This release includes 92 updates, covering enhancements, bug fixes, performance optimizations, and more.

• New Features: 48
• Bug Fixes: 20
• Refactoring and Optimization: 3
• Documentation Updates: 20
• Testing Improvements: 1

• Related PR: #3459
  Contributor: @johnlanni
  Change Log: This PR adds the claudeCodeMode configuration option, enabling the system to simulate Claude Code client request formats, supporting specific OAuth token authentication mechanisms and special headers and parameters.
  Feature Value: Adding support for Claude Code mode greatly expands the ability to interact with the Anthropic Claude API, allowing users to use OAuth tokens more flexibly for authentication, thereby enhancing the security and compatibility of API calls.

• Related PR: #3455
  Contributor: @EndlessSeeker
  Change Log: This PR updates the git submodules, including upgrading Envoy and go-control-plane versions, and syncing Istio to the latest go-control-plane version.
  Feature Value: By updating key dependencies to the latest versions, this enhances the system's security and performance stability, providing a more reliable service experience for users.

• Related PR: #3438
  Contributor: @johnlanni
  Change Log: Adjusted the documentation structure and created a dedicated Clawdbot plugin directory to achieve true compatibility with Clawdbot. Includes new configuration files and example code.
  Feature Value: By improving the skill integration process, users can configure plugins more smoothly while ensuring full compatibility with Clawdbot, enhancing user experience and system flexibility.

• Related PR: #3437
  Contributor: @johnlanni
  Change Log: This PR integrates the higress-ai-gateway plugin into the higress-clawdbot-integration skill, including moving and renaming related files and updating documentation to simplify the user installation and configuration process.
  Feature Value: By integrating the Higress AI Gateway plugin into Clawbot/OpenClaw skills, users can more easily manage and use the AI gateway, thereby enhancing development efficiency and user experience.

• Related PR: #3436
  Contributor: @johnlanni
  Change Log: This PR updates the SKILL provider list for Higress-OpenClaw integration and migrates the OpenClaw plugin package from higress-standalone to the main repository, enhancing support for commonly used providers.
  Feature Value: By enhancing the provider list and migrating the plugin package, this improves the availability and flexibility of Higress-OpenClaw integration, making it easier for users to use their preferred AI services.

• Related PR: #3428
  Contributor: @johnlanni
  Change Log: Added two skills, higress-auto-router and higress-clawdbot-integration, to support natural language configuration for automatic model routing and integrated deployment of Higress AI Gateway with Clawdbot.
  Feature Value: These new features allow users to more easily manage and configure the AI gateway, improving operational efficiency and system flexibility, especially suitable for applications requiring frequent route rule adjustments or multi-language support.

• Related PR: #3427
  Contributor: @johnlanni
  Change Log: Added the use_default_attributes configuration option, allowing the ai-statistics plugin to automatically apply a set of default attributes, simplifying the user configuration process.
  Feature Value: By providing default attribute configurations, this reduces the initial setup burden for users, making the plugin more user-friendly while maintaining the possibility for advanced customization, enhancing the user experience.

• Related PR: #3426
  Contributor: @johnlanni
  Change Log: This PR adds an Agent Session Monitor skill for LLM usage in the Higress environment, implementing real-time session monitoring and log analysis.
  Feature Value: This feature enhances the visibility of model usage during multi-turn conversations, helping users better understand and optimize LLM performance in practical scenarios.

• Related PR: #3424
  Contributor: @johnlanni
  Change Log: This PR adds support for recording detailed token usage information in the ai-statistics plugin, including new built-in attribute keys reasoning_tokens and cached_tokens.
  Feature Value: By providing more detailed token usage reports, users can better understand resource consumption during AI processing, helping to optimize costs and performance.

• Related PR: #3420
  Contributor: @johnlanni
  Change Log: Added session ID tracking functionality, supporting the retrieval of session IDs through custom or default headers to track multi-turn conversations.
  Feature Value: This feature allows users to better track and analyze behavior in multi-turn conversations, enhancing the performance and user experience of chatbots.

• Related PR: #3417
  Contributor: @johnlanni
  Change Log: Added prominent warnings for unsupported configuration snippets and provided pre-migration check commands to identify affected Ingress resources, while also updating annotation mappings in the documentation.
  Feature Value: By providing critical warnings and guidance, this helps users avoid potential issues when migrating from Nginx to Higress, ensuring a smoother and safer migration process.

• Related PR: #3411
  Contributor: @johnlanni
  Change Log: Added a set of skills for migrating from ingress-nginx to Higress, including compatibility analysis scripts, migration test script generation, and WASM plugin framework generation tools.
  Feature Value: This provides users with a convenient way to seamlessly migrate existing ingress-nginx configurations to Higress, reducing the difficulty and risk of migration and enhancing the user experience.

• Related PR: #3409
  Contributor: @johnlanni
  Change Log: This PR adds the contextCleanupCommands configuration option to the ai-proxy plugin, allowing users to define commands for cleaning up conversation context. When a user message exactly matches any of the predefined cleanup commands, all non-system messages prior to that command are cleared.
  Feature Value: By introducing customizable context cleanup commands, users can actively manage conversation history, which helps maintain clarity and enhances the user experience. This feature is particularly useful for applications requiring frequent conversation resets, significantly improving flexibility and practicality.

• Related PR: #3404
  Contributor: @johnlanni
  Change Log: Introduced a community governance daily report generation feature using the Claude AI assistant to automatically track and summarize project activities, including new issues/PRs and comment dynamics.
  Feature Value: This feature enhances the transparency and efficiency of community governance, helping members stay informed about project progress through daily reports, promoting issue resolution and experience sharing.

• Related PR: #3403
  Contributor: @johnlanni
  Change Log: Added an automatic model routing feature based on user message content, using regex rules to analyze content and decide which model to use.
  Feature Value: This feature enables the gateway to intelligently select the most appropriate processing model based on user input, significantly enhancing the user experience and system flexibility.

• Related PR: #3402
  Contributor: @johnlanni
  Change Log: Added a Claude skill for developing Higress WASM plugins using Go 1.24+, with detailed documentation and examples provided.
  Feature Value: This provides developers with a new way to create, modify, or debug Higress gateway plugins, particularly useful for HTTP request-response handling, enhancing development efficiency.

• Related PR: #3394
  Contributor: @changsci
  Change Log: This PR implements the functionality to retrieve API keys from request headers when provider.apiTokens is not configured. It modifies the relevant code in the wasm-go plugin to add support for OpenAI services.
  Feature Value: This enhances the flexibility and usability of the system, allowing users to use the service even without explicitly configuring API tokens, simplifying the setup process and enhancing the user experience.

• Related PR: #3384
  Contributor: @ThxCode-Chen
  Change Log: This PR adds support for upstream IPv6 static addresses in the watcher.go file, modifying the service entry generation logic to accommodate the new network configuration.
  Feature Value: By supporting upstream IPv6 static addresses, users can more flexibly configure network environments, especially in scenarios requiring IPv6 communication, improving system compatibility and availability.

• Related PR: #3375
  Contributor: @wydream
  Change Log: This PR adds support for Vertex Raw mode in the Vertex AI Provider of the ai-proxy plugin, enabling the getAccessToken mechanism when accessing native Vertex REST APIs via Vertex.
  Feature Value: The newly added Vertex Raw mode support allows users to directly call third-party models or other non-standard API paths on Vertex AI while enjoying automatic OAuth authentication, enhancing the user experience and flexibility.

• Related PR: #3367
  Contributor: @rinfx
  Change Log: This PR updates the wasm-go dependency and introduces Foreign Function, allowing Wasm plugins to perceive the Envoy host's log level in real-time, optimizing the logging process.
  Feature Value: By performing log level checks in advance, this avoids unnecessary memory operations, enhancing performance and resource utilization, especially important for applications that prioritize efficiency and performance.

