From dbf25a438f6c0b1633ff3a42d55ebd50a42de8c1 Mon Sep 17 00:00:00 2001
From: scops <2014109+scops@users.noreply.github.com>
Date: Sun, 10 May 2026 23:55:07 +0200
Subject: [PATCH] chore: release 2.3.0

---
 CHANGELOG.md | 5 ++++-
 openapi.json | 2 +-
 package.json | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index af720db..119f56d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 
 ## [Unreleased]
 
+## [2.3.0] - 2026-05-10
+
 ### Added
 - `ALLOWLIST_FILE` env var: when set, the contents of the referenced JSON file replace the built-in `sanitize-html` configuration. Lets different consumers run with different policies without forking. Malformed input fails fast at startup.
 - `lib/allowlist.js` module exporting `DEFAULT_ALLOWLIST` (the previous hardcoded config) and `loadAllowlist({ path })` for tests and programmatic use.
@@ -62,7 +64,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 - `qs` array-limit DoS bypass mitigated via `app.set('query parser', 'simple')` (`GHSA-w7fw-mjwx-w883`, `GHSA-6rw7-vpxm-498p`).
 - Container hardened: runs as the unprivileged `node` user, ships a `HEALTHCHECK`, includes a `.dockerignore`.
 
-[Unreleased]: https://github.com/SINENSIA/markdown-security/compare/v2.2.0...HEAD
+[Unreleased]: https://github.com/SINENSIA/markdown-security/compare/v2.3.0...HEAD
+[2.3.0]: https://github.com/SINENSIA/markdown-security/compare/v2.2.0...v2.3.0
 [2.2.0]: https://github.com/SINENSIA/markdown-security/compare/v2.1.0...v2.2.0
 [2.1.0]: https://github.com/SINENSIA/markdown-security/compare/v2.0.0...v2.1.0
 [2.0.0]: https://github.com/SINENSIA/markdown-security/releases/tag/v2.0.0
diff --git a/openapi.json b/openapi.json
index c5b6ac4..09e908d 100644
--- a/openapi.json
+++ b/openapi.json
@@ -3,7 +3,7 @@
   "info": {
     "title": "markdown-security",
     "description": "HTTP microservice that validates and sanitizes Markdown payloads against an HTML-tag allowlist.",
-    "version": "2.2.0",
+    "version": "2.3.0",
     "license": {
       "name": "MIT",
       "identifier": "MIT"
diff --git a/package.json b/package.json
index 38e3a00..4161724 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "markdown-security",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "main": "server.js",
   "directories": {
     "test": "tests"