Skip to content

Releases: nats-io/nats-server

Release v2.11.10

30 Sep 15:19
@github-actions github-actions
v2.11.10
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
14e2916
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.11.10

Changelog

Refer to the 2.11 Upgrade Guide for backwards compatibility notes with 2.10.x.

Go Version

  • 1.24.7

Dependencies

  • golang.org/x/crypto v0.42.0 (#7320)
  • github.com/google/go-tpm v0.9.6 (#7376)
  • github.com/nats-io/nats.go v1.46.1 (#7377)

Improved

General

  • Statistics for gateways, routes and leaf connections are now correctly omitted from accstatsz responses if empty (#7300)

JetStream

  • Stream assignment check has been simplified (#7290)
  • Additional guards prevent panics when loading corrupted messages from the filestore (#7299)
  • The store lock is no longer held while searching for TTL expiry tasks, improving performance (#7344)
  • Removing a message from the TTL state is now faster (#7344)
  • The filestore no longer performs heap allocations for hash checks (#7345)
  • Meta snapshot performance for a very large number of assets has been improved after a regression in v2.11.9 (#7350)
  • Sequence-from-timestamp lookups, such as those using opt_start_time on consumers or start_time on message get requests, now use a binary search for improved lookup performance (#7357)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • JetStream will no longer perform a metalayer snapshot on every stream removal request, reducing API pauses and improving meta performance (#7373)

Fixed

General

  • Fixed the exit code when receiving a SIGTERM signal immediately after startup (#7367)

JetStream

  • Fixed a use-after-free bug and a buffer reclamation issue in the filestore flusher (#7295)
  • Direct get requests now correctly skip over deleted messages if the starting sequence is itself deleted (#7291)
  • The Raft layer now strictly enforces that non-leaders cannot send append entries (#7297)
  • The filestore now correctly handles recovering filestore blocks with out-of-order sequences from disk corruption (#7303, #7304)
  • The filestore now produces more useful error messages when disk corruption is detected (#7305)
  • Removed messages with a per-message TTL are now removed from the TTL state immediately (#7344)
  • Fixed a bug where TTL state was recovered on startup with subject delete markers enabled, that message expiry would not start as expected (#7344)
  • Expiring messages from the filestore no longer leaks timers and expires at the correct time (#7344)
  • Deleting a non-existent sequence on a stream no longer results in a cluster reset and leadership election (#7348)
  • Subject tree intersection now correctly handles overlapping literals and partial wildcards, i.e. stream.A and stream.*.A, fixing some consumer or message get filters (#7349)
  • A data race when checking all JetStream limits has been fixed (#7356)
  • Raft will no longer trigger a reset of the clustered state due to a stream snapshot timeout (#7293)

Complete Changes

v2.11.9...v2.11.10

Loading

Release v2.12.1-RC.1

29 Sep 17:16
@github-actions github-actions
v2.12.1-RC.1
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
4bd6349
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.1-RC.1 Pre-release
Pre-release

Changelog

Refer to the 2.12 Upgrade Guide for backwards compatibility notes with 2.11.x.

Go Version

  • 1.25.1

Improved

JetStream

  • The store lock is no longer held while searching for TTL expiry tasks, improving performance (#7344)
  • Removing a message from the TTL state is now faster (#7344)
  • The filestore no longer performs heap allocations for hash checks (#7345)
  • The filestore now reuses pooled write cache allocations more efficiently (#7346)
  • Meta snapshot performance for a very large number of assets has been improved after a regression in v2.12.0 (#7350)
  • Sequence-from-timestamp lookups, such as those using opt_start_time on consumers or start_time on message get requests, now use a binary search for improved lookup performance (#7357)
  • Scheduled messages are now deactivated properly when followed up with another message on the same subject without a schedule (#7366)

Fixed

General

  • Fixed the exit code when receiving a SIGTERM signal immediately after startup (#7367)