• Related PR: #3342
  Contributor: @Aias00
  Change Log: This PR implements the mapping of Nacos instance weights to Istio WorkloadEntry weights, using the math library for conversion and adding extensive test cases to ensure correctness.
  Feature Value: This enhancement allows users to more flexibly control traffic distribution strategies between services, especially when using Istio as a service mesh, enabling better weight-based service discovery and routing.

• Related PR: #3335
  Contributor: @wydream
  Change Log: This PR adds image generation support in the Vertex AI Provider of the ai-proxy plugin, implementing the text-to-image feature by converting the OpenAI protocol to Vertex AI.
  Feature Value: This allows users to call Vertex AI's image generation capabilities using the standard OpenAI SDK, simplifying the process of integrating different AI services and enhancing the plugin's functional diversity.

• Related PR: #3324
  Contributor: @wydream
  Change Log: This PR adds OpenAI-compatible endpoint support in the Vertex AI Provider of the ai-proxy plugin, enabling direct invocation of Vertex AI models using the OpenAI SDK and API format.
  Feature Value: This feature allows users to seamlessly migrate existing OpenAI-based applications to Vertex AI without changing the original code logic, greatly simplifying the migration work for developers.

• Related PR: #3318
  Contributor: @hanxiantao
  Change Log: This PR adds an authentication wrapper for debug endpoints using the withConditionalAuth middleware, maintaining existing behavior based on the DebugAuth feature flag.
  Feature Value: This enhances the security of debug endpoints, ensuring that only requests verified by Istio's local authentication logic can access these endpoints, thus improving system security and controllability.

• Related PR: #3317
  Contributor: @rinfx
  Change Log: Added two WASM-Go plugins, model-mapper and model-router, to implement mapping and routing functions based on the model parameter in the LLM protocol.
  Feature Value: This enhances the governance capabilities of Higress in large language model scenarios, supporting model name mapping, seamless degradation, unified client model names, and route distribution based on provider/model parameters.

• Related PR: #3305
  Contributor: @CZJCC
  Change Log: Added Bearer Token authentication support for AWS Bedrock services, while retaining the existing AWS Signature V4 authentication method and cleaning up some unused code.
  Feature Value: By introducing Bearer Token authentication options, users can now more flexibly choose the authentication mechanism that suits their security needs, enhancing system security and usability.

• Related PR: #3301
  Contributor: @wydream
  Change Log: This PR adds Express Mode support to the Vertex AI Provider of the ai-proxy plugin, simplifying the configuration process and allowing users to access Vertex AI using only an API Key.
  Feature Value: By introducing Express Mode, users can start using Vertex AI services more quickly and conveniently, without the need for complex Service Account authentication setup, significantly enhancing the user experience and development efficiency.

• Related PR: #3295
  Contributor: @rinfx
  Change Log: This PR adds support for MCP (Model Context Protocol) in the ai-security-guard plugin, implementing the HandleMcpResponseBody and HandleMcpStreamingResponseBody methods to check and possibly intercept standard and streaming responses.
  Feature Value: The new MCP support feature enhances the plugin's ability to handle different API types, allowing users to use MCP APIs more securely by preventing the transmission of potentially unsafe information through content security checks.

• Related PR: #3267
  Contributor: @erasernoob
  Change Log: Added the hgctl agent module, involving modifications and additions to multiple files, including go.mod dependency updates, adding README documentation, and core functionality code implementation in agent.go and base.go.
  Feature Value: By introducing the hgctl agent module, this provides users with a new management and operation method, enhancing system flexibility and scalability, making it easier for users to manage and configure clusters.

• Related PR: #3261
  Contributor: @rinfx
  Change Log: This PR adds support for disabling thinking in gemini-2.5-flash and gemini-2.5-flash-lite, and adds reasoning token information in the response.
  Feature Value: By adding the feature to disable thinking and displaying reasoning token usage, users can more flexibly control AI agent behavior and obtain more detailed execution information.

• Related PR: #3255
  Contributor: @nixidexiangjiao
  Change Log: Optimized the Lua-based minimum in-flight requests load balancing strategy, addressing issues such as preference for abnormal nodes, inconsistent handling of new nodes, and uneven sampling distribution.
  Feature Value: This improves system stability and service availability, reducing service failures due to uneven load and enhancing the adaptive circuit-breaking capability for abnormal nodes.

• Related PR: #3236
  Contributor: @rinfx
  Change Log: This PR adds support for the claude model in vertex and handles the case where delta might be empty, implementing the new feature by modifying the relevant Go files.
  Feature Value: The addition of claude model support expands the range of available AI capabilities, enhancing system flexibility and practicality. Handling edge cases also improves system stability and robustness.

• Related PR: #3218
  Contributor: @johnlanni
  Change Log: This PR enhances the model mapper and router, adding an automatic rebuild trigger mechanism based on request count and memory usage, and extending the supported path suffixes.
  Feature Value: By monitoring key metrics and triggering rebuilds at the right time, this improves system stability and response speed; extending path support also enhances API functionality.

• Related PR: #3213
  Contributor: @rinfx
  Change Log: This PR removes region specification, allowing the ai-proxy to support global (global) access mode to be compatible with the latest gemini-3 series model requirements.
  Feature Value: This enhances the system's adaptability to different deployment environments, especially providing a consistent and seamless support experience for users with global region configurations.

• Related PR: #3206
  Contributor: @rinfx
  Change Log: This PR implements the functionality to check prompts and images within the request body in the content security detection plugin, involving parsing image and text data generated by OpenAI and Qwen.
  Feature Value: This enhances content security protection, ensuring that AI-generated content meets security standards, improving the safety and reliability of the user experience.

• Related PR: #3200
  Contributor: @YTGhost
  Change Log: This PR adds support for array content in the chatToolMessage2BedrockMessage function, enhancing the ai-proxy plugin's ability to handle different types of messages.
  Feature Value: Supporting array-form content expands the flexibility of message passing between chat tools and Bedrock, making it easier for developers to integrate diverse application requirements.

• Related PR: #3185
  Contributor: @rinfx
  Change Log: This PR adds a rebuild logic to ai-cache, optimizing cache management by triggering a rebuild when memory usage is too high.
  Feature Value: The new rebuild mechanism helps prevent memory overflow issues caused by caching, improving system stability and the user experience.

• Related PR: #3184
  Contributor: @rinfx
  Change Log: This PR adds support for user-defined domain configuration for the DouBao service, involving modifications to the Makefile and ai-proxy related files to achieve more flexible service deployment.
  Feature Value: Allowing users to configure custom domains for the DouBao service enhances service deployment flexibility and the user experience, meeting the need for personalized domain configuration.

• Related PR: #3175
  Contributor: @wydream
  Change Log: This PR implements a new generic provider for handling requests that do not require path remapping, updates the README file to include configuration details, and adds tests for the new feature.
  Feature Value: The new generic provider allows users to more flexibly handle service requests from different vendors, simplifying cross-platform application development and enhancing the system's maintainability and extensibility.

• Related PR: #3173
  Contributor: @EndlessSeeker
  Change Log: Added a global parameter to support inference scaling, introducing a new environment variable in the controller deployment configuration and updating the relevant configuration files.
  Feature Value: This feature allows users to more flexibly configure and use inference scaling, enhancing the system's customizability and adaptability, providing more control options for users.

• Related PR: #3171
  Contributor: @wilsonwu
  Change Log: This PR adds support for topology spread constraints for the gateway and controller, introducing new configuration options in the Helm templates to allow users to customize the deployment strategy of these components.
  Feature Value: The new topology spread constraint feature allows users to better control the distribution of service instances in the cluster, improving system availability and stability.

• Related PR: #3160
  Contributor: @EndlessSeeker
  Change Log: This PR upgrades the gateway API to the latest version, involving updates to Makefile, go.mod, and other files, and adding new rules in the Helm configuration.
  Feature Value: By upgrading the gateway API to the latest version, this enhances system compatibility and performance, allowing users to leverage the latest API features, enhancing the flexibility and scalability of applications.

