Skip to content

Release v4.2.0 #1990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 23, 2025
Merged

Release v4.2.0 #1990

merged 1 commit into from
Mar 23, 2025

Conversation

@frederikprijck
Copy link
Member

@frederikprijck frederikprijck commented Mar 23, 2025
edited
Loading

Security

The above security fix was done to help prevent customers being vulnerable to Authorization Bypass in Next.js Middleware.

Releasing this as a non-major version bump, even thought this is a breaking change. We are doing this because this is a security fix to help prevent customers using our SDK is versions of NextJS vulnerable to GHSA-f82v-jwr5-mffw

@frederikprijck frederikprijck requested a review from a team as a code owner March 23, 2025 10:42
@codecov-commenter
Copy link

codecov-commenter commented Mar 23, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.16%. Comparing base (5e4f210) to head (6b63386).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1990   +/-   ##
=======================================
  Coverage   76.16%   76.16%           
=======================================
  Files          21       21           
  Lines        1523     1523           
  Branches      242      242           
=======================================
  Hits         1160     1160           
  Misses        356      356           
  Partials        7        7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@frederikprijck
Copy link
Member Author

frederikprijck commented Mar 23, 2025

As mentioned, releasing this as a non-major version bump, even thought this is a breaking change. We are doing this because this is a security fix to help prevent customers using our SDK is versions of NextJS vulnerable to GHSA-f82v-jwr5-mffw

arpit-jn
arpit-jn approved these changes Mar 23, 2025
View reviewed changes
Copy link
Contributor

@arpit-jn arpit-jn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@arpit-jn arpit-jn requested a review from tusharpandey13 March 23, 2025 16:08
@frederikprijck frederikprijck merged commit bbae5fa into main Mar 23, 2025
12 checks passed
@frederikprijck frederikprijck deleted the release/v4.2.0 branch March 23, 2025 16:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arpit-jn arpit-jn arpit-jn approved these changes

@tusharpandey13 tusharpandey13 Awaiting requested review from tusharpandey13

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@frederikprijck @codecov-commenter @arpit-jn