1.703.3 (2026-05-18)
Bug Fixes
- constrain unauthenticated get_public_resource to app_theme resources (#9203) (24eedef)
- enforce folder ACL on flow run-by-version routes (#9202) (ab11c77)
- enforce jobs:run scope on job preview and inline endpoints (#9198) (664edcd)
- mcp: validate oauth dynamic client registration redirect_uris (#9197) (8bc2295)
- validate entrypoint override to prevent worker code injection (GHSA-wxjq-w5pj-jqhx) (#9204) (bd05bca)