This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+12 more
Summary
AI summaryCVE‑2025‑15284 – HIGH severity qs DoS vulnerability fixed.
Full changelog
What's Changed in v3.7.1
- fix: Add type annotation to fix mypy errors in health_check (68018d1)
- fix: Remove unused 'target' variable in refactor_plan workflow (1f6f56d)
- fix: Update tests to match v3.7.0 defaults and error messages (15d0b79)
- docs: Update CHANGELOG with security vulnerability fixes (2adf079)
- fix: Resolve qs DoS vulnerability in VSCode extension dev dependencies (1dfc20f)
- fix: Resolve HIGH severity qs DoS vulnerability (CVE-2025-15284) (a40d6b2)
- fix: Configure lint/type checking to exclude test workflows and non-core directories (0598922)
- docs: Add v3.7.0 architecture docs and wizard factory CLI (14333c5)
- feat: v3.7.0 - XML Enhancements, Wizard/Workflow Factories, Monitoring Improvements (164e18b)
- fix: Release Prep and Secure Release buttons now open reports in editor (80120c0)
- fix: Check Deps button now opens report in editor (5cab262)
- fix: Add missing logger imports in base.py and security_audit.py (893e230)
- fix: Remove Sync Docs button (manage-docs workflow) (0f2acbf)
- release: Prepare v3.7.0 - XML-Enhanced Prompts & Dependency Fixes (8075c60)
Full Changelog: https://github.com/Smart-AI-Memory/empathy-framework/compare/v3.7.0...v3.7.1
Security Fixes
- CVE-2025-15284 – HIGH severity qs DoS vulnerability resolved
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Smart-AI-Memory/empathy-framework
Five-level AI collaboration system with persistent memory and anticipatory capabilities. MCP-native integration for Claude and other LLMs with local-first architecture via MemDocs.
Related context
Beta — feedback welcome: [email protected]