• Related PR: #3136
  Contributor: @Wangzy455
  Change Log: Implemented a tool semantic search feature based on the Milvus vector database, converting tool descriptions into vector representations and using vector similarity search to achieve semantic matching.
  Feature Value: This feature allows users to find the most relevant tools through natural language queries, significantly improving the accuracy and user experience of tool searches.

• Related PR: #3075
  Contributor: @rinfx
  Change Log: Refactored the ai-security-guard plugin to support multi-modal input processing, including text and image generation scenarios, and modularized the code.
  Feature Value: This enhances AI security protection, allowing the system to more comprehensively check multi-modal content, improving the user experience and system security.

• Related PR: #3066
  Contributor: @EndlessSeeker
  Change Log: Upgraded Istio to version 1.27.1 and adjusted higress-core to adapt to the new version, fixing submodule branch pulling and integration testing issues.
  Feature Value: By upgrading the Istio version and related dependencies, this improves system stability and performance, ensuring users can use the latest features and reduce potential compatibility issues.

• Related PR: #3063
  Contributor: @rinfx
  Change Log: This PR introduces load balancing based on specific metrics (such as concurrency, TTFT, RT, etc.), allowing users to customize the metrics used for load balancing.
  Feature Value: This new feature enables the system to intelligently distribute requests based on finer-grained performance metrics, improving cluster resource utilization and response speed, enhancing the user experience.

• Related PR: #3061
  Contributor: @Jing-ze
  Change Log: This PR implements fixes and enhancements for the response cache plugin, including improving cache key extraction logic, removing redundant parameters, correcting configuration validation issues, and adding comprehensive unit tests.
  Feature Value: The enhanced response cache plugin significantly improves application performance by extracting cache keys from request headers or bodies and storing response values, reducing the pressure on backend services from repeated requests.

• Related PR: #2825
  Contributor: @CH3CHO
  Change Log: This PR adds a traffic-editor plugin, supporting various modification operations on request/response headers, and uses a more extensible code structure.
  Feature Value: The new plugin allows users to flexibly edit request and response header information, enhancing the functionality and user experience of the Higress gateway, improving system flexibility and maintainability.

• Related PR: #3448
  Contributor: @lexburner
  Change Log: Fixed an out-of-bounds error in the Choices array when processing Qwen API responses. The fix includes adding a check for an empty array to prevent program crashes.
  Feature Value: This resolved a potential program crash in high-concurrency scenarios, enhancing system stability and robustness, ensuring that user requests are handled correctly.

• Related PR: #3434
  Contributor: @johnlanni
  Change Log: Corrected an issue where the description value in the skill file preamble was not properly quoted, causing YAML parsing errors. The fix involves wrapping the description value in double quotes.
  Feature Value: This resolved a YAML parsing failure caused by specific characters, ensuring that the skill documentation is correctly displayed and parsed, enhancing the user experience and document accuracy.

• Related PR: #3422
  Contributor: @johnlanni
  Change Log: Fixed an issue where the model field in the request body was not updated in sync in the automatic routing mode of the model-router plugin. The fix ensures that the model field in the request body correctly reflects the actual model used after the routing decision.
  Feature Value: This fix resolved issues downstream services faced due to receiving incorrect model names in the request body, enhancing system accuracy and reliability, ensuring users receive the correct processing results in automatic routing mode.

• Related PR: #3400
  Contributor: @johnlanni
  Change Log: Removed the duplicate loadBalancerClass definition in the service.yaml file, resolving the YAML parsing error caused by the duplicate definition.
  Feature Value: This fixed the YAML parsing error when configuring loadBalancerClass, enhancing the user experience and system stability.

• Related PR: #3380
  Contributor: @Thomas-Eliot
  Change Log: Added a context setting operation in the request body handling function, storing the request model in the context to ensure the request model data can be correctly obtained in the call chain.
  Feature Value: This fixed the issue of the request model context not being set, improving system stability and data consistency, preventing users from encountering errors due to missing context during use.

• Related PR: #3370
  Contributor: @rinfx
  Change Log: Fixed an issue in the model-mapper where the request body was still processed even if the suffix did not match. The fix also adds JSON validation for the request body to ensure the incoming data is valid JSON.
  Feature Value: This fix enhances system robustness and user data accuracy. By filtering out invalid inputs and ensuring data integrity, it improves the user experience and system stability.

• Related PR: #3341
  Contributor: @zth9
  Change Log: Fixed an issue with concurrent SSE connections returning the wrong endpoint, ensuring correct handling of SSE requests in multi-connection scenarios, involving configuration and filter logic adjustments.
  Feature Value: This improved system stability and reliability, avoiding incorrect responses due to concurrent access, enhancing the user experience and data transmission accuracy.

• Related PR: #3258
  Contributor: @johnlanni
  Change Log: Fixed the MCP server version negotiation issue to comply with the specification and adjusted the dependency library version.
  Feature Value: This ensured the MCP server operates as expected and is compliant with the specification, improving system stability and reliability, reducing potential communication errors.

• Related PR: #3257
  Contributor: @sjtuzbk
  Change Log: This PR fixed an issue where the ai-proxy plugin directly rewrote the host to difyApiUrl, using the net/url package to correctly parse and extract the hostname.
  Feature Value: This fix ensures that when difyApiUrl is configured, only the target hostname is replaced, not the entire URL, enhancing system stability and the user experience.

• Related PR: #3252
  Contributor: @rinfx
  Change Log: This PR adjusted the debug log information and introduced a penalty mechanism for error responses, ensuring that the system does not attempt to reselect services too quickly when encountering error responses.
  Feature Value: By adding a mechanism to handle error responses, this effectively avoids service selection interference caused by rapid retries, enhancing system stability and the user experience.

• Related PR: #3251
  Contributor: @rinfx
  Change Log: This PR added special handling for cases where the content extracted from the configuration via jsonpath is empty, using a predefined string [empty content] to replace the originally empty content.
  Feature Value: This change ensures the system can still operate normally when the content to be inspected is empty, avoiding potential issues or errors caused by empty content, enhancing system stability and the user experience.

• Related PR: #3237
  Contributor: @CH3CHO
  Change Log: This PR increased the request body buffer size for multipart data in the model-router, resolving the issue of a too-small buffer when handling large file uploads or other large-volume multipart data.
  Feature Value: This improved the system's ability to handle large multipart data, reducing data loss or processing failures due to insufficient buffer, enhancing the user experience and system robustness.

• Related PR: #3225
  Contributor: @wydream
  Change Log: Fixed an issue where the basePathHandling: removePrefix configuration did not work correctly when set to protocol: original. The fix involves modifying the TransformRequestHeaders implementation of multiple providers to avoid overwriting basePath handling.
  Feature Value: This ensures that the basePathHandling function works correctly when using protocol: original, improving the consistency and reliability of 27+ providers, including Azure and OpenAI.

• Related PR: #3220
  Contributor: @Aias00
  Change Log: This PR fixed two issues: skipping unhealthy or disabled service instances in Nacos, and ensuring the AllowTools field is always included during serialization.
  Feature Value: By filtering out unhealthy or disabled service instances, this improves system stability and reliability; additionally, it ensures configuration consistency, avoiding potential issues due to missing fields.

• Related PR: #3211
  Contributor: @CH3CHO
  Change Log: This PR fixed an issue with the old HasRequestBody logic in the ai-proxy plugin, ensuring that the presence of a valid request body is correctly determined under specific conditions.
  Feature Value: By updating the logic, this improves the accuracy and stability of request processing, avoiding functional anomalies due to incorrect judgments, enhancing the user experience.

• Related PR: #3187
  Contributor: @CH3CHO
  Change Log: This PR bypassed the handling of streamable response bodies in MCP to allow progress notifications, addressing issues that may arise when processing specific types of data.
  Feature Value: By bypassing unnecessary response body processing steps, this fix enhances system flexibility and the user experience, especially in applications that require real-time status updates.

