This release includes 1 security fix for security teams reviewing exposed deployments.
Published 18d
Forensics & Incident Response
✓ No known CVEs patched
This release patches 1 known CVE
Topics
bash-script
compromise-detection
cve-2026-45321
dependency-scanner
security
docker
+13 more
ghsa
incident-response
ioc-detection
malware-detection
npm-security
security-audit
security-scanner
security-tools
shai-hulud
supply-chain-attack
supply-chain-security
tanstack
zero-day
Summary
AI summaryFixes GHSA-g7cv-rxg3-hmpx security vulnerability.
Full changelog
tanstack-compromise-checker v1.1.0
Verify before running — this is a security tool, treat it like one.
One-liner (bash, with checksum verification)
TAG=v1.1.0
curl -fsSLO https://github.com/fabriziosalmi/tanstack-compromise-checker/releases/download/$TAG/check.sh
curl -fsSLO https://github.com/fabriziosalmi/tanstack-compromise-checker/releases/download/$TAG/check.sh.sha256
sha256sum -c check.sh.sha256 && bash check.sh
Docker (works on macOS, Linux, Windows)
docker run --rm -v "$PWD":/scan ghcr.io/fabriziosalmi/tanstack-compromise-checker:1.1.0 /scan true fail tanstack-findings.json '' GHSA-g7cv-rxg3-hmpx
GitHub Action
- uses: fabriziosalmi/[email protected]
with:
scan-dir: .
online: 'true'
Image provenance is signed; verify with:
gh attestation verify oci://ghcr.io/fabriziosalmi/tanstack-compromise-checker:1.1.0 --repo fabriziosalmi/tanstack-compromise-checker
Full Changelog: https://github.com/fabriziosalmi/tanstack-compromise-checker/compare/v1.0.0...v1.1.0
Security Fixes
- GHSA-g7cv-rxg3-hmpx — fixes a vulnerability in tanstack-compromise-checker
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Tanstack Compromise Checker
All releases →Related context
Related tools
Beta — feedback welcome: [email protected]