7b701b8
This commit was signed with the committer’s verified signature.
LinuxServer-CI
LinuxServer.io CI
CI Report:
https://ci-tests.linuxserver.io/linuxserver/raneto/0.18.1-ls200/index.html
LinuxServer Changes:
Full Changelog: 0.18.1-ls199...0.18.1-ls200
Remote Changes:
2026.03.10 / v0.18.1
- [BREAKING] Minimum Node.js is v24.x LTS
- [Fix] Filepath location for language translations
- [Fix] Path traversal vulnerability
- [Fix] Sitemap string escaping
- [Fix] Better escaping and sanitization for markdown rendering
- [Fix] GitHub Actions repository permissions: read-only
- [Fix] Search ReDoS with lunr
- [Fix] Login password comparison
- [Fix] Path traversal outside of content directory
- [Fix] Authentication redirect continues with flow
- [Fix] Prevent error details leakage
- [Fix] Editor escaping Markdown content and base_url
- [Fix] Ensure redirect "return" is relative path only
- [Fix] Using callback for logout
- [Fix] Explicitly specify "Lax" for cookies
- [Add] Rate Limiting (200 req/min)
- [Add] Configuration verification function
- [Add] CSP Nonce with res.locals.csp_nonce
- [Edit] Refactoring (simplify, use native functions)
- [Deps] Upgrading marked from v16.4.2 to v17.0.2