2.3.1 – 2024-12-05

• Fixed: Revert changes made to how we determine custom dimensions for SVGs (props @dkotter, @martinpl, @subfighter3, @smerriman, @gigatyrant, @jeffpaul, @iamdharmesh via #238).

2.3.0 – 2024-11-25

• Added: New setting that allows large SVG files (roughly 10MB or greater) to be uploaded and sanitized properly (props @kirtangajjar, @faisal-alvi, @darylldoyle, @manojsiddoji, @dkotter via #201).
• Added: New get_svg_dimensions function in order to reduce code duplication (props @gabriel-glo, @jeremymoore, @darylldoyle, @iamdharmesh, @dkotter via #216).
• Changed: Updated the enshrined/svg-sanitize package from 0.16.0 to 0.19.0 to fix a PHP 8.3 compatibility issue (props @sksaju, @TylerB24890, @darylldoyle, @rolf-yoast, @faisal-alvi via #214).
• Changed: Update how image dimensions are passed in get_image_tag_override and one_pixel_fix methods (props @gabriel-glo, @jeremymoore, @darylldoyle, @iamdharmesh, @dkotter via #216).
• Changed: Bump WordPress “tested up to” version to 6.7 (props @colinswinney, @jeffpaul via #232, #233).
• Changed: Bump WordPress minimum from 6.4 to 6.5 (props @colinswinney, @jeffpaul via #232, #233).
• Changed: Remove composer dev dependencies from archived project (props @TylerB24890, @szepeviktor, @peterwilsoncc via #220).
• Fixed: Use proper block category for the Safe SVG Icon block (props @kirtangajjar, @fabiankaegy via #226).
• Security: Only allow SVG file types to be uploaded if our sanitizer is able to run on those files (props @darylldoyle, @xknown, @dkotter via #228).
• Security: Bump webpack from 5.90.1 to 5.94.0 (props @dependabot, @peterwilsoncc via #222).
• Security: Bump ws from 7.5.10 to 8.18.0, serve-static from 1.15.0 to 1.16.2 and express from 4.19.2 to 4.21.0 (props @dependabot, @Sidsector9, @faisal-alvi via #227, #230, #234).

2.2.6 – 2024-08-28

• Changed: Bump WordPress “tested up to” version to 6.6 (props @sudip-md, @ankitguptaindia, @jeffpaul via #212, #213).
• Changed: Bump WordPress minimum from 5.7 to 6.4 (props @sudip-md, @ankitguptaindia, @jeffpaul via #212, #213).
• Security: Add svg sanitization on the wp_handle_sideload_prefilter filter (props @dkotter, @xknown, @iamdharmesh via GHSA-3vr7-86pg-hf4g).
• Security: Bump braces from 3.0.2 to 3.0.3, pac-resolver from 7.0.0 to 7.0.1, socks from 2.7.1 to 2.8.3, ws from 7.5.9 to 7.5.10 and remove ip (props @dependabot, @Sidsector9 via #206).
• Security: Bump axios from 1.6.7 to 1.7.4 (props @dependabot, @faisal-alvi via #218).

2.2.5 – 2024-06-27

• Added: New filter, safe_svg_current_user_can_upload, allowing more control over who can upload SVG files (props @dkotter, @iamdharmesh via #193).
• Fixed: Fatal error when applying the admin_post_thumbnail_html filter with just two arguments (props @kmgalanakis, @dkotter, @liz1kiweno via #196).
• Fixed: Prevent PHP fatal error when the value of the filtered block categories is not an array (props @kmgalanakis, @dkotter, @cguidog via #200).
• Fixed: Handled PHP warning when the $image_meta is not an array (props @faisal-alvi, @dkotter, @drazenbebic, @kirtangajjar via #203).

2.2.4 – 2024-03-28

• Changed: Upgrade the download-artifact from v3 to v4 (props @iamdharmesh, @jeffpaul via #181).
• Changed: Replaced lee-dohm/no-response with actions/stale to help with closing no-response/stale issues (props @jeffpaul, @dkotter via #183).
• Fixed: Ensure the svg file can be loaded before we try accessing it’s attributes (props @dkotter, @metashield-ie, @ocean90, @darylldoyle, @faisal-alvi via #186).
• Fixed: Ensure we don’t throw JS errors in the Classic Editor when the optimizer feature is turned on (props @dkotter, @turtlepod, @faisal-alvi via #187).
• Security: Bump webpack-dev-middleware from 5.3.3 to 5.3.4 (props @dependabot, @dkotter via #185).
• Security: Bump express from 4.18.2 to 4.19.2 (props @dependabot, @dkotter via #188).