• Related PR: #3168
  Contributor: @wydream
  Change Log: Fixed an issue where query strings were discarded during the OpenAI capability rewrite process. The fix involves stripping and saving query parameters before executing regex matching and reattaching them afterward.
  Feature Value: This ensures that API requests with query strings are correctly parsed and processed, enhancing the system's support for complex paths and improving the user experience.

• Related PR: #3167
  Contributor: @EndlessSeeker
  Change Log: This PR updated the versions of multiple submodules and simplified the commands in the Makefile for initializing and updating submodules, ensuring they are correctly pulled.
  Feature Value: By updating submodules and optimizing related scripts, this improves the build process efficiency, reducing potential build errors and enhancing the developer experience.

• Related PR: #3148
  Contributor: @rinfx
  Change Log: Removed the omitempty tag from the index field in the toolcall struct, ensuring the default value is 0 when the response does not provide an index.
  Feature Value: This fixed the issue of missing toolcall indices in responses, ensuring data consistency and integrity, enhancing system stability and the user experience.

• Related PR: #3022
  Contributor: @lwpk110
  Change Log: This PR fixed issues in the helm and podmonitor configurations by adding the podMonitorSelector option to support gateway.metrics.labels, ensuring compatibility with kube-prometheus-stack.
  Feature Value: This enhances the auto-discovery capability of the monitoring system, allowing users to more flexibly configure and monitor gateway metrics, improving system maintainability and the user experience.

• Related PR: #3462
  Contributor: @johnlanni
  Change Log: Removed the automatic Bash tool injection feature in Claude Code mode, including related constants, logic code, and test cases, and updated the English and Chinese documentation.
  Feature Value: By removing unnecessary automatic Bash tool injection, this simplifies the codebase and improves system performance while maintaining the completeness and availability of core functionalities.

• Related PR: #3457
  Contributor: @johnlanni
  Change Log: This PR mainly updated the version number to 2.2.0, adjusted the branch pointers of some submodules, and modified the ENVOY_PACKAGE_URL_PATTERN variable value in the Makefile.
  Feature Value: By updating the version number and related configurations, this ensures the project remains consistent with the latest dependency libraries, avoiding potential build errors due to version mismatches.

• Related PR: #3155
  Contributor: @github-actions[bot]

This release includes 18 updates, covering feature enhancements, bug fixes, and performance optimizations.

• New Features: 7 items
• Bug Fixes: 10 items
• Documentation Updates: 1 item

• Related PR: #621
  Contributor: @Thomas-Eliot
  Change Log: This PR optimizes the interaction capabilities of the mcp server, including rewriting the header host, supporting the selection of transport methods, replacing paths with complete paths, and updating the DSN character handling logic to support special characters like @.
  Feature Value: These improvements enhance the user experience in configuration and service usage, especially for scenarios where direct routing to the mcp server or connecting from a DB to the mcp service is required, simplifying the setup process and reducing issues caused by misconfiguration.

• Related PR: #612
  Contributor: @zhwaaaaaa
  Change Log: This PR adds support for hop-to-hop headers, specifically ignoring the transfer-encoding: chunked header, to resolve the issue of Grafana pages not working properly.
  Feature Value: By ignoring specific hop-to-hop headers, it ensures that Grafana pages work correctly behind a reverse proxy server, enhancing user experience and system compatibility.

• Related PR: #608
  Contributor: @Libres-coder
  Change Log: This PR adds the functionality to display enabled plugins on the AI route management page, allowing users to view and manage plugins in AI routes.
  Feature Value: This feature aligns AI route management with regular route management, improving the user experience and making it easier for users to see which plugins are active in AI route configurations.

• Related PR: #604
  Contributor: @CH3CHO
  Change Log: This PR enhances path handling flexibility by adding support for path rewriting using regular expressions via the higress.io/rewrite-target annotation.
  Feature Value: The introduction of regex-based path rewriting allows users to configure more flexible request path transformation rules, meeting the needs of more complex application scenarios.

• Related PR: #603
  Contributor: @CH3CHO
  Change Log: This PR adds a display logic for a static service port 80 in the frontend components, implemented by defining the constant STATIC_SERVICE_PORT and referencing it appropriately.
  Feature Value: This feature allows users to clearly see that the static service source uses port 80, enhancing interface transparency and user experience.

• Related PR: #602
  Contributor: @CH3CHO
  Change Log: This PR adds search support when selecting upstream services for AI routes in the frontend, improving user efficiency by introducing a search bar in the service list.
  Feature Value: It provides a more convenient service configuration experience, especially when dealing with a large number of available services, allowing users to quickly locate the desired service, significantly improving work efficiency and user experience.

• Related PR: #566
  Contributor: @OuterCyrex
  Change Log: This PR extends the system's functionality by adding support for custom Qwen services through the QwenLlmProviderHandler class and related configurations, including enabling internet search and file ID upload features.
  Feature Value: The added support for custom Qwen services provides users with more flexible configuration options, particularly useful for those requiring custom settings or specific features, enhancing user experience and system flexibility.

• Related PR: #620
  Contributor: @CH3CHO
  Change Log: This PR corrects a spelling error in the sortWasmPluginMatchRules logic, ensuring the accuracy of the rule sorting function.
  Feature Value: Fixing the spelling error improves system stability and user experience, preventing potential issues caused by simple typographical errors.

• Related PR: #619
  Contributor: @CH3CHO
  Change Log: This PR removes version information from the data JSON when converting an AiRoute to a ConfigMap, as this information is already stored in the ConfigMap metadata.
  Feature Value: By removing redundant version information, it simplifies the ConfigMap data structure, avoids redundancy, and ensures data consistency and accuracy.

• Related PR: #618
  Contributor: @CH3CHO
  Change Log: This PR refactors the API authentication logic in the SystemController, enhancing system security by removing a security vulnerability. The changes focus on several controller files, including the addition of the AllowAnonymous annotation.
  Feature Value: It addresses a potential security issue, enhancing system security and preventing unauthorized access, thus protecting user data and applications from attacks.

• Related PR: #617
  Contributor: @CH3CHO
  Change Log: This PR fixes several issues in the frontend console, including missing unique key attributes for list elements, image loading issues violating the Content Security Policy (CSP), and incorrect type for the Consumer.name field.
  Feature Value: Addressing these issues improves application stability and security, enhances user experience, and ensures the correctness of data types.

• Related PR: #614
  Contributor: @lc0138
  Change Log: This PR fixes an error in the ServiceSource type field by adding dictionary value validation to ensure the correctness of the type field.
  Feature Value: This fix improves system stability and data accuracy, preventing issues caused by incorrect service source types, enhancing user experience.

• Related PR: #613
  Contributor: @lc0138
  Change Log: This PR resolves a security vulnerability (issue #594) by modifying the frontend document.tsx file, specifically adjusting the CSP (Content Security Policy) configuration to enhance application security.
  Feature Value: It addresses front-end CSP and other security risks, enhancing overall system security and protecting users from potential threats such as XSS attacks, thereby improving user experience and data protection.

• Related PR: #611
  Contributor: @qshuai
  Change Log: This PR corrects a spelling error in LlmProvidersController.java, changing the API description from 'Add a new route' to 'Add a new LlmProvider'.
  Feature Value: Correcting the documentation spelling error enhances code readability and accuracy, ensuring developers are not confused by misleading information when using the API.

• Related PR: #609
  Contributor: @CH3CHO
  Change Log: This PR fixes an issue with the incorrect data type for the name field in the Consumer interface, changing it from boolean to string.
  Feature Value: It ensures the correct data type for the Consumer.name field, avoiding potential errors due to type mismatches, enhancing system stability and data accuracy.

• Related PR: #605
  Contributor: @SaladDay
  Change Log: This PR corrects the AI route name validation rules to support dots and only allow lowercase letters. It also updates the Chinese and English error messages to accurately describe the new validation rules.
  Feature Value: It resolves the inconsistency between the UI prompt and the actual validation logic, improving the user experience and accuracy when configuring AI routes, reducing confusion caused by inconsistent validation rules.

