I just finished making a release of Asciidoctor 1.5.5. I want to briefly explain why we had this release and where we are headed.
GitHub discovered a minor exploit in Asciidoctor that would allow a very small document to compound to produce an extremely large output document. The problem is that we allow attributes to be defined in the document using the value of other attributes, but don't enforce a maximum attribute size. Now we enforce a limit using the max-attribute-value-size attribute.
We also needed to add support for the SOURCE_DATE_EPOCH environment variable to allow packages (e.g., Linux packages) that build documentation using Asciidoctor to be reproducible.
I originally wanted to make 1.5.5 the last release in the 1.5.x series. However, since we had to get this release out, I had to push some issues to 1.5.6. So I'm revising my goal to make 1.5.6 the last release in the1.5.x series. I'd still like to make that a relatively minor release so we can finally advance to 1.6.0. That will mean pushing some issues currently slated for 1.5.6 off to 1.6.0 or beyond, but that will get us to 1.6.0 sooner.