RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: bump version and changelog (v0.15.17.0) 

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Garry Tan 2026-04-07 18:50:08 -10:00
parent d6e3d9b14e
commit 7f38058b7f
No known key found for this signature in database
GPG Key ID: C1F69E85C74EFE1D
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG.md
View File

@ -1,5 +1,10 @@
# Changelog
## [0.15.17.0] - 2026-04-07
### Fixed
- Cookie picker no longer leaks the browse server auth token. Previously, opening the cookie picker page exposed the master bearer token in the HTML source, letting any local process extract it and execute arbitrary JavaScript in your browser session. Now uses a one-time code exchange with an HttpOnly session cookie. The token never appears in HTML, URLs, or browser history. (Reported by Horoshi at Vagabond Research, CVSS 7.8)
## [0.15.16.0] - 2026-04-06
### Added

2
VERSION
View File

@ -1 +1 @@
0.15.16.0
0.15.17.0