Skip to content

Release v0.1.3

Choose a tag to compare

View all tags
@github-actions github-actions released this 12 Mar 06:50
· 44 commits to main since this release
v0.1.3
753a3a4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

  • Hardened redirect handling to revalidate every hop against FetchKit's SSRF policy
  • Tightened allow/block prefix matching to use parsed URL components instead of raw string prefixes
  • Added FileSaver trait for saving fetched content to files
  • Mitigated 6 open threats from threat model
  • Added CLI integration tests and doc tests

What's Changed

  • fix(security): harden redirect validation and URL policy matching (#23)
  • fix(security): mitigate 6 open threats from threat model (#24)
  • fix(cli): disable bin rustdoc to avoid doc collision (#25)
  • feat: add FileSaver trait for saving fetched content to files (#27)
  • fix(ci): replace external HTTP calls with wiremock in fetch_urls example (#29)
  • test: add CLI integration tests, doc tests, Python example, and CI improvements (#31)
  • docs: add cargo install from crates.io to README (#22)
  • docs: remove duplicate release-process from public docs (#30)
  • docs: add git user config requirement to attribution section (#32)
  • ci: adopt bashkit release process (#26)
  • feat(skills): add /processing-issues skill (#28)
  • feat: add /ship command and .agents symlinks (#21)
  • chore: add Doppler secrets management and cloud init script (#20)
  • chore: add attribution settings and agent attribution policy (#19)

Full Changelog: v0.1.2...v0.1.3

Assets 2
Loading