• Related PR: #552
  Contributor: @lcfang
  Change Log: To address compatibility issues caused by inconsistent backend service ports, this PR introduces the vport attribute. By selectively configuring vport during registration center configuration, either the default port or a specified virtual port for the service, it ensures the validity of route configurations.
  Feature Value: This fix enhances the system's adaptability to different service instance port changes, improving system stability and user experience. For users of eureka, nacos, and other registration centers, it prevents service interruptions due to port changes, enhancing service availability and consistency.

• Related PR: #610
  Contributor: @heimanba
  Change Log: This PR mainly adjusts the frontend canary plugin documentation, including making fields like rewrite optional and updating the association rules for the name field in rules. It also corrects some terminology and descriptions for consistency.
  Feature Value: These documentation updates improve the flexibility and compatibility of the frontend canary plugin, allowing developers to configure services more accurately based on their needs, reducing errors due to unclear configurations.

• 🚀 New Features: 7 items
• 🐛 Bug Fixes: 10 items
• 📚 Documentation Updates: 1 item

Total: 18 changes

Thanks to all contributors for their hard work! 🎉

• @EndlessSeeker made their first contribution in https://github.com/alibaba/higress/pull/3066
• @YTGhost made their first contribution in https://github.com/alibaba/higress/pull/3200
• @Wangzy455 made their first contribution in https://github.com/alibaba/higress/pull/3136
• @maplecap made their first contribution in https://github.com/alibaba/higress/pull/3244
• @lwpk110 made their first contribution in https://github.com/alibaba/higress/pull/3022
• @wilsonwu made their first contribution in https://github.com/alibaba/higress/pull/3171
• @nixidexiangjiao made their first contribution in https://github.com/alibaba/higress/pull/3255
• @CZJCC made their first contribution in https://github.com/alibaba/higress/pull/3305
• @qshuai made their first contribution in https://github.com/alibaba/higress/pull/3241
• @zth9 made their first contribution in https://github.com/alibaba/higress/pull/3341
• @ThxCode-Chen made their first contribution in https://github.com/alibaba/higress/pull/3384
• @changsci made their first contribution in https://github.com/alibaba/higress/pull/3394

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.9...v2.2.0

This release includes 84 updates, covering various aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 46
• Bug Fixes: 18
• Refactoring and Optimization: 1
• Documentation Updates: 18
• Testing Improvements: 1

• Related PR: #3438
  Contributor: @johnlanni
  Change Log: This PR significantly improves the higress-clawdbot-integration skill by adjusting the documentation structure, streamlining content, and adding support for the Clawdbot plugin.
  Feature Value: This update allows users to configure plugins more smoothly and ensures true compatibility with Clawdbot, enhancing user experience and system flexibility.

• Related PR: #3437
  Contributor: @johnlanni
  Change Log: This PR integrates the higress-ai-gateway plugin into the higress-clawdbot-integration skill, including moving and packaging plugin files and updating the documentation.
  Feature Value: This integration makes it easier for users to install and configure the connection between Higress AI Gateway and Clawbot/OpenClaw, simplifying the deployment process and enhancing user experience.

• Related PR: #3436
  Contributor: @johnlanni
  Change Log: This PR updates the SKILL provider list for Higress-OpenClaw integration and migrates the OpenClaw plugin package from higress-standalone to the main higress repository.
  Feature Value: By enhancing the provider list and migrating the plugin package, users can more easily access commonly used providers, improving integration efficiency and user experience.

• Related PR: #3428
  Contributor: @johnlanni
  Change Log: This PR adds two new skills to the Higress AI Gateway and Clawdbot integration: automatic model routing configuration and gateway deployment via CLI parameters. It supports multilingual trigger words and hot reloading of configurations.
  Feature Value: The new features enable users to manage AI model traffic distribution more flexibly and simplify the integration process with Clawdbot, enhancing system availability and usability.

• Related PR: #3427
  Contributor: @johnlanni
  Change Log: Added the use_default_attributes configuration option, which, when set to true, automatically applies a set of default attributes, simplifying the user configuration process.
  Feature Value: This feature makes the ai-statistics plugin easier to use, especially for common use cases, reducing manual configuration work while maintaining full configurability.

• Related PR: #3426
  Contributor: @johnlanni
  Change Log: Added the Agent Session Monitor skill, supporting real-time monitoring of Higress access logs and tracking multi-turn conversation session IDs and token usage.
  Feature Value: By providing real-time visibility into LLMs in the Higress environment, this helps users better understand and optimize the performance and cost of their AI assistants.

• Related PR: #3424
  Contributor: @johnlanni
  Change Log: This PR adds support for token usage details to the ai-statistics plugin, including the built-in attribute keys reasoning_tokens and cached_tokens, to better track resource consumption during inference.
  Feature Value: By introducing more detailed token usage logging, users can more clearly understand resource usage during AI inference, aiding in model efficiency and cost control.

• Related PR: #3420
  Contributor: @johnlanni
  Change Log: This PR adds session ID tracking to the ai-statistics plugin, allowing users to track multi-turn conversations through custom or default headers.
  Feature Value: The added session ID tracking capability helps better analyze and understand multi-turn conversation flows, enhancing user experience and system traceability.

• Related PR: #3417
  Contributor: @johnlanni
  Change Log: This PR adds key warnings and guidelines to the Nginx to Higress migration tool, including explicit warnings for unsupported fragment annotations and pre-migration check commands.
  Feature Value: By providing clear warnings about unsupported configurations and pre-migration check methods, this helps users identify potential issues and complete the migration from Nginx to Higress more smoothly.

• Related PR: #3411
  Contributor: @johnlanni
  Change Log: Added a comprehensive skill for migrating from ingress-nginx to Higress in a Kubernetes environment. Includes analysis scripts, migration test generators, and plugin skeleton generation tools.
  Feature Value: This feature greatly simplifies the migration process from ingress-nginx to Higress by providing detailed compatibility analysis and automation tools, reducing migration difficulty and enhancing user experience.

• Related PR: #3409
  Contributor: @johnlanni
  Change Log: This PR adds the contextCleanupCommands configuration option to the ai-proxy plugin, allowing users to define commands to clear conversation context. When a user message exactly matches a cleanup command, all non-system messages before that command will be removed.
  Feature Value: This new feature allows users to proactively clear previous conversation records by sending specific commands, thereby better controlling conversation history and enhancing user experience and privacy.

• Related PR: #3404
  Contributor: @johnlanni
  Change Log: Added the ability for the Claude AI assistant to automatically generate Higress community governance daily reports, including auto-tracking GitHub activities, progress tracking, and knowledge consolidation.
  Feature Value: This feature helps community managers better understand project dynamics and issue progress, promoting efficient problem resolution and enhancing overall community governance.

• Related PR: #3403
  Contributor: @johnlanni
  Change Log: Implemented a new automatic routing feature that dynamically selects the appropriate model to handle requests based on user message content and predefined regular expression rules.
  Feature Value: This feature allows users to more flexibly configure services to automatically recognize and respond to different types of messages, reducing the need for manual model specification and enhancing system intelligence.

• Related PR: #3402
  Contributor: @johnlanni
  Change Log: Added the Claude skill for developing Higress WASM plugins using Go 1.24+. Includes reference documentation and local testing guidelines for HTTP clients, Redis clients, etc.
  Feature Value: Provides developers with detailed guidance and example code, making it easier for them to create, modify, or debug WASM plugins based on the Higress gateway, enhancing development efficiency and experience.

• Related PR: #3394
  Contributor: @changsci
  Change Log: This PR extends the existing authentication mechanism by fetching API keys from request headers, particularly when provider.apiTokens is not configured, thus enhancing system flexibility.
  Feature Value: This new feature allows users to more flexibly manage and pass API keys, ensuring normal service access even when direct configuration is missing, enhancing user experience and security.

