Skip to content

Commit 2d761de

Browse files
committed
doc:add release notes for beta 4
1 parent d279562 commit 2d761de

1 file changed

Lines changed: 31 additions & 0 deletions

File tree

docs/docs/release-notes/index.md

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,36 @@
11
# Release Notes
22

3+
## 0.1.0-beta.4 (2026-06-17)
4+
5+
### New Features
6+
7+
- Redesigned asset display in the activity Detection section for a consistent look with the activity Details ([pull 26](https://github.com/CompassSecurity/raptr/pull/26))
8+
9+
### Fixes
10+
11+
- Blue Team members can now view and restore soft-deleted assets ([pull 26](https://github.com/CompassSecurity/raptr/pull/26))
12+
- Sandboxed the Jinja2 environment used to render report templates to prevent server-side template injection (SSTI), with clearer error handling and logging for rejected templates ([pull 22](https://github.com/CompassSecurity/raptr/pull/22))
13+
- Sanitized file names during assessment import and export to prevent path traversal (zip-slip) and `Content-Disposition` header injection ([pull 23](https://github.com/CompassSecurity/raptr/pull/23))
14+
- The activity `state` is now required on update, so a partial request can no longer silently reset the workflow state ([pull 24](https://github.com/CompassSecurity/raptr/pull/24))
15+
- Restricted Blue Team file upload and deletion behind the activity update permission (activity must be visible, not deleted, and in a Waiting state) ([pull 25](https://github.com/CompassSecurity/raptr/pull/25))
16+
- Hardened file upload against polyglot files by normalizing the stored file extension to the detected content type ([pull 27](https://github.com/CompassSecurity/raptr/pull/27))
17+
- Anaglyph mode improvements ([b7712db](https://github.com/CompassSecurity/raptr/commit/b7712db))
18+
- Removed a duplicate event binding surfaced by the updated Vue tooling ([pull 28](https://github.com/CompassSecurity/raptr/pull/28))
19+
- Fixed broken documentation links and anchors ([d279562](https://github.com/CompassSecurity/raptr/commit/d279562))
20+
21+
### Chore
22+
23+
- Updated frontend and backend dependencies ([pull 28](https://github.com/CompassSecurity/raptr/pull/28))
24+
- Biome → 2.5.0
25+
- vue → 3.5.38, vue-tsc → 3.3.5
26+
- tailwindcss / @tailwindcss/vite → 4.3.1
27+
- reka-ui → 2.9.10, @lucide/vue → 1.20.0
28+
- dompurify → 3.4.10, marked → 18.0.5, axios → 1.18.0
29+
- @hey-api/openapi-ts → 0.98.2, @types/node → 25.9.3
30+
- Earlier dependency and Biome version bumps ([6c2e2e7](https://github.com/CompassSecurity/raptr/commit/6c2e2e7), [3b08058](https://github.com/CompassSecurity/raptr/commit/3b08058))
31+
- Scoped the release and pull-request CI workflows with `paths-ignore` and removed the unused sandbox workflow ([8206d27](https://github.com/CompassSecurity/raptr/commit/8206d27), [00ae160](https://github.com/CompassSecurity/raptr/commit/00ae160))
32+
33+
334
## 0.1.0-beta.3 (2026-05-11)
435

536
### New Features

0 commit comments

Comments
 (0)