Today's update (738e48b) brings with it the following changes:
Security issues
- Ensure HTTP redirects can't be abused by attackers in phishing attacks.
- Minimize error messages shown to users when templates are rendered.
- Update dependencies to fix security issues CVE-2025-40928 and CVE-2025-40929.
New features
- Content-Security-Policy endpoints changed to csp.prod.devops.forlagshuset.no.
- Content-Security-Policy now uses new W3C Reporting API.