Skip to content

v0.4.20

Choose a tag to compare

@l1a l1a released this 22 Jun 19:02
227a606

Security fix

  • RUSTSEC-2026-0185 (severity 7.5 high): patches quinn-proto 0.11.14 → 0.11.15, which fixes remote memory exhaustion via unbounded out-of-order stream reassembly. All users should upgrade.

Also in this release (v0.4.19)

  • rand 0.8 → 0.9, criterion 0.5 → 0.8, clap_complete_nushell 0.1 → 4.6 — major dependency bumps; no behaviour changes.
  • Improved doc coverage: Config, config_path(), StreamOpen fields, Payload enum.
  • Test suite expanded from 78 → 98 tests: login no-panic checks, quic oversized-frame rejection, config malformed-TOML fallback, forward split_ignoring_brackets edge cases.