2.19.2.1 Changelog

[Alex-Toucan]

2.19.2.1

Resources

---

Changelog

Added

• Added more resources into CodingHome. (Add sourcemaking.com a resource in CodingHome. #265)
• Added Renovate, a GitHub bot to update dependencies. (Configure Renovate #258)

Changed

• Updated the Privacy Policy to include IP Logging. (Update the Privacy Policy to include IP Address Logging. #256)
• Updated the way the site renders hero buttons. (Simplify the way hero buttons work. #263)
• Updated Astro from v4.14.4 to v4.15.4. (Update Astro from v4.14.4 to v4.14.5. #253, Update dependency astro to v4.14.6 #264, Update dependency astro to v4.15.1 #266, Update dependency astro to v4.15.2 #268, Update dependency astro to v4.15.3 #270, Update dependency astro to v4.15.4 #271 & Update dependency astro to v4.15.5 #276)
• Updated vite from v5.4.5 to v5.4.6. (Bump vite from 5.4.5 to 5.4.6 #282)
• Updated micromatch from v4.0.7 to v4.0.8. ((CVE-2024-4067) micromatch v4.0.7: Regular Expression Denial of Service (ReDoS) in micromatch. #252 & Update micromatch from v4.0.7 to v4.0.8. #257)
• Updated opencv-python from v4.5.3.56 to v4.8.1.78 in require.txt. (Bump opencv-python from 4.5.3.56 to 4.8.1.78 in /public/media/files #267)
• Updated actions/checkout from v3 to v4. (Update actions/checkout from v3 to v4.  #255)

Security Vulnerabilities Patched

CVE-2024-4067
Found in the NPM package micromatch. This vulnerability could lead to a Regular Expression Denial of Service (REDoS).

CVE-2024-4068
Found in the NPM package braces, made by and used by micromatch. This vulnerability could lead to uncontrolled resource consumption in braces.

CVE-2023-4863 (for require.txt)
Found in the Python package opencv-python. This vulnerability could lead to libwebp: OOB writes in BuildHuffmanTable. This had to be addressed more than once in older versions of atproducts.xyz.

---

All resources are at #211.