Skip to content

HabitTrove

v0.2.31 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 2mo Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

gamification habit-tracking habits nextjs rewards self-hosted

Summary

AI summary

Critical security patches including Next.js update, path traversal hardening in avatar handling, and user data sanitization.

Security Fixes

  • Path traversal attack prevention in avatar route
  • User data sanitization in client payloads
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track HabitTrove

Get notified when new releases ship.

Sign up free

About HabitTrove

Gamified Habit Tracker - Find Your Treasure

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]