A declarative, efficient, and flexible JavaScript library for building user interfaces.
A floor, not a guess: counts only commits whose author, co-author trailer, or message explicitly credits an AI tool (Claude, Copilot, Cursor, aider, Codex…). Based on 30 mainline commits. Unattributed AI code isn't counted here — the full audit estimates that separately.
mainPublished version 1.9.14 of solid-js with five bug fixes: security updates to seroval dependencies, a memory leak fix for nested lazy() components, support for null-prototype objects in store proxies, corrected mergeProps behavior on the server to handle Object.prototype properties, and fixed Show/Switch components to ignore zero-arg function children during SSR. solid-element updated to 1.9.2 with a custom element context inheritance fix.
Updated seroval and seroval-plugins dependencies from version 1.5.0 to 1.5.4 to include critical security fixes. This ensures npm consumers of solid-js get the patched versions compatible with dom-expressions.
The main CI workflow now explicitly declares read-only permissions for repository contents, improving security by following the principle of least privilege in GitHub Actions.
Resolved type-checking failures by adding a single-argument overload for `mergeProps` in server rendering, casting an edge case in the merge test, and updating the `lazy()` test to use consistent generic type syntax.
Replaced the broken Open Collective contributors image URL with contrib.rocks, which now displays the GitHub contributors list in the Contributors section of the README files.
Fixed a memory leak in nested lazy() components where Suspense contexts and cached resources weren't properly released on disposal, causing disposed component trees to remain in memory across navigations. The fix ensures lazy() clears its cached accessor and resources clean up their Suspense contexts when components are disposed.
Fixed server-side rendering of Show and Switch components to ignore zero-argument function children, treating them as static values instead of render props. This aligns server behavior with the client implementation and prevents markup divergence during hydration.
Server-side mergeProps was silently ignoring properties like `toString`, `valueOf`, and `hasOwnProperty` because it checked `key in target`, which walks the prototype chain. The fix uses `Object.prototype.hasOwnProperty.call()` to check only own properties, and explicitly guards against `__proto__` and `constructor` to match client-side behavior.
Updated the store implementation to use Object.prototype.hasOwnProperty.call() instead of direct hasOwnProperty checks, which ensures compatibility with objects created via Object.create(null) that lack a prototype chain. This fixes reactivity issues when null-prototype objects contain function values.
A Monday email with what shipped in solid, in plain English. No account needed — drop your email and we'll tell you when it's live.
[](https://repowrapped.com/gh/solidjs/solid)<a href="https://repowrapped.com/gh/solidjs/solid"><img src="https://repowrapped.com/gh/solidjs/solid/badge.svg" alt="shipped this week" /></a>