v0.14.1 — Release Hardening
v0.14.1 is a focused hardening release. It does not add a new architectural direction or ADR; it tightens the path from scaffold to publish.
What changed
- All packages now publish as
0.14.1. - The signals package name is unified as
@openelement/signals. @openelement/adapter-viteexposes CLI subpaths forbuild,build-client, andbuild-ssg.@openelement/creategenerates versioned build tasks that target the public adapter-vite CLI exports.- JSR publish workflows reject dirty worktrees and no longer use
--allow-dirty. - Local quality tasks and CI now run the same lint, format, typecheck, test, build, and E2E paths.
- Playwright E2E uses an isolated server port instead of reusing any existing local server.
- SSG artifacts are more stable: locale root paths are normalized, the service worker cache name is deterministic, and sidecar import maps use current package metadata.
Safety boundary
LessJS content plugins and head injection APIs assume developer-controlled repository content. Markdown HTML, headExtras, and headFragments are not sanitizers. If an application accepts user-generated HTML or remote CMS content, sanitize that content before passing it to LessJS.
Stable API candidates
The current stable API candidates are lessjs() options, public @openelement/core exports, @openelement/adapter-vite CLI subpaths, @openelement/rpc, @openelement/signals, and @openelement/ui component subpaths.