Releases: OWASP/Nest
Releases · OWASP/Nest
Release list
Nest 2026.06.25
What's Changed
- Bump cspell dictionary versions by @arkid15r in #5036
- Bump arkid15r/check-contribution-action to v0.1.2 by @arkid15r in #5037
- chore(deps): bump the version-updates group across 3 directories with 1 update by @dependabot[bot] in #5039
- chore(deps): bump the version-updates group across 3 directories with 2 updates by @dependabot[bot] in #5040
- Enable auto-scaling for ECS backend/frontend services by @arkid15r in #5038
- Fix auto-scaling permissions by @arkid15r in #5043
- formatter and linter support for e2e by @devnchill in #5002
- chore(deps): bump the version-updates group across 3 directories with 2 updates by @dependabot[bot] in #5045
- chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2 in the version-updates group across 1 directory by @dependabot[bot] in #5046
- Fix auto scaling permissions by @arkid15r in #5047
Full Changelog: 2026.6.23...2026.06.25
Nest 2026.6.23
What's Changed
- fix: fix chapter tests by using domcontentloaded wait strategy by @devnchill in #4994
- Add ClusterFuzzLite integration for OSSF scorecard fuzzing by @Adarshkumar0509 in #4951
- Update badges, add code coverage badge by @arkid15r in #5013
- chore(deps-dev): bump cspell in /cspell by @dependabot[bot] in #5019
- chore(deps): bump aws-actions/configure-aws-credentials from 6.1.3 to 6.2.0 in the version-updates group across 1 directory by @dependabot[bot] in #5020
- chore(deps): bump aquasec/trivy from 0.71.1 to 0.71.2 in /docker/trivy in the version-updates group across 1 directory by @dependabot[bot] in #5016
- Update README.md: add
runs onbadge by @arkid15r in #5023 - fix timeout errors for e2e tests by @devnchill in #5024
- chore(deps): bump the version-updates group across 4 directories with 2 updates by @dependabot[bot] in #5027
- chore(deps): bump the version-updates group across 1 directory with 2 updates by @dependabot[bot] in #5028
- chore(deps): bump the version-updates group across 3 directories with 1 update by @dependabot[bot] in #5026
- Remove dangerous workflow triggers by @arkid15r in #5032
- Update about page: project timeline by @arkid15r in #5033
Full Changelog: 2026.6.20...2026.6.23
Nest 2026.6.20
What's Changed
- Require pip hashes by @arkid15r in #4920
- Address backend video target issues by @arkid15r in #4923
- chore(deps): bump docker/setup-buildx-action from 4.0.0 to 4.1.0 in the version-updates group across 1 directory by @dependabot[bot] in #4928
- Migrate lighthouse workflow to arm64 by @hassaansaleem28 in #4929
- chore(deps): bump https://github.com/tox-dev/pyproject-fmt in / by @dependabot[bot] in #4926
- chore(deps): bump zaproxy/zap-stable from
2ec1d5dto7c2f8afin /docker/zap in the version-updates group across 1 directory by @dependabot[bot] in #4927 - Mitigate multiple vulnerabilities in dependencies by @arkid15r in #4947
- chore(deps): bump aws-actions/configure-aws-credentials from 6.1.1 to 6.1.2 in the version-updates group across 1 directory by @dependabot[bot] in #4942
- chore(deps): bump strawberry-graphql-django in / by @dependabot[bot] in #4925
- fix: add DJANGO_SECRET_KEY documentation for local setup by @abhaybansal16 in #4915
- chore(deps): bump dayjs in /e2e by @dependabot[bot] in #4941
- feat: add cacheSeconds parameters to some dynamic badges by @devnchill in #4954
- chore(deps): bump @sentry/nextjs in /frontend by @dependabot[bot] in #4957
- Bump Playwright to 1.61.0 by @Mr-Rahul-Paul in #4960
- chore(deps): bump https://github.com/igorshubovych/markdownlint-cli in / by @dependabot[bot] in #4955
- chore(deps): bump aquasec/trivy from 0.71.0 to 0.71.1 in /docker/trivy in the version-updates group across 1 directory by @dependabot[bot] in #4963
- Add missing CI/CD timeouts by @arkid15r in #4964
- stabilize chapter E2E tests by blocking external resources by @Mr-Rahul-Paul in #4967
- fix(frontend): fix TypeScript errors from apexcharts 5.13.0 type narrowing by @Adarshkumar0509 in #4937
- Bump pnpm to 11.7.0 by @arkid15r in #4965
- chore(deps): bump date-fns in /frontend by @dependabot[bot] in #4972
- chore(deps): bump aws-actions/configure-aws-credentials from 6.1.2 to 6.1.3 in the version-updates group across 1 directory by @dependabot[bot] in #4971
- chore(deps): bump semgrep/semgrep from 1.165.0 to 1.166.0 in /docker/semgrep in the version-updates group across 1 directory by @dependabot[bot] in #4970
- chore(deps): bump the version-updates group across 3 directories with 1 update by @dependabot[bot] in #4969
- Mitigate GHSA-vmh5-mc38-953g by @arkid15r in #4976
- Bump aiohttp to v3.14.1 by @arkid15r in #4977
- chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates by @dependabot[bot] in #4950
- chore(deps): bump the version-updates group across 2 directories with 1 update by @dependabot[bot] in #4981
- fix: read Slack credentials from .env in local build by @Mr-Rahul-Paul in #4956
- Mitigate GHSA-h67p-54hq-rp68 by @arkid15r in #4986
- chore(deps): bump @sentry/nextjs in /frontend by @dependabot[bot] in #4982
- chore(deps): bump isomorphic-dompurify in /frontend by @dependabot[bot] in #4983
- Split CodeQL workflows by @arkid15r in #4991
- Pin msgpack to v1.2.1 by @arkid15r in #4992
- Add ability to add past deadlines to issues in mentorship portal by @kasya in #4989
- Bump dompurify to v3.4.11 by @arkid15r in #4993
- Bump langsmith to v0.8.18 by @arkid15r in #4997
- Update CodeQL workflow triggers by @arkid15r in #4998
- Pin opentelemetry/core to v2.8.0 by @arkid15r in #5000
New Contributors
- @abhaybansal16 made their first contribution in #4915
Full Changelog: 2026.6.13...2026.6.20
Nest 2026.6.13
What's Changed
- chore(deps): bump framer-motion in /frontend by @dependabot[bot] in #4906
- chore(deps): bump the version-updates group across 1 directory with 2 updates by @dependabot[bot] in #4904
- chore(deps): bump https://github.com/astral-sh/ruff-pre-commit in / by @dependabot[bot] in #4900
- chore(deps): bump https://github.com/tox-dev/pyproject-fmt in / by @dependabot[bot] in #4902
- chore(deps): bump https://github.com/djlint/djLint in / by @dependabot[bot] in #4901
- Add attestation step by @arkid15r in #4918
- Update CI triggers: remove push by @arkid15r in #4919
- chore(deps): bump the version-updates group across 2 directories with 1 update by @dependabot[bot] in #4903
Full Changelog: 2026.6.11...2026.6.13
Nest 2026.6.11
What's Changed
- chore(deps): bump the version-updates group across 3 directories with 2 updates by @dependabot[bot] in #4891
- chore(deps): bump docker/build-push-action from 7.1.0 to 7.2.0 in the version-updates group across 1 directory by @dependabot[bot] in #4893
- chore(deps): bump posthog-js in /frontend by @dependabot[bot] in #4894
- chore(deps): bump @apollo/client in /frontend by @dependabot[bot] in #4892
- Migrate to arm64 architecture by @arkid15r in #4887
- Add mentroship modules data sync cron job by @kasya in #4854
- feat: post threaded resolution reply when invite link is updated on GitHub by @Adarshkumar0509 in #4861
- Update logic on how to fetch modules for mentors by @kasya in #4847
- fix(ChapterMap): correct cursor display on non-interactive areas by @ayushdixit1-av in #4890
New Contributors
- @ayushdixit1-av made their first contribution in #4890
Full Changelog: 2026.6.10...2026.6.11
Nest 2026.6.10
What's Changed
- chore(deps): bump isomorphic-dompurify in /frontend by @dependabot[bot] in #4882
- chore(deps): bump framer-motion in /frontend by @dependabot[bot] in #4881
Full Changelog: 2026.6.9...2026.6.10
Nest 2026.6.9
What's Changed
- chore(deps): bump the version-updates group across 1 directory with 3 updates by @dependabot[bot] in #4863
- chore(deps-dev): bump @graphql-codegen/near-operation-file-preset in /frontend by @dependabot[bot] in #4867
- chore(deps): bump https://github.com/pre-commit/mirrors-mypy in / by @dependabot[bot] in #4859
- chore(deps): bump tailwind-merge in /frontend by @dependabot[bot] in #4865
- chore(deps): bump https://github.com/antonbabenko/pre-commit-terraform in / by @dependabot[bot] in #4856
- chore(deps): bump posthog-js from 1.372.9 to 1.374.0 in /frontend by @dependabot[bot] in #4864
- chore(deps): bump https://github.com/djlint/djLint in / by @dependabot[bot] in #4858
- chore(deps): bump strawberry-graphql-django in / by @dependabot[bot] in #4860
- chore(deps): bump https://github.com/astral-sh/ruff-pre-commit in / by @dependabot[bot] in #4857
- feat: add actionlint/zizmor for workflow file linting by @hassaansaleem28 in #4855
- chore(deps): bump dompurify in /frontend by @dependabot[bot] in #4874
- chore(deps): bump https://github.com/astral-sh/ruff-pre-commit in / by @dependabot[bot] in #4871
- chore(deps): bump date-fns in /frontend by @dependabot[bot] in #4873
- chore(deps): bump https://github.com/tox-dev/pyproject-fmt in / by @dependabot[bot] in #4872
Full Changelog: 2026.6.6.1...2026.6.9
Nest 2026.6.6.1
Full Changelog: 2026.6.6...2026.6.6.1
Nest 2026.6.6
What's Changed
- chore(deps): bump the version-updates group across 1 directory with 2 updates by @dependabot[bot] in #4823
- chore(deps): bump @sentry/nextjs in /frontend by @dependabot[bot] in #4822
- chore(deps): bump semgrep/semgrep from 1.163.0 to 1.164.0 in /docker/semgrep in the version-updates group across 1 directory by @dependabot[bot] in #4821
- chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 in the version-updates group across 1 directory by @dependabot[bot] in #4837
- chore(deps): bump strawberry-graphql in / by @dependabot[bot] in #4836
- chore(deps): bump apexcharts from 5.10.6 to 5.12.0 in /frontend by @dependabot[bot] in #4838
- Merge
feature/ci-cd-optimizationimprovements by @arkid15r in #4846 - chore(deps): bump dompurify in /frontend by @dependabot[bot] in #4839
- chore(deps): bump isomorphic-dompurify in /frontend by @dependabot[bot] in #4840
Full Changelog: 2026.6.2...2026.6.6
Nest 2026.6.2
What's Changed
- ci: disable credential persistence in checkout steps by @Adarshkumar0509 in #4817
Full Changelog: 2026.6.1...2026.6.2