v0.15.5

[laipz8200]

🔒 Security Patch in v0.15.5

Hey everyone, this version bumps us up to v0.15.5, and it focuses on tightening security:

🔐 Important Fix

• Sandbox Code Injection: Upgrade Dify Sandbox to avoid the code injection. We strongly recommend that all users currently using versions below 0.15.5 update to this version, or you can only update the sandbox.
• XSS Vulnerability: Sanitize SVG to prevent XSS attacks by @iamjoel in #16608.

What this means: We've updated our SVG handling to ensure that potentially malicious scripts can't take advantage of your interaction with our SVG elements. This patch fortifies our platform against cross-site scripting vulnerabilities, making sure your application usage remains safe and secure.

Stay secure, and happy coding! 🚀

---

What's Changed

• fix: sanitizer svg to avoid xss by @iamjoel in fix: sanitizer svg to avoid xss #16608

Full Changelog: 0.15.4...0.15.5

---

This discussion was created from the release v0.15.5.

[elviacis]

🔒 Security Patch in v0.15.5

Hey everyone, this version bumps us up to v0.15.5, and it focuses on tightening security:

🔐 Important Fix

• Sandbox Code Injection: Upgrade Dify Sandbox to avoid the code injection. We strongly recommend that all users currently using versions below 0.15.5 update to this version, or you can only update the sandbox.

• XSS Vulnerability: Sanitize SVG to prevent XSS attacks by @iamjoel in #16608.

What this means: We've updated our SVG handling to ensure that potentially malicious scripts can't take advantage of your interaction with our SVG elements. This patch fortifies our platform against cross-site scripting vulnerabilities, making sure your application usage remains safe and secure.

Stay secure, and happy coding! 🚀

---

What's Changed

• fix: sanitizer svg to avoid xss by @iamjoel in fix: sanitizer svg to avoid xss #16608

Full Changelog: 0.15.4...0.15.5

---

This discussion was created from the release v0.15.5.