• Related PR: #3384
  Contributor: @ThxCode-Chen
  Change Log: Added support for upstream IPv6 static addresses in the watcher.go file, involving 31 lines of new code and 9 lines of deletions, mainly focusing on handling service entry generation logic.
  Feature Value: Adding support for IPv6 static addresses enhances system network flexibility and compatibility, allowing users to configure more types of network addresses, thereby enhancing user experience and service diversity.

• Related PR: #3375
  Contributor: @wydream
  Change Log: This PR adds Vertex Raw mode support to the Vertex AI Provider in the ai-proxy plugin, enabling the getAccessToken mechanism when accessing native REST APIs via Vertex.
  Feature Value: Enhances support for native Vertex AI APIs, allowing direct calls to third-party hosted model APIs and enjoying automatic OAuth authentication, enhancing development flexibility and security.

• Related PR: #3367
  Contributor: @rinfx
  Change Log: Updated the wasm-go dependency version and introduced Foreign Function, enabling Wasm plugins to perceive the Envoy host's log level in real time. By checking the log level upfront, unnecessary memory operations are avoided when there is a mismatch.
  Feature Value: Enhances system performance, especially when handling large amounts of log data, reducing memory consumption and CPU usage, and improving response speed and resource utilization.

• Related PR: #3342
  Contributor: @Aias00
  Change Log: This PR implements the functionality of mapping Nacos instance weights to Istio WorkloadEntry weights in the watcher, using the math library for weight conversion.
  Feature Value: This feature allows users to more flexibly control traffic distribution between services, enhancing system configurability and flexibility and improving integration with Istio.

• Related PR: #3335
  Contributor: @wydream
  Change Log: This PR adds image generation support to the Vertex AI Provider in the ai-proxy plugin, achieving compatibility with OpenAI SDK and Vertex AI image generation.
  Feature Value: The new image generation feature allows users to call Vertex AI services through standard OpenAI interfaces, simplifying cross-platform development and enhancing user experience.

• Related PR: #3324
  Contributor: @wydream
  Change Log: This PR adds OpenAI-compatible endpoint support to the Vertex AI Provider in the ai-proxy plugin, enabling direct invocation of Vertex AI models.
  Feature Value: By introducing OpenAI-compatible mode, developers can interact with Vertex AI using familiar OpenAI SDK and API formats, simplifying the integration process and enhancing development efficiency.

• Related PR: #3318
  Contributor: @hanxiantao
  Change Log: This PR applies the native Istio authentication logic to the debugging endpoint using the withConditionalAuth middleware, while retaining the existing behavior based on the DebugAuth feature flag.
  Feature Value: Adds authentication support for debugging endpoints, enhancing system security and ensuring that only authorized users can access these critical debugging interfaces, protecting the system from unauthorized access.

• Related PR: #3317
  Contributor: @rinfx
  Change Log: Added two Wasm-Go plugins: model-mapper and model-router, implementing mapping and routing functions based on the model parameter in the LLM protocol.
  Feature Value: Enhances Higress's capabilities in handling large language models, allowing flexible configuration to optimize request paths and model usage, enhancing system flexibility and performance.

• Related PR: #3305
  Contributor: @CZJCC
  Change Log: Added Bearer Token authentication support for the AWS Bedrock provider, while retaining the existing AWS SigV4 authentication method and adjusting related configurations and header processing.
  Feature Value: The new Bearer Token authentication method provides users with more flexibility, making it easier to choose the appropriate authentication mechanism when using AWS Bedrock services, enhancing user experience.

• Related PR: #3301
  Contributor: @wydream
  Change Log: This PR implements Express Mode support in the Vertex AI Provider of the ai-proxy plugin, simplifying the authentication process for developers using Vertex AI, requiring only an API Key.
  Feature Value: By introducing the Express Mode feature, users can start using Vertex AI more conveniently, without the need for complex Service Account configuration, enhancing developer efficiency and experience.

• Related PR: #3295
  Contributor: @rinfx
  Change Log: This PR adds MCP protocol support to the ai-security-guard plugin, including implementing two response handling methods for content security checks and adding corresponding unit tests.
  Feature Value: The new MCP support expands the plugin's application scope, allowing users to use the plugin for API call content security checks in more scenarios, enhancing system security.

• Related PR: #3267
  Contributor: @erasernoob
  Change Log: Added the hgctl agent module, including basic functionality implementation and integration with related services, and updated go.mod and go.sum files to support new dependencies.
  Feature Value: By introducing the hgctl agent module, a new management and control method is provided to users, enhancing system flexibility and operability and improving user experience.

• Related PR: #3261
  Contributor: @rinfx
  Change Log: This PR adds the ability to disable thinking for gemini-2.5-flash and gemini-2.5-flash-lite and includes reasoning token information in the response, allowing users to better control AI behavior and understand its working details.
  Feature Value: By allowing users to choose whether to enable the thinking feature and displaying reasoning token usage, system flexibility and transparency are enhanced, helping developers more effectively debug and optimize AI applications.

• Related PR: #3255
  Contributor: @nixidexiangjiao
  Change Log: Optimized the Lua-based minimum in-flight requests load balancing strategy, addressing issues such as abnormal node preference selection, inconsistent new node handling, and uneven sampling distribution.
  Feature Value: Improves system stability and service availability, reduces the fault amplification effect caused by abnormal nodes, and enhances support for new nodes and even traffic distribution.

• Related PR: #3236
  Contributor: @rinfx
  Change Log: This PR adds support for the claude model in vertex and handles the case where delta might be empty, increasing system compatibility and stability.
  Feature Value: Adding support for the claude model in vertex allows users to leverage a wider range of AI models for development and research, enhancing system flexibility and practicality.

• Related PR: #3218
  Contributor: @johnlanni
  Change Log: Added an automatic rebuild trigger mechanism based on request count and memory usage, and expanded supported path suffixes, including /rerank and /messages.
  Feature Value: These improvements enhance system stability and response speed, allowing effective handling of high loads or low memory situations through automatic rebuilding, while also enhancing support for new features.

• Related PR: #3213
  Contributor: @rinfx
  Change Log: This PR updates the vertex.go file, changing the access method from region-specific to global, to support new models that only support global mode.
  Feature Value: After adding support for the global region, users can more easily use new models like the gemini-3 series without specifying a specific geographic region.

• Related PR: #3206
  Contributor: @rinfx
  Change Log: This PR primarily adds support for security checks on prompt and image content in the request body, especially when using OpenAI and Qwen to generate images. Enhanced the parseOpenAIRequest function to parse image data and improved related processing logic.
  Feature Value: The new security check feature enhances system security when handling image generation requests, helping to prevent the spread of potential malicious content and providing users with a safer and more reliable service experience.

• Related PR: #3200
  Contributor: @YTGhost
  Change Log: This PR adds support for array content in the ai-proxy plugin by modifying the relevant logic in the bedrock.go file, enabling correct handling when content is an array.
  Feature Value: Enhances the ai-proxy plugin's ability to handle messages, now correctly supporting and converting array-formatted content, making chat tool message transmission more flexible and diverse.

• Related PR: #3185
  Contributor: @rinfx
  Change Log: This PR adds a rebuild mechanism to ai-cache, updating go.mod and go.sum files and making minor adjustments to main.go to avoid excessive memory usage.
  Feature Value: The new ai-cache rebuild mechanism effectively manages memory usage, preventing system performance degradation due to high memory consumption, enhancing system stability and user experience.

• Related PR: #3184
  Contributor: @rinfx
  Change Log: This PR adds support for user-defined domain names in the Doubao extension, allowing users to configure service access domain names according to their needs. Main changes include adding compilation options in the Makefile and introducing new configuration items in doubao.go and provider.go.
  Feature Value: The new custom domain configuration feature allows users to flexibly set up external service domain names based on actual needs, enhancing system flexibility and user experience. This helps better adapt to the requirements of different deployment environments.

• Related PR: #3175
  Contributor: @wydream
  Change Log: Added a generic provider for handling requests that do not require path remapping, utilizing shared headers and basePath tools. Also updated the README file to include configuration details and introduced relevant tests.
  Feature Value: By adding this generic provider, users can more flexibly handle requests from different suppliers without needing to make complex path modifications, lowering the usage threshold and enhancing system compatibility.