JetStream

  • Batch check now uses the correct subject instead of the last subject that does the commit (#7342)
  • Removed messages with a per-message TTL are now removed from the TTL state immediately (#7344)
  • Fixed a bug where TTL state was recovered on startup with subject delete markers enabled, that message expiry would not start as expected (#7344)
  • Expiring messages from the filestore no longer leaks timers and expires at the correct time (#7344)
  • Fixed a bug where scheduled messages would not trigger correctly after recovery (#7347)
  • Deleting a non-existent sequence on a stream no longer results in a cluster reset and leadership election (#7348)
  • Subject tree intersection now correctly handles overlapping literals and partial wildcards, i.e. stream.A and stream.*.A, fixing some consumer or message get filters (#7349)
  • A data race when checking all JetStream limits has been fixed (#7356)
  • Raft will no longer trigger a reset of the clustered state due to a stream snapshot timeout (#7293)
  • Atomic batches now reject unsupported commits (#7368)

Complete Changes

v2.12.0...v2.12.1-RC.1

Loading

Release v2.11.10-RC.1

29 Sep 14:49
@github-actions github-actions
v2.11.10-RC.1
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
11ddb51
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.11.10-RC.1 Pre-release
Pre-release

Changelog

Refer to the 2.11 Upgrade Guide for backwards compatibility notes with 2.10.x.

Go Version

  • 1.24.7

Dependencies

  • golang.org/x/crypto v0.42.0 (#7320)

Improved

General

  • Statistics for gateways, routes and leaf connections are now correctly omitted from accstatsz responses if empty (#7300)

JetStream

  • Stream assignment check has been simplified (#7290)
  • Additional guards prevent panics when loading corrupted messages from the filestore (#7299)
  • The store lock is no longer held while searching for TTL expiry tasks, improving performance (#7344)
  • Removing a message from the TTL state is now faster (#7344)
  • The filestore no longer performs heap allocations for hash checks (#7345)
  • Meta snapshot performance for a very large number of assets has been improved after a regression in v2.11.9 (#7350)
  • Sequence-from-timestamp lookups, such as those using opt_start_time on consumers or start_time on message get requests, now use a binary search for improved lookup performance (#7357)

Fixed

General

  • Fixed the exit code when receiving a SIGTERM signal immediately after startup (#7367)

JetStream

  • Fixed a use-after-free bug and a buffer reclamation issue in the filestore flusher (#7295)
  • Direct get requests now correctly skip over deleted messages if the starting sequence is itself deleted (#7291)
  • The Raft layer now strictly enforces that non-leaders cannot send append entries (#7297)
  • The filestore now correctly handles recovering filestore blocks with out-of-order sequences from disk corruption (#7303, #7304)
  • The filestore now produces more useful error messages when disk corruption is detected (#7305)
  • Removed messages with a per-message TTL are now removed from the TTL state immediately (#7344)
  • Fixed a bug where TTL state was recovered on startup with subject delete markers enabled, that message expiry would not start as expected (#7344)
  • Expiring messages from the filestore no longer leaks timers and expires at the correct time (#7344)
  • Deleting a non-existent sequence on a stream no longer results in a cluster reset and leadership election (#7348)
  • Subject tree intersection now correctly handles overlapping literals and partial wildcards, i.e. stream.A and stream.*.A, fixing some consumer or message get filters (#7349)
  • A data race when checking all JetStream limits has been fixed (#7356)
  • Raft will no longer trigger a reset of the clustered state due to a stream snapshot timeout (#7293)

Complete Changes

v2.11.9...v2.11.10-RC.1

Loading

Release v2.12.0

22 Sep 12:47
@github-actions github-actions
v2.12.0
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
fc6ec64
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0

Changelog

Refer to the 2.12 Upgrade Guide for backwards compatibility notes with 2.11.x.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

General

  • WebSocket and MQTT clients no longer use TCP keepalives (#7329)

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)
  • Improved recovery of filestore blocks with unexpected sequence ordering (#7303, #7304, #7305)
  • Filestore fixes to improve write correctness, particularly when combined with async mode (#7318, #7331)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.11.0...v2.12.0

