Skip to content

Release: v0.8.2

Choose a tag to compare

View all tags
@shinpr shinpr released this 30 Mar 05:10
· 91 commits to main since this release
v0.8.2
dadf646
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Security

  • Validate input image paths before reading: block path traversal (..), null byte injection, and resolve symlinks (#74)
  • Enforce image file extension check on inputImagePath to prevent arbitrary file reads
  • Sanitize user-supplied fileName before path construction
  • Replace Math.random() with crypto.randomBytes() for file naming
  • Pin GitHub Actions to SHA hashes (#67)

Improvements

  • Better structured prompt generation for intent preservation, spatial clarity, and mood specificity (#73)
  • Improve image-generation skill for LLM execution quality (#72)

Dependencies

  • Bump path-to-regexp 8.3.0 → 8.4.0
  • Bump brace-expansion, picomatch
  • Update non-major dependencies
Assets 2
Loading