Changelog

June 10, 2026

3.71.7

(chore): Upgrade oxc tooling: oxlint 1.63.0 → 1.69.0, oxfmt 0.48.0 → 0.54.0, oxlint-tsgolint 0.22.1 → 0.23.0. tsgolint 0.23.0 ships with go1.26.3 (clearing go/stdlib CVEs), so the rebuild-from-source Docker stage is removed entirely.

3.71.6

(fix): Fix hasNextPage for offset pagination so it no longer compares items.length against a fabricated default when the caller omits the page-size parameter (FER-11160). The previous logic substituted a generator-chosen default (often 1), which produced false-positive continuation on short pages and false-negative termination when the default was non-trivial. The pager now gates the size comparison on whether the caller actually provided a page-size: when supplied, a short page still short-circuits (saves one round-trip at the tail); when omitted, it falls back to an items-driven check. Explicit response.hasNextPage from the API continues to take priority.

June 8, 2026

3.71.5

(fix): Fix race condition in anySignal() where abort events could be silently dropped when a source signal aborts between the aborted check and addEventListener registration.

June 4, 2026

3.71.4

(fix): Fix request URLs containing duplicate slashes (e.g. /{id}//{nestedId}) when a base-path, service base-path, and endpoint path are joined together. Consecutive slashes in the generated URL are now collapsed into a single slash, matching the URL used in generated wire tests.

May 27, 2026

3.71.3

(fix): Retain a reference to the upstream Response on streaming and SSE response bodies so that undici’s FinalizationRegistry does not garbage-collect the Response and cancel the body stream on Node 18+.

May 22, 2026

3.71.2

(chore): Bump Node.js base image from 24.15 to 24.16.

May 21, 2026

3.71.1

(fix): Bump @fern-api/generator-cli to 0.9.35, which disables minimatch negation on .fernignore patterns so a stray !pattern no longer silently inverts the match and discards generator output.

May 20, 2026

3.71.0

(feat): Apply client-default to root path parameters at runtime. When omitted at client construction, the configured default now lands in the URL instead of undefined.

3.70.9

(fix): Use hasWebSocketInTree IR field to wire WebSocket sub-clients into the root client, even when the WebSocket channel lives on a nested sub-resource rather than the top-level namespace package.

May 18, 2026

3.70.8

(chore): Update OS packages in the TypeScript SDK generator container from Debian sid to fix krb5 (CVE-2026-40355, CVE-2026-40356), curl (CVE-2026-1965, CVE-2026-4873, CVE-2026-5545, CVE-2026-6253, CVE-2026-6429), gnutls28 (CVE-2026-3832), and expat (CVE-2026-45186).

May 15, 2026

3.70.7

(fix): Dynamic snippets now render path-parameter arguments in IR (URL / SDK signature) order rather than in the order they happen to appear in the input request, so generated examples line up with the actual SDK method signature even when the spec lists path parameters in a different order.

May 12, 2026

3.70.6

(chore): Patch TypeScript SDK generator container CVEs flagged in the AWS ECR / grype scan. Rebuild the embedded oxlint-tsgolint@0.22.1 Go binary from source under GOTOOLCHAIN=go1.26.3 so the published image no longer ships the upstream go1.26.2 binary that grype flags for CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39836, and CVE-2026-42499.