Loading

Release v2.12.0-RC.6

18 Sep 14:45
@github-actions github-actions
v2.12.0-RC.6
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
28e9650
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0-RC.6 Pre-release
Pre-release

Changelog

This release also contains all changes up to and including v2.11.9.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

General

  • WebSocket and MQTT clients no longer use TCP keepalives (#7329)

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)
  • Improved recovery of filestore blocks with unexpected sequence ordering (#7303, #7304, #7305)
  • Filestore fixes to improve write correctness, particularly when combined with async mode (#7318, #7331)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.12.0-RC.5...v2.12.0-RC.6

Loading

Release v2.12.0-RC.5

17 Sep 15:05
@github-actions github-actions
v2.12.0-RC.5
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
2959328
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0-RC.5 Pre-release
Pre-release

Changelog

This release also contains all changes up to and including v2.11.9.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)
  • Improved recovery of filestore blocks with unexpected sequence ordering (#7303, #7304, #7305)
  • Filestore fixes to improve write correctness, particularly when combined with async mode (#7318)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.12.0-RC.4...v2.12.0-RC.5

Loading

Release v2.12.0-RC.4

16 Sep 16:24
@github-actions github-actions
v2.12.0-RC.4
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
3bef4ad
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0-RC.4 Pre-release
Pre-release

Changelog

This release also contains all changes up to and including v2.11.9.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)
  • Improved recovery of filestore blocks with unexpected sequence ordering (#7303, #7304, #7305)
  • Filestore fixes to improve write correctness, particularly when combined with async mode (#7318)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.12.0-RC.3...v2.12.0-RC.4

Loading

Release v2.12.0-RC.3

12 Sep 14:10
@github-actions github-actions
v2.12.0-RC.3
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
4a2d68f
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0-RC.3 Pre-release
Pre-release

Changelog

This release also contains all changes up to and including v2.11.9.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)
  • Improved recovery of filestore blocks with unexpected sequence ordering (#7303, #7304, #7305)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.12.0-RC.2...v2.12.0-RC.3

Loading

Release v2.12.0-RC.2

11 Sep 15:42
@github-actions github-actions
v2.12.0-RC.2
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
ab0058e
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.12.0-RC.2 Pre-release
Pre-release

Changelog

This release also contains all changes up to and including v2.11.9-RC.3.

Go Version

Added

General

  • Exponential backoff on route/gateway reconnection attempts (#7042, #7048)
  • Added allow_insecure_cipher_suites configuration option to tls block, as insecure ciphers are now disabled by default (#7144)
  • Added X25519MLKEM768 option to the TLS curve preferences (#7280)
  • No responders errors from the server now include the original subject in the Nats-Subject header (#5250)
  • Added exact_match field to the filtering of various monitoring endpoints for server name, host or cluster matching (#7260)

JetStream

Leafnodes

  • Added the ability to isolate leafnode subject interest propagation with the hub-side isolate_leafnode_interest configuration option, suppressing east-west traffic and reducing subscription overheads when there are many leafnodes (#7238, #7243, #7277)
  • Added disabled option for leafnode remotes, with support for reloading from the config at runtime (#7054)

Changed

JetStream

  • The JetStream API level has been increased to 2 (#6969)
  • The API surface is now in strict mode by default, erroring if unknown fields are provided in the request body (#7049)
  • Replicated streams will now default to async flush as long as sync: always is not configured (#7018, #7163)
  • The default value for max_buffered_msgs has been increased by 10x to 100,000 messages (#6633)

Improved

General

  • When logging closed connections, the remote is now logged if known, making it easier to identify where route/gateway/leafnode connections have dropped (#7077)
  • Client-specific log lines now include the account and user if known (#7079)

JetStream

  • Raft nodes will no longer respond success to catchup messages and will ignore responses if not leader, fixing some potential stream desync scenarios (#6944)
  • Replicated streams can now be created even if some of the replica nodes are offline (#7075)
  • The storage type is now logged when logging resource limits exceeded (#7076)
  • JetStream API requests are always handled from the worker pool, improving the semantics of the API request queue and logging when requests take too long (#7125)
  • Filestore in-memory caches now use weak pointers and can respond to garbage collector (GC) pressure, which should help to avoid a number of possible out-of-memory scenarios (#7180)
  • Filestore buffer reuse has been fixed (#7295)
  • Raft will no longer send any append entries in a known non-leader state (#7297)

