Security
- Update recommended: This version fixes a gap in the SSRF protection that occurs when the remote host redirects to a local address.
What's Changed
🐛 Fixed
📦 Dependency Updates
- [master] Fix npm audit by @nextcloud-command in #3754
- build(deps): Bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 by @dependabot[bot] in #3755
- build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1 by @dependabot[bot] in #3759
- build(deps): Bump crate-ci/typos from 1.46.1 to 1.46.2 by @dependabot[bot] in #3758
- build(deps): Bump errata-ai/vale-action from 2.1.1 to 2.1.2 by @dependabot[bot] in #3756
- build(deps-dev): Bump @types/node from 25.8.0 to 25.9.0 in the types group by @dependabot[bot] in #3757
- build(deps): Bump R0Wi/nextcloud-appstore-push-action from 1.0.4 to 1.0.5 by @dependabot[bot] in #3761
- build(deps-dev): Bump @types/node from 25.9.0 to 25.9.1 in the types group by @dependabot[bot] in #3762
- build(deps): Bump guzzlehttp/psr7 from 2.9.0 to 2.10.1 by @dependabot[bot] in #3763
- build(deps): Bump @nextcloud/dialogs from 7.3.0 to 7.4.0 by @dependabot[bot] in #3765
- build(deps-dev): Bump the vite group with 2 updates by @dependabot[bot] in #3764
- [master] Fix npm audit by @nextcloud-command in #3767
- build(deps): Bump guzzlehttp/psr7 from 2.10.1 to 2.10.2 by @dependabot[bot] in #3770
- build(deps): Bump crate-ci/typos from 1.46.2 to 1.46.3 by @dependabot[bot] in #3771
- build(deps): Bump symfony/cache from 7.4.9 to 7.4.12 by @dependabot[bot] in #3766
Full Changelog: 28.4.1...28.5.0