Skip to content

v0.1.2: Security Patch for `tough-cookie` Vulnerability and Dependency Updates

Latest
Latest
Compare
Choose a tag to compare
@vamsii777 vamsii777 released this 08 Jul 16:47
· 14 commits to main since this release
0.1.2
384a86a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

We are delighted to introduce version v0.1.2 of the King's Temple Church website. This patch focuses primarily on addressing a critical security vulnerability and performing necessary updates to our dependencies.

Major Enhancements

  1. Security Patch for tough-cookie Vulnerability #17
    • Addressed a Prototype Pollution vulnerability in the tough-cookie package by updating it to the secure version (4.1.3), and updated the razorpay dependency to maintain compatibility.
  2. Update razorpay Dependency #16
    • Updated the razorpay package to a newer version compatible with the patched tough-cookie version, ensuring our payment gateway maintains top-notch security.
  3. Github Actions Enhancements #15
    • Continued enhancements of our Github Actions setup, introducing more comprehensive workflows and refining the existing ones.

Code Snippets

As usual, due to the sensitive nature of these changes, specific code snippets are not included in these public release notes for security reasons.

Highlights of Changes

  • A critical Prototype Pollution vulnerability in the tough-cookie package was addressed, enhancing the security of our site.
  • The razorpay dependency was updated to ensure compatibility with the secure tough-cookie version, maintaining the high-security standards of our payment gateway.
  • Further improvements were made to our Github Actions workflows, making our development and integration processes more robust.

Summary

This release mainly focuses on enhancing security by patching a critical vulnerability and updating dependencies. It also includes improvements to our Github Actions setup, making it more comprehensive and effective. We're confident that these changes will significantly improve the safety, reliability, and user experience of the King's Temple Church website.

Next Steps

Moving forward, we plan to continue enhancing our security measures, refining our development processes, and making improvements to our website's functionality. We will also extend our Github Actions workflows to cover more aspects of our development process, and keep optimizing our

Contributions

We extend our heartfelt thanks to the contributors to this release, especially @vamsii777, @prathamesh-dukare, @zeel-codder, and @Prachi-Jamdade.

Contributors

vamsii777, zeel-codder, and 2 other contributors
Assets 2
Loading