🔒 Security Hardening
This release includes 8 security improvements:
- JWT environment variables - Secure JWT secret configuration via env vars
- PBKDF2 password hashing - Upgraded password hashing algorithm
- CORS restriction - Tightened CORS policy configuration
- Security headers - Added comprehensive security response headers
- SQL injection prevention - Parameterized query enforcement
- XSS prevention - Input sanitization and output encoding
- Rate limiting - Rate limiting on authentication endpoints
- Content preview sanitization - Sanitized content preview output with role checks
📦 Dependency Updates
- hono 4.12.7
- rollup 4.59.0
- next 16.1.7
- picomatch, axios, minimatch, yaml, flatted
🐛 Bug Fixes
- Fixed Content Info timestamps display
- Fixed Twitter/X link username
- Fixed navigation anchor links
- Moved user_profiles migration from app-level to core package
Installation
npm create sonicjs@latest my-appOr update existing project:
npm install @sonicjs-cms/core@2.8.2