Merge tag '0.1.2' into 0.2-maintenance

BotKit 0.1.2

Author: dahlia

CHANGES.md

@@ -6,6 +6,10 @@ Version 0.2.2
 
 To be released.
 
+ -  Upgrade Fedify to 1.5.5, which includes a critical security
+    fix [CVE-2025-54888] that addresses an authentication bypass
+    vulnerability allowing actor impersonation.  [[CVE-2025-54888]]
+
 
 Version 0.2.1
 -------------
@@ -76,6 +80,18 @@ Released on April 21, 2025.
         to the author of the original message as well if it is a reply.
 
 
+Version 0.1.2
+-------------
+
+Released on August 8, 2025.
+
+ -  Upgrade Fedify to 1.4.13, which includes a critical security
+    fix [CVE-2025-54888] that addresses an authentication bypass
+    vulnerability allowing actor impersonation.  [[CVE-2025-54888]]
+
+[CVE-2025-54888]: https://github.com/fedify-dev/fedify/security/advisories/GHSA-6jcc-xgcr-q3h4
+
+
 Version 0.1.1
 -------------
 

deno.json

@@ -18,7 +18,7 @@
     "./text": "./src/text.ts"
   },
   "imports": {
-    "@fedify/fedify": "jsr:@fedify/fedify@^1.5.1",
+    "@fedify/fedify": "jsr:@fedify/fedify@^1.5.5",
     "@fedify/markdown-it-hashtag": "jsr:@fedify/markdown-it-hashtag@^0.3.0",
     "@fedify/markdown-it-mention": "jsr:@fedify/markdown-it-mention@^0.3.0",
     "@hongminhee/x-forwarded-fetch": "jsr:@hongminhee/x-forwarded-fetch@^0.2.0",
@@ -38,6 +38,7 @@
     ".vscode",
     "docs",
     "junit.xml",
+    "logo.svg",
     "src/css"
   ],
   "fmt": {