Skip to content

akshitkrnagpal/revcat

v0.3.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo CLI & Terminal
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Affected surfaces

auth

Summary

AI summary

Pin jose2go to v1.7.0 closing DoS CVEs.

Full changelog

Changelog

  • dda4a938515d458f917483ae7b51dcaed20f9a20 Add --secret-key-stdin flag (avoid shell history leak) (#21)
  • d530b075bc379a6d41630abbc4823ccfb9fb6307 Apply 4 MiB cap to all JSON file loads (#20)
  • 9f10861aa013403b15a9d308848edbd57222fa0c Atomic writes for ~/.revcat/config.json (#19)
  • d62ac7c2519a6904dd14708a54c7a86bdc510554 CHANGELOG: v0.3.0 entry (#22)
  • 0b897a3b1f9b8bd80c43a52aae07684533bf54b9 Escape appID in projects.go URL paths (and audit siblings) (#17)
  • e8611b82ae9adc80fa1e907ce114b5b2b36d6a23 Pin jose2go to v1.7.0 (close DoS CVEs) (#18)

Security Fixes

  • Pin jose2go to v1.7.0 (close DoS CVEs)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track akshitkrnagpal/revcat

Get notified when new releases ship.

Sign up free

About akshitkrnagpal/revcat

All releases →

Related context

Beta — feedback welcome: [email protected]