• Related PR: #3173
  Contributor: @EndlessSeeker
  Change Log: This PR adds a global parameter to the Higress Controller for controlling the enablement of the inference scaling feature. Main changes are in the controller-deployment.yaml and values.yaml files, adding new configuration items and documenting them in the README file.
  Feature Value: The new global parameter allows users to more flexibly control the inference scaling feature in the Higress Controller, which is very useful for users who need to adjust behavior based on specific circumstances, enhancing system configurability and adaptability.

• Related PR: #3171
  Contributor: @wilsonwu
  Change Log: This PR introduces support for topology distribution constraints for the gateway and controller, achieved by adding new fields in the relevant YAML configuration files.
  Feature Value: The new support helps users better manage the distribution of pods within the cluster, optimizing resource usage and enhancing system high availability.

• Related PR: #3160
  Contributor: @EndlessSeeker
  Change Log: This PR upgrades the gateway API to the latest version, involving multiple modifications across several files, including Makefile and go.mod, to ensure compatibility with the latest API.
  Feature Value: By introducing the latest gateway API support, users can enjoy more stable and feature-rich service mesh characteristics, enhancing system scalability and maintainability.

• Related PR: #3136
  Contributor: @Wangzy455
  Change Log: Added a tool semantic search function based on the Milvus vector database, allowing users to find the most relevant tools through natural language queries.
  Feature Value: This feature enhances the system's search capabilities, enabling users to more accurately locate the required tools, enhancing user experience and work efficiency.

• Related PR: #3075
  Contributor: @rinfx
  Change Log: Refactored the code to modularize, supporting multimodal input detection and image generation security checks, and fixed response anomalies in boundary conditions.
  Feature Value: Enhanced the AI Security Guard's ability to handle multimodal inputs, improving system robustness and user experience, ensuring the security of content generation.

• Related PR: #3066
  Contributor: @EndlessSeeker
  Change Log: Upgraded Istio to version 1.27.1 and adjusted higress-core to adapt to the new version, fixing submodule branch pulling and integration testing issues.
  Feature Value: By upgrading Istio and related dependencies, system stability and performance are enhanced, solving problems in the old version and providing users with more reliable services.

• Related PR: #3063
  Contributor: @rinfx
  Change Log: Implemented cross-cluster and endpoint load balancing based on specified metrics, allowing users to select specific metrics for load balancing in the plugin configuration.
  Feature Value: Enhances system flexibility and scalability, allowing users to optimize request distribution based on actual needs (e.g., concurrency, TTFT, RT), thereby enhancing overall service performance and response speed.

• Related PR: #3061
  Contributor: @Jing-ze
  Change Log: This PR resolves multiple issues in the response-cache plugin and adds comprehensive unit tests. Improved cache key extraction logic, fixed interface mismatch errors, and cleaned up redundant spaces in configuration validation.
  Feature Value: By enhancing the functionality and stability of the response-cache plugin, system performance and user experience are improved. Now supports extracting keys from request headers/bodies and caching responses, reducing the processing time for repeated requests.

• Related PR: #2825
  Contributor: @CH3CHO
  Change Log: Added the traffic-editor plugin, supporting request and response header editing, providing a more flexible code structure to meet different needs.
  Feature Value: Users can use this plugin to perform various types of modifications to request/response headers, such as deletion, renaming, etc., enhancing system flexibility and configurability.

• Related PR: #3434
  Contributor: @johnlanni
  Change Log: Fixed a YAML parsing error in the frontmatter section of the SKILL file by adding double quotes to the description value to avoid misinterpreting colons as YAML syntax.
  Feature Value: Resolved rendering issues caused by YAML parsing, ensuring that the skill description is displayed correctly, enhancing user experience and document accuracy.

• Related PR: #3422
  Contributor: @johnlanni
  Change Log: Fixed an issue in the model-router plugin where the model field in the request body was not updated in the automatic routing mode. Ensured that the model field in the request body matches the routing decision after matching the target model.
  Feature Value: Ensures that downstream services receive the correct model name, enhancing system consistency and accuracy, avoiding service anomalies or data processing deviations due to using the wrong model.

• Related PR: #3400
  Contributor: @johnlanni
  Change Log: This PR fixes the issue of duplicate definition of the loadBalancerClass field in Helm templates, resolving YAML parsing errors by removing the redundant definition.
  Feature Value: Fixed the YAML parsing error when configuring loadBalancerClass, ensuring a more stable and reliable service deployment process.

• Related PR: #3370
  Contributor: @rinfx
  Change Log: This PR fixes the issue of incorrect request body handling in the model-mapper when the suffix does not match, and adds JSON validation for the body content to ensure its validity.
  Feature Value: By resolving unexpected request handling issues and enhancing input validation, system stability and data processing security are improved, providing a more reliable service experience to users.

• Related PR: #3341
  Contributor: @zth9
  Change Log: Fixed the issue of concurrent SSE connections returning the wrong endpoint, ensuring the correctness of the SSE server instance by updating the configuration file and filter logic.
  Feature Value: Resolved the concurrent SSE connection issue encountered by users, enhancing system stability and reliability, and improving user experience.

• Related PR: #3258
  Contributor: @johnlanni
  Change Log: This PR corrects the MCP server version negotiation mechanism to comply with the specification, including updating related dependency versions.
  Feature Value: By ensuring that the MCP server version negotiation complies with the specification, system compatibility and stability are enhanced, reducing potential communication errors.

• Related PR: #3257
  Contributor: @sjtuzbk
  Change Log: This PR fixes the defect in the ai-proxy plugin where difyApiUrl was directly used as the host, by parsing the URL to correctly extract the hostname.
  Feature Value: The fix enhances the plugin's stability and compatibility, ensuring that users can normally use the plugin when configuring custom API URLs, avoiding service interruptions due to incorrect handling.

• Related PR: #3252
  Contributor: @rinfx
  Change Log: This PR adjusts the debug log messages and adds a penalty mechanism for error responses, delaying the processing of error responses to avoid interfering with service selection during load balancing.
  Feature Value: Enhances the stability and reliability of cross-provider load balancing by delaying error responses to optimize the service selection process, reducing service interruptions caused by quick error returns.

• Related PR: #3251
  Contributor: @rinfx
  Change Log: This PR handles the case where the content extracted from the configuration's JSONPath is empty by using [empty content] instead, ensuring that the program can continue to execute correctly.
  Feature Value: This fix enhances system robustness, preventing potential errors or anomalies caused by empty content, thereby improving user experience and system reliability.

• Related PR: #3237
  Contributor: @CH3CHO
  Change Log: This PR increases the buffer size for the request body when handling multipart data, resolving the issue of a too small buffer in the model-router when processing multipart form data.
  Feature Value: Increasing the buffer size for handling multipart data ensures stability in scenarios like large file uploads, enhancing user experience.

• Related PR: #3225
  Contributor: @wydream
  Change Log: Fixed the issue where the basePathHandling configuration did not work correctly when using the protocol: original setting. This was resolved by adjusting the request header transformation logic for multiple providers.
  Feature Value: Ensures that when using the original protocol, users can correctly remove the base path prefix, enhancing the consistency and reliability of API calls, affecting over 27 service providers.

• Related PR: #3220
  Contributor: @Aias00
  Change Log: Fixed the issue where unhealthy or disabled service instances were improperly registered in Nacos, and ensured that the AllowTools field is always present during serialization.
  Feature Value: By skipping unhealthy or disabled services, system stability and reliability are improved; ensuring consistent presentation of the AllowTools field avoids potential configuration misunderstandings.

• Related PR: #3211
  Contributor: @CH3CHO
  Change Log: Updated the request body judgment logic in the ai-proxy plugin, replacing the old method of determining whether a request body exists based on content-length and content-type with the new HasRequestBody logic.
  Feature Value: This change resolves the issue of incorrectly judging the presence of a request body under specific conditions, enhancing the accuracy of service request handling and avoiding potential data processing errors.

