4.1.1 to 4.3.0 in /examples/nextjs-react-hook-form (#6086) (dc143e0)
  • deps-dev: bump js-yaml from 4.1.1 to 4.3.0 in /examples/nextjs-server-actions (#6118) (5be3719)
  • deps-dev: bump vite from 8.0.10 to 8.0.16 (#6074) (005bb8c)
  • deps: bump js-yaml from 4.1.1 to 4.2.0 (#6073) (91c1cd7)
  • deps: bump launch-editor from 2.13.2 to 2.14.1 in /examples/nuxt (#6081) (9992872)
  • deps: bump nuxt from 4.4.6 to 4.4.8 in /examples/nuxt (#6078) (6e9cfd0)
  • deps: bump shell-quote from 1.8.3 to 1.8.4 in /examples/nuxt (#6065) (3c17856)
  • deps: bump undici and miniflare in /arcjet-guard (#6091) (b15e4b9)
  • deps: bump undici from 6.24.1 to 6.27.0 in /examples/remix-express (#6095) (c2b0f3d)
  • deps: upgrade Next.js examples to 16.2.6 (#6094) (5f9c64c)

✅ Continuous Integration

  • stop release-please self-triggering loop on its own branch (#6105) (514ee98)