Security
Fixed a bug in URL path parsing (getPath) that could cause path confusion under malformed requests.
If you rely on reverse proxies (e.g. Nginx) for ACLs or restrict access to endpoints like /admin, please update immediately.
See advisory for details: GHSA-9hp6-4448-45g2
What's Changed
- chore: update packages in the router bench by @yusukebe in #4386
- chore(benchmarks): remove comment-out from router bench by @yusukebe in #4387
Full Changelog: v4.9.5...v4.9.6