flyingsquirrel0419/layercache

v1.3.4 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo Caching

✓ No known CVEs patched

This release patches 1 known CVE

Topics

cache-manager cache memory-cache multi-layer-cache nodejs redis

+2 more

stampede-prevention typescript

Affected surfaces

deps

Summary

AI summary

Resolved npm audit vulnerabilities by upgrading several dependencies.

Full changelog

CacheStack read pipeline extracted into CacheStackReader — a dedicated internal module handling all read-path logic (layer reads, fetch orchestration, background refresh, stale policies, fresh-read policies). Public API is unchanged; CacheStack now delegates read operations to the reader, reducing core class size from 1,726 to 1,357 lines (-21%).
Test suite expanded to 529 tests (up from 474), including 44 new tests for CacheStackReader and 11 new tests for CacheStackLayerWriter and CacheStack internals.

npm audit vulnerabilities resolved — upgraded postcss, vite, and autocannon/uuid dependencies to address 5 security advisories (1 high, 4 moderate). All vulnerabilities now show 0 in npm audit.

SECURITY.md — security policy with supported versions, reporting guidelines, and built-in security features documentation.
Issue/PR templates — bug report, feature request, question, and pull request templates for contributors.

Full Changelog: https://github.com/flyingsquirrel0419/layercache/compare/v1.3.3...v1.3.4

Upgraded postcss, vite, autocannon, uuid to resolve 5 npm audit vulnerabilities (1 high, 4 moderate), all now reported as 0

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track flyingsquirrel0419/layercache

Get notified when new releases ship.

About flyingsquirrel0419/layercache