Skip to content

Release v3.6.48

Latest
Latest

Choose a tag to compare

View all tags
@prosoponator-app prosoponator-app released this 24 Jun 15:29
· 2 commits to main since this release
v3.6.48
6c074ba
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • refactor(logger): tighten public exports by @goastler in #2749
  • refactor(provider): use child loggers for request/challenge context by @goastler in #2747
  • feat(caddy): per-host ipv4./ipv6. SANs in the per-host site block by @forgetso in #2753
  • ci: enforce exact (pinned) dependency versions to harden supply chain by @goastler in #2680
  • perf(ci): add --no-audit --no-fund --prefer-offline to npm ci by @goastler in #2724
  • fix(provider): forward sync validation throws in captcha routes to error handler by @goastler in #2719
  • refactor(logger): replace vague scopes with structured colon-delimited scope names by @goastler in #2632
  • fix(common): derive HTTP status message from actual status code by @goastler in #2725
  • feat(logger): directive-based scope filtering and subscope support by @goastler in #2631
  • fix(provider): length-bound and sanitise request inputs across endpoints by @goastler in #2709
  • ci: add auto-update-pr flywheel workflow by @goastler in #2758
  • ci: skip PRs with unresolved conversations in auto-update-pr by @goastler in #2759
  • feat(provider): Prometheus /metrics endpoint with full captcha metrics suite by @goastler in #2677
  • chore(deps): bump uuid from 11.1.0 to 14.0.0 in /packages/api-express-router by @dependabot[bot] in #2577
  • chore(deps): bump qs from 6.13.0 to 6.15.2 in /dev/flux by @dependabot[bot] in #2580
  • chore(deps): bump uuid from 11.1.0 to 14.0.0 in /packages/provider by @dependabot[bot] in #2582
  • chore(deps-dev): bump turbo from 2.6.1 to 2.9.14 by @dependabot[bot] in #2608
  • chore(deps-dev): bump vite from 6.4.1 to 6.4.3 in /packages/logger by @dependabot[bot] in #2611
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/user-access-policy by @dependabot[bot] in #2613
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/util-crypto by @dependabot[bot] in #2636
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/util by @dependabot[bot] in #2638
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/widget-skeleton by @dependabot[bot] in #2687
  • feat(config): gate rollup bundle visualiser behind PROSOPO_BUNDLE_STATS env flag by @goastler in #2714
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/types-env by @dependabot[bot] in #2655
  • fix(provider): return 400 for malformed checkSpamEmail request body by @goastler in #2722
  • fix(provider): return 403 Forbidden for blocklist-denied requests by @goastler in #2723
  • fix(database): pre-download mongod binary to avoid lockfile race in tests by @goastler in #2756
  • chore(ci): add --no-audit --no-fund --prefer-offline to npm install commands by @goastler in #2757
  • chore(deps): bump the github-actions group across 1 directory with 8 updates by @dependabot[bot] in #2602
  • ci: log link to each PR being considered by @goastler in #2760
  • fix(provider): replace read-tls-client-hello with spec-compliant ja4 impl by @goastler in #2627
  • fix(provider): admin endpoints narrow req.logger scope instead of creating fresh loggers by @goastler in #2633
  • feat: forward verify requests to the issuing provider by @goastler in #2678
  • chore(deps): bump svelte from 5.51.2 to 5.55.7 in /integration/frameworks/svelte/svelte-procaptcha-integration-demo by @dependabot[bot] in #2755
  • chore(deps-dev): bump vite from 6.4.1 to 6.4.3 in /packages/util by @dependabot[bot] in #2699
  • chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /packages/provider by @dependabot[bot] in #2668
  • chore(deps-dev): bump vite from 6.4.1 to 6.4.3 in /packages/util-crypto by @dependabot[bot] in #2700
  • chore(deps-dev): bump vite from 6.4.1 to 6.4.3 in /packages/widget-skeleton by @dependabot[bot] in #2711
  • ci: migrate workflow actions to github_actions repo by @goastler in #2762
  • fix(provider): honour user access policy on frictionless session-dedup by @HughParry in #2764
  • refactor(logger): replace import.meta.url scopes with stable service names by @goastler in #2761
  • fix/mongoose connections by @goastler in #2292
  • chore(deps): bump uuid from 14.0.0 to 14.0.1 by @dependabot[bot] in #2575
  • ci: add --no-audit --no-fund --prefer-offline to remaining npm ci/install in workflows by @goastler in #2763
  • test(provider): cover empty-SNI flag and GREASE-lookalike cipher by @goastler in #2765
  • Release v3.6.48 by @prosoponator-app[bot] in #2766

Full Changelog: v3.6.47...v3.6.48

Contributors

goastler, forgetso, and 2 other contributors
Assets 2
Loading