cleanslate
Dashboards & Home PagesA free, judgment‑free calorie tracker designed for people who struggle with binging, self‑compassion issues, inconsistent logging, and dieting.
Features
- Search and log food entries
- Quickly add calories and protein values
- Create custom foods and recipes
- Barcode scanning via Open Food Facts
- Track exercise and meals
Recent releases
View all 21 releases →
v4.20.0
Maintenance
Minor fixes and improvements.
Full changelog
What's Changed
Security: Admins should update their instances.
- Bump @tootallnate/once from 2.0.0 to 2.0.1 in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/successible/cleanslate/pull/514
- Bump fast-uri from 3.1.1 to 3.1.2 in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/successible/cleanslate/pull/515
- Bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in the npm_and_yarn group across 1 directory by @dependabot[bot] in https://github.com/successible/cleanslate/pull/516
Enhancements:
- Upgrade to pnpm v11
- Lock file maintenance by @renovate[bot] in https://github.com/successible/cleanslate/pull/513
Full Changelog: https://github.com/successible/cleanslate/compare/v4.19.0...v4.20.0
v4.19.0
Security relevant
Security fixes
- Updated uuid dependency to v14 (SECURITY)
Full changelog
What's Changed
Security: Admins should update their instances.
- Update dependency uuid to v14 [SECURITY] by @renovate[bot] in https://github.com/successible/cleanslate/pull/508
Updates:
- Update all non-major dependencies by @renovate[bot] in https://github.com/successible/cleanslate/pull/504
- Lock file maintenance by @renovate[bot] in https://github.com/successible/cleanslate/pull/505
- Update all non-major dependencies by @renovate[bot] in https://github.com/successible/cleanslate/pull/509
- Lock file maintenance by @renovate[bot] in https://github.com/successible/cleanslate/pull/510
- Update all non-major dependencies by @renovate[bot] in https://github.com/successible/cleanslate/pull/512
Full Changelog: https://github.com/successible/cleanslate/compare/v4.18.0...v4.19.0
v4.18.0
Security relevant
Security fixes
- Removed console.log that exposed API key via profile object to client
- Updated npm and yarn dependency vulnerabilities
Full changelog
What's Changed
-
Security: Admins may want to rotate their API keys. We had a call to
console.logthat was logging theprofileto a user's client.profiledoes contain the API key, amongst other things. However, the value is scoped to the user's device, asprofileis stored inlocalStorage. Hence, this only made it marginally easier for curious users, malicious browser extensions, or browser-based loggers (like Sentry, if you have one installed) to see it. However, considering all of them already have client-side access, they already could see it! Hence, the point basically moot, and debately not even an issue. However, in the interest of maximum transparency, we are reporting it anyway. @paulzakin in https://github.com/successible/cleanslate/pull/503. -
Security: Bump the npm_and_yarn group across 2 directories with 1 update by @dependabot[bot] in https://github.com/successible/cleanslate/pull/502. Admins should update Clean Slate.
-
Update all non-major dependencies by @renovate[bot] in https://github.com/successible/cleanslate/pull/500
-
Lock file maintenance by @renovate[bot] in https://github.com/successible/cleanslate/pull/501
Full Changelog: https://github.com/successible/cleanslate/compare/v4.17.1...v4.18.0
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Install & Platforms
Install via
docker
docker-compose
Platforms
linux