• Related PR: #3187
  Contributor: @CH3CHO
  Change Log: This PR enables progress notifications by bypassing the handling of streamable response bodies in MCP. Specifically, it modified the filter.go file in the golang-filter plugin, involving small-scale adjustments to data encoding logic.
  Feature Value: This change allows users to receive progress updates when using MCP for streaming, enhancing user experience and providing a more transparent data transmission process, especially useful for applications requiring real-time monitoring of transmission status.

• Related PR: #3168
  Contributor: @wydream
  Change Log: Fixed the issue of query string loss during the OpenAI capability rewrite process, ensuring that query parameters are stripped and re-appended to the original path during path matching.
  Feature Value: Resolved the path matching issue caused by query string interference, ensuring the correctness and stability of services like video content endpoints.

• Related PR: #3167
  Contributor: @EndlessSeeker
  Change Log: This PR updates the references to multiple submodules and simplifies the command logic for submodule initialization and update in the Makefile, deleting 25 lines of code and adding 8 lines.
  Feature Value: By fixing submodule update issues and simplifying related scripts, the build efficiency and stability of the project are improved, ensuring users can obtain the latest dependency library versions.

• Related PR: #3148
  Contributor: @rinfx
  Change Log: Removed the omitempty tag from the toolcall index field, ensuring that the default value is 0 when the response does not contain an index, thus avoiding potential data loss issues.
  Feature Value: This fix enhances system stability and data integrity, allowing users who rely on the toolcall index to more reliably handle related data, reducing errors due to missing indices.

• Related PR: #3022
  Contributor: @lwpk110
  Change Log: This PR fixes the issue of missing podMonitorSelector in the gateway metrics configuration, adding support for gateway.metrics.labels in the PodMonitor template and setting a default selector label to ensure automatic discovery by the kube-prometheus-stack monitoring system.
  Feature Value: By adding support for custom selectors and setting default values, users can more flexibly configure their monitoring metrics, enhancing system observability and maintainability.

• Related PR: #3155
  Contributor: @github-actions[bot]
  Change Log: This PR updates the CRD files in the helm folder, adding the routeType field and its enumeration value definitions.
  Feature Value: By updating the CRD configuration, the flexibility and extensibility of the application are enhanced, allowing users to choose different route types as needed.

• Related PR: #3442
  Contributor: @johnlanni
  Change Log: Updated the higress-clawdbot-integration skill documentation, removing the IMAGE_REPO environment variable and retaining PLUGIN_REGISTRY as the single source.
  Feature Value: Simplified the user configuration process, reducing the complexity of environment variable settings, and enhancing document consistency and usability.

• Related PR: #3441
  Contributor: @johnlanni
  Change Log: Updated the skill documentation to reflect the new behavior of automatically selecting the best registry for container images and WASM plugins based on the timezone.
  Feature Value: By automating timezone detection to select the best registry, the user configuration process is simplified, enhancing user experience and efficiency.

• Related PR: #3440
  Contributor: @johnlanni
  Change Log: This PR adds a troubleshooting guide for common errors during Higress AI Gateway API server deployment due to file descriptor limits.
  Feature Value: By providing detailed troubleshooting information, users can quickly locate and fix service startup failures caused by system file descriptor limits, enhancing user experience.

• Related PR: #3439
  Contributor: @johnlanni
  Change Log: This PR adds a guide for choosing geographically closer container image registries in the higress-clawdbot-integration SKILL documentation, including a new section on image registry selection, an environment variable table, and examples.
  Feature Value: By providing a method to choose the nearest container image registry based on geographical location, this feature helps users optimize the Higress deployment process, reduce network latency, and improve user experience.

• Related PR: #3433
  Contributor: @johnlanni \

This release includes 18 updates, covering enhancements, bug fixes, and performance optimizations.

• New Features: 7 items
• Bug Fixes: 10 items
• Documentation Updates: 1 item

• Related PR: #621
  Contributor: @Thomas-Eliot
  Change Log: This PR optimizes the interaction capabilities of the MCP Server, including rewriting the header host, modifying the interaction method to support transport selection, and handling special characters like @.
  Feature Value: These improvements enhance the flexibility and compatibility of the MCP Server in various scenarios, making it easier for users to configure and use the MCP Server.

• Related PR: #612
  Contributor: @zhwaaaaaa
  Change Log: This PR adds ignore handling for hop-to-hop headers, particularly for the transfer-encoding: chunked header. It also enhances code readability and maintainability by adding comments at key points.
  Feature Value: This feature resolves the issue where the Grafana page fails to work due to specific HTTP headers sent by the reverse proxy server, improving system compatibility and user experience.

• Related PR: #608
  Contributor: @Libres-coder
  Change Log: This PR adds plugin display support to the AI route management page, allowing users to view enabled plugins and see the "Enabled" label on the configuration page.
  Feature Value: This enhancement improves the functional consistency and user experience of the AI route management page, enabling users to more intuitively manage and view enabled plugins in the AI route.

• Related PR: #604
  Contributor: @CH3CHO
  Change Log: This PR introduces support for path rewriting using regular expressions, implemented through the new higress.io/rewrite-target annotation, with corresponding code and test updates in relevant files.
  Feature Value: The new feature allows users to flexibly define path rewriting rules using regular expressions, significantly enhancing the flexibility and functionality of application routing configurations, making it easier for developers to customize request paths as needed.

• Related PR: #603
  Contributor: @CH3CHO
  Change Log: This PR adds a feature to display a fixed service port 80 in the static service source settings, achieved by defining a constant in the code and updating the form component.
  Feature Value: Adding the display of a fixed service port 80 helps users better understand and configure static service sources, improving the user experience.

• Related PR: #602
  Contributor: @CH3CHO
  Change Log: This PR implements search functionality in the process of selecting upstream services on the AI route configuration page, enhancing the interactivity and usability of the user interface.
  Feature Value: The added search function enables users to quickly and accurately find the required upstream services, greatly improving configuration efficiency and user experience.

• Related PR: #566
  Contributor: @OuterCyrex
  Change Log: Adds support for custom Qwen services, including enabling internet search and uploading file IDs.
  Feature Value: This enhancement increases the flexibility and functionality of the system, allowing users to configure custom Qwen services to meet more personalized needs.

• Related PR: #620
  Contributor: @CH3CHO
  Change Log: This PR fixes a spelling error in the sortWasmPluginMatchRules logic, ensuring the correctness and readability of the code.
  Feature Value: By correcting the spelling error, the code quality is improved, reducing potential misunderstandings and maintenance costs, and enhancing the user experience.

• Related PR: #619
  Contributor: @CH3CHO
  Change Log: This PR removes version information from the data JSON when converting AiRoute to ConfigMap. This information is already stored in the ConfigMap metadata and does not need to be duplicated in the JSON.
  Feature Value: Avoiding redundant information storage makes the data structure clearer and more reasonable, which helps improve the consistency and efficiency of configuration management, reducing potential data inconsistencies.

• Related PR: #618
  Contributor: @CH3CHO
  Change Log: Refactors the API authentication logic in the SystemController, eliminating security vulnerabilities. Adds the AllowAnonymous annotation and adjusts the ApiStandardizationAspect class to support the new authentication logic.
  Feature Value: Fixes the security vulnerabilities in the SystemController, enhancing system security and protecting user data from unauthorized access.

• Related PR: #617
  Contributor: @CH3CHO
  Change Log: This PR fixes multiple errors in the front-end console, including missing unique key attributes for list items, issues with loading images that violate the content security policy, and incorrect type for the Consumer.name field.
  Feature Value: By resolving these front-end errors, the stability and user experience of the application are improved. This helps reduce issues encountered by developers during debugging and ensures the application runs as expected.

• Related PR: #614
  Contributor: @lc0138
  Change Log: Fixes an error in the type of the type field in the ServiceSource class by adding dictionary value validation to ensure the correