This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+4 more
ReleasePort's take
Light signalSink v0.2.10 introduces a Link Check Dashboard with API and CSV export for URL reachability monitoring. Security improvements include CSV formula injection mitigation and enhanced link editor validation.
Why it matters: Link Check Dashboard enables URL monitoring with configurable options. CSV formula injection fix protects spreadsheet exports. Validation prevents misconfigured links. Routine upgrade for production infrastructure.
Summary
AI summaryAdded Link Check Dashboard, API, and CSV export features.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Added Link Check Dashboard for URL reachability monitoring with configurable options and actions. Added Link Check Dashboard for URL reachability monitoring with configurable options and actions. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Implemented authenticated POST /api/link/check endpoint for server-side URL reachability checks. Implemented authenticated POST /api/link/check endpoint for server-side URL reachability checks. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Enabled export of abnormal link check results as CSV with detailed columns. Enabled export of abnormal link check results as CSV with detailed columns. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Added localized translations for the new Link Check Dashboard across supported locales. Added localized translations for the new Link Check Dashboard across supported locales. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Low |
Added expiration description clarifying that expired short links are automatically deleted. Added expiration description clarifying that expired short links are automatically deleted. Source: granite4.1:30b@2026-05-23-audit Confidence: low |
— |
| Feature | Low |
Standardized export filenames with ISO timestamp-based names across link exports, access exports, and import result downloads. Standardized export filenames with ISO timestamp-based names across link exports, access exports, and import result downloads. Source: granite4.1:30b@2026-05-23-audit Confidence: low |
— |
| Deprecation | Medium |
Renamed Geo Routing labels to Geo Redirect for clarity. Renamed Geo Routing labels to Geo Redirect for clarity. Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Ensured disabling unsafe-link flag is explicitly submitted during link edits. Ensured disabling unsafe-link flag is explicitly submitted during link edits. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Implemented submit-time validation for URL, slug, and comment fields in the link editor. Implemented submit-time validation for URL, slug, and comment fields in the link editor. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Improved CSV escaping to mitigate spreadsheet formula injection risk. Improved CSV escaping to mitigate spreadsheet formula injection risk. Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Refactor | Medium |
Grouped link editor advanced settings under Link Settings for better organization. Grouped link editor advanced settings under Link Settings for better organization. Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Refactor | Low |
Grouped expiration, password, unsafe-link, cloaking, and query redirect options under Link Settings in the link editor. Grouped expiration, password, unsafe-link, cloaking, and query redirect options under Link Settings in the link editor. Source: granite4.1:30b@2026-05-23-audit Confidence: low |
— |
| Refactor | Low |
Improved form field semantics using shared field helpers and refined switch field layout in the link editor. Improved form field semantics using shared field helpers and refined switch field layout in the link editor. Source: granite4.1:30b@2026-05-23-audit Confidence: low |
— |
| Refactor | Low |
Reused shared CSV generation for analytics exports and link check exports. Reused shared CSV generation for analytics exports and link check exports. Source: granite4.1:30b@2026-05-23-audit Confidence: low |
— |
Full changelog
What's Changed
✨ New Features
- Link Check Dashboard - Added a new dashboard page to check whether existing destination URLs are reachable, with configurable timeout and batch size, progress tracking, result statistics, stop/reload/clear actions, and status-code filters.
- Link Check API - Added authenticated
POST /api/link/checkfor server-side URL reachability checks, with OpenAPI metadata, timeout handling, response status/duration reporting, and safeguards against localhost/private/reserved IP checks. - Broken Link CSV Export - Export abnormal link check results as CSV, including slug, URL, status, result, error, duration, checked time, and dashboard detail URL.
💅 Improvements
- Improved link editor advanced settings by grouping expiration, password, unsafe-link, cloaking, and query redirect options under Link Settings.
- Added an expiration description to clarify that expired short links are automatically deleted.
- Refined form field semantics using shared field helpers and improved switch field layout.
- Improved OpenGraph image upload preview layout with a fixed
1200/630aspect ratio. - Standardized export filenames with ISO timestamp-based names across link exports, access exports, and import result downloads.
- Reused shared CSV generation for analytics exports and link check exports.
🌍 Localization
- Added Link Check translations across supported locales.
- Renamed Geo Routing labels to Geo Redirect for clearer wording.
- Added localized expiration descriptions.
🐛 Bug Fixes
- Fixed link editing so disabling the unsafe-link flag is submitted explicitly during edits.
- Added submit-time validation for URL, slug, and comment fields in the link editor.
- Improved CSV escaping to reduce spreadsheet formula injection risk.
Full Changelog: https://github.com/miantiao-me/Sink/compare/v0.2.9...v0.2.10
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Sink
⚡ A Simple / Speedy / Secure Link Shortener with Analytics, 100% run on Cloudflare.
Related context
Related tools
Beta — feedback welcome: [email protected]