SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
cf36656341091f38c4eb9ed3442ee905252d5795
securebit-chat/meta.json
T
lockbitchat cf36656341
CodeQL Analysis / Analyze CodeQL (push) Has been cancelled
Details
Deploy Application / deploy (push) Has been cancelled
Details
Mirror to Codeberg / mirror (push) Has been cancelled
Details
Mirror to PrivacyGuides / mirror (push) Has been cancelled
Details
release: v4.8.13 message integrity & transport hardening 
Bumps version to 4.8.13 across package.json, package-lock.json, manifest.json,
index.html, meta.json, README, SECURITY_DISCLAIMER, the site header and the
in-app init banner (previously desynced at 4.8.10/4.8.11/4.8.12).

Ships the security-review fixes already on main:
- removed the over-broad send-path keyword blocklist that silently rejected
  legitimate messages (real XSS defense remains receive-side DOMPurify)
- preserve newlines/tabs/indentation in outgoing message sanitization
- stop logging raw AAD (sessionId + keyFingerprint) on validation failure
- add Strict-Transport-Security and Permissions-Policy headers
- add outgoing-message-integrity regression tests
2026-06-18 17:08:59 -04:00

10 lines
264 B
JSON
Raw Blame History

{
"version": "1781816839471",
"buildVersion": "1781816839471",
"appVersion": "4.8.13",
"buildTime": "2026-06-18T21:07:19.513Z",
"buildId": "1781816839471-42be55a",
"gitHash": "42be55a",
"generated": true,
"generatedAt": "2026-06-18T21:07:19.514Z"
}
Reference in New Issue View Git Blame Copy Permalink