Domain webhooks and drops now normalize external payloads with explicit key whitelists instead of converting arbitrary string keys to atoms, so unexpected or malformed input no longer crashes those paths. OAuth registration metadata is normalized to a safe default when malformed, and stale OAuth registration rate-limit buckets are pruned to prevent unbounded memory growth. XML escaping is also shared across Atom and RSS feeds, making feed output consistent and safer.
Hive
Harden external input handling for webhooks, drops, OAuth registration, and feeds
Published
Jun 20, 2026 · 14:37 UTC
Repository
tuist/hive