Skip to content

v1.1.0

Choose a tag to compare

@jekuer jekuer released this 09 Jul 21:01
f22c15e

Security updates!

  • Added shared security helpers for safe JSON-in-script serialization and rich HTML sanitization.
  • Sanitized dynamic Add to Calendar PRO event descriptions before rendering them as HTML.
  • Escaped JSON payloads embedded in structured data and WebMCP scripts to prevent </script> breakout XSS.
  • Replaced raw hreflang HTML generation with native Astro rendering.
  • Hardened content URL schemas to allow only http and https URLs.
  • Documented sanitization requirements for external CMS/API content.
  • Re-enabled Dependabot version update PRs.
  • Pinned GitHub Actions to immutable commit SHAs.