Leafnodes

  • Leafnode connections without auth no longer unexpectedly connect to the global account (#7116)

Fixed

JetStream

  • Improved validation for stream/consumer configs (#7134)
  • An error will now be correctly surfaced when the Nats-Expected-Last-Subject-Sequence-Subject header is supplied but the accompanying Nats-Expected-Last-Subject-Sequence header is not (#7196)

OCSP

  • URL encoding of OCSP requests should now be RFC4648-compliant (#7184)

Complete Changes

v2.12.0-preview.2...v2.12.0-RC.1

Loading

Release v2.11.9

09 Sep 15:22
@github-actions github-actions
v2.11.9
This tag was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.
3c10f16
This commit was signed with the committer’s verified signature.
neilalexander Neil
GPG key ID: 8993BAD6C5E51CD8
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v2.11.9

Changelog

Refer to the 2.11 Upgrade Guide for backwards compatibility notes with 2.10.x.

Go Version

Dependencies

  • golang.org/x/time v0.13.0 (#7273)
  • golang.org/x/sys v0.36.0 (#7273)

Improved

JetStream

  • Offline assets support (#7158)
    • Server version 2.12 will introduce new features that would otherwise break a 2.11 server after a downgrade. The server now reports the streams/consumers as offline and unsupported, keeping the data safe, but allowing to either delete the asset or upgrade back to the supported version without changes to the data itself.
  • The raftz endpoint now reports the cluster traffic account (#7186)
  • The stream info and consumer info endpoints now return leader_since (#7189)
  • The stream info and consumer info endpoints now return system_account and traffic_account (#7193)
  • The jsz monitoring endpoint now returns system_account and traffic_account (#7193)

Fixed

General

  • Fix a panic that could happen at startup if building from source using non-Git version control (#7178)
  • Fix an issue where issuing an account JWT update with a connection limit could cause older clients to be disconnected instead of newer ones (#7181, #7185)
  • Route connections with invalid credentials will no longer rapidly reconnect (#7200)
  • Allow a default_sentinel JWT from a scoped signing key instead of requiring it to solely be a bearer token for auth callout (#7217)
  • Subject interest would not always be propagated for leaf nodes when daisy chaining imports/exports (#7255)
  • Subject interest would sometimes be lost if the leaf node is a spoke (#7259)
  • Lowering the max connections limit should no longer result in streams losing interest (#7258)

JetStream

  • The Nats-TTL header will now be correct if the subject delete marker TTL overwrites it (#7177)
  • In operator mode, the cluster_traffic state for an account is now restored correctly when enabling JetStream at startup (#7191)
  • A potential data race during a consumer create or update when reading its paused state has been fixed (#7201)
  • A race condition that could allow creating a consumer with more replicas than the stream has been fixed (#7202)
  • A race condition that could allow creating the same stream with different configurations has been fixed (#7210, #7212)
  • Raft will now correctly reject delayed entries from an old leader when catching up in the meantime (#7209, #7239)
  • Raft will now also limit the amount of cached in-memory entries as the leader, avoiding excessive memory usage (#7233)
  • A potential race condition delaying shutdown if a stream/consumer monitor goroutine was not started (#7211)
  • A benign underflow when using an infinite (-1) MaxDeliver for consumers (#7216)
  • A potential panic to send a leader elected advisory when shutting down before completing startup (#7246)
  • Stopping a stream should no longer wait indefinitely if the consumer monitor goroutine wasn’t stopped (#7249)
  • Speed up stream mirroring and sourcing after a leaf node reconnects in complex topologies (#7265)
  • Updating a stream with an empty placement will no longer incorrectly trigger a stream move (#7222)

Tests

Complete Changes

v2.11.8...v2.11.9

Loading