Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: labstack/echo
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v5.0.0
Choose a base ref
...
head repository: labstack/echo
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v5.0.3
Choose a head ref
  • 15 commits
  • 29 files changed
  • 3 contributors

Commits on Jan 20, 2026

  1. Panic MW: will now return a custom PanicStackError with stack trace w… 

    …hen config.DisablePrintStack is set to false.
    @aldas
    aldas committed Jan 20, 2026
    Configuration menu
    Copy the full SHA
    096ce41 View commit details
    Browse the repository at this point in the history

Commits on Jan 26, 2026

  1. Update RateLimiterWithConfig example

    @cgalibern @aldas
    cgalibern authored and aldas committed Jan 26, 2026
    Configuration menu
    Copy the full SHA
    3205495 View commit details
    Browse the repository at this point in the history

Commits on Jan 27, 2026

  1. fix: add Connection header validation to IsWebSocket() (RFC 6455)

    @raju-mechatronics @aldas
    raju-mechatronics authored and aldas committed Jan 27, 2026
    Configuration menu
    Copy the full SHA
    f1d43af View commit details
    Browse the repository at this point in the history

  2. fix: enhance IsWebSocket() test cases with Connection header validation

    @raju-mechatronics @aldas
    raju-mechatronics authored and aldas committed Jan 27, 2026
    Configuration menu
    Copy the full SHA
    489646e View commit details
    Browse the repository at this point in the history

Commits on Jan 28, 2026

  1. Context: json should not send status code before serialization is com… 

    …plete (#2877)

Context: json should not send status code before serialization is complete
    @aldas
    aldas authored Jan 28, 2026
    Configuration menu
    Copy the full SHA
    1f3ef29 View commit details
    Browse the repository at this point in the history

  2. Create SECURITY.md

    @aldas
    aldas authored Jan 28, 2026
    Configuration menu
    Copy the full SHA
    8e4c91f View commit details
    Browse the repository at this point in the history

  3. Changelog for v5.0.1 release

    @aldas
    aldas committed Jan 28, 2026
    Configuration menu
    Copy the full SHA
    0954d6e View commit details
    Browse the repository at this point in the history

  4. Merge pull request #2880 from aldas/changelog_501 

    Changelog for v5.0.1 release
    @aldas
    aldas authored Jan 28, 2026
    Configuration menu
    Copy the full SHA
    ba10490 View commit details
    Browse the repository at this point in the history

Commits on Feb 2, 2026

  1. security (static middleware): fix bowser=true listing all file names … 

    …from given filesystem root
    @aldas
    aldas committed Feb 2, 2026
    Configuration menu
    Copy the full SHA
    26ec148 View commit details
    Browse the repository at this point in the history

  2. Changelog for version 5.0.2

    @aldas
    aldas committed Feb 2, 2026
    Configuration menu
    Copy the full SHA
    68aaf3a View commit details
    Browse the repository at this point in the history

  3. Fill c.Request().Pattern field with route path to help standard libra… 

    …ry based middlewares.
    @aldas
    aldas committed Feb 2, 2026
    Configuration menu
    Copy the full SHA
    09ccfba View commit details
    Browse the repository at this point in the history

Commits on Feb 6, 2026

  1. Fix directory traversal vulnerability under Windows in Static middlew… 

    …are when default Echo filesytem is used (effectively `middleware.StaticConfig{Filesystem: nil}`)
    @aldas
    aldas committed Feb 6, 2026
    Configuration menu
    Copy the full SHA
    88d975a View commit details
    Browse the repository at this point in the history

  2. Fix directory traversal vulnerability under Windows in Static middlew… 

    …are when default Echo filesytem is used (effectively `middleware.StaticConfig{Filesystem: nil}`)
    @aldas
    aldas committed Feb 6, 2026
    Configuration menu
    Copy the full SHA
    6c16259 View commit details
    Browse the repository at this point in the history

  3. Fix test reporting different size due Windows / Linux line ending inc… 

    …onsistencies
    @aldas
    aldas committed Feb 6, 2026
    Configuration menu
    Copy the full SHA
    48f25a6 View commit details
    Browse the repository at this point in the history

  4. Merge pull request #2891 from aldas/fix_staticmw 

    Fix directory traversal vulnerability under Windows in Static middleware when default Echo filesystem is used. Reported by @shblue21.

This applies to cases when:
- Windows is used as OS
- `middleware.StaticConfig.Filesystem` is `nil` (default)
- `echo.Filesystem` is has not been set explicitly (default)

Exposure is restricted to the active process working directory and its subfolders.
    @aldas
    aldas authored Feb 6, 2026
    Configuration menu
    Copy the full SHA
    b1d4430 View commit details
    Browse the repository at this point in the history
Loading