Announcing Scala.js v1.10.0; fixes CVE-2022-28355

Hello everyone,

We are pleased to announce the release of Scala.js 1.10.0!

This release addresses a security vulnerability in java.util.UUID.randomUUID(). All versions of Scala.js prior to 1.10.0 are affected, including all 0.6.x versions. We strongly recommend that all users upgrade to Scala.js 1.10.0 as soon as possible. Read the security advisory for more details. The issue was registered as CVE-2022-28355.

This release also brings a new mode of module splitting, which creates the smallest possible modules for a given list of packages, and the fewest possible modules for the rest.

Finally, it contains some minor optimizations, notably contributed by @japgolly.

Read the announcement on the web for more details:

the Scala.js team