2.2.3 – 2024-03-20

• Added: Support for the WordPress.org plugin preview (props @dkotter, @jeffpaul via #167).
• Changed: Bump WordPress “tested up to” version 6.5 (props @dkotter, @jeffpaul via #180).
• Changed: Clean up NPM dependencies and update node to v20 (props @Sidsector9, @dkotter via #172).
• Fixed: Refactor the svg_dimensions function to be more performant (props @sksaju, @cjyabraham, @bmarshall511, @Hercilio1, @darylldoyle via #154, #174).
• Fixed: Address fatal JS error when optimization is enabled and an item is published without blocks (props @psorensen, @tictag, @dkotter via #173).
• Security: Bump axios from 0.25.0 to 1.6.2 and @wordpress/scripts from 26.0.0 to 26.18.0 (props @dependabot, @ravinderk via #166).
• Security: Bump follow-redirects from 1.15.3 to 1.15.6 and ip from 1.1.8 to 1.1.9 (props @dependabot, @dkotter via #169, #177).

2.2.2 – 2023-11-21

• Changed: Bump WordPress “tested up to” version 6.4 (props @qasumitbagthariya, @jeffpaul via #162, #163).
• Fixed: Ensure CSS applies properly to the SVG Icon block when added via theme.json (props @tobeycodes, @dkotter via #161).

2.2.1 – 2023-10-23

• Changed: Update to apiVersion 3 for our SVG Icon block (props @fabiankaegy, @ravinderk, @jeffpaul, @dkotter via #133).
• Fixed: Address an error due to the SVG Icon block using the fill-rule attribute (props @zamanq, @jeffpaul, @iamdharmesh via #152).
• Security: Bump postcss from 8.4.20 to 8.4.31 (props @dependabot, @faisal-alvi via #155).
• Security: Bump @cypress/request from 2.88.12 to 3.0.1 and cypress from 10.11.0 to 13.3.0 (props @dependabot, @ravinderk via #156).
• Security: Bump @babel/traverse from 7.20.12 to 7.23.2 (props @dependabot, @iamdharmesh via #158).

2.2.0 – 2023-08-21

• Added: New settings that give the ability to select which user roles can upload SVG files (props @dhanendran, @csloisel, @faisal-alvi, @dkotter via #76).
• Added: SVG optimization during upload via SVGO. Feature is disabled by default but can be enabled using the safe_svg_optimizer_enabled filter (props @gsarig, @peterwilsoncc, @Sidsector9, @darylldoyle, @faisal-alvi, @dkotter, @ravinderk via #79, #145).
• Added: Spacing and color controls added to SVG block (props @bmarshall511, @iamdharmesh via #135).
• Added: Mochawesome reporter added for Cypress test report (props @jayedul, @peterwilsoncc via #124).
• Changed: Update Support Level from Active to Stable (props @Sidsector9, @iamdharmesh via #100).
• Changed: Update name of SVG block from Safe SVG Icon to Inline SVG (props @bmarshall511, @iamdharmesh via #135).
• Changed: Bump WordPress “tested up to” version 6.3 (props @dkotter, @jeffpaul via #144).
• Changed: Update the Dependency Review GitHub Action (props @jeffpaul, @Sidsector9 via #128).
• Fixed: Add namespace to the class_exists check (props @szepeviktor, @iamdharmesh via #120).
• Fixed: Ensure Sanitizer class is properly imported (props @szepeviktor, @iamdharmesh via #121).
• Fixed: Remove an unneeded global (props @szepeviktor, @iamdharmesh via #122).
• Fixed: Use absolute path in require (props @szepeviktor, @iamdharmesh via #123).
• Fixed: Ensure custom classname added to SVG block is output on the front-end (props @bmarshall511, @Sidsector9, @dkotter via #130).
• Fixed: Ensure SimpleXML exists before using it (props @sdmtt, @faisal-alvi via #140).
• Fixed: Fix markdown issues in the readme (props @szepeviktor, @iamdharmesh via #119).
• Security: Bump semver from 5.7.1 to 5.7.2 (props @dependabot via #134).
• Security: Bump word-wrap from 1.2.3 to 1.2.5 (props @dependabot via #141).
• Security: Bump tough-cookie from 4.1.2 to 4.1.3 and @cypress/request from 2.88.10 to 2.88.12 (props @dependabot via #146).

View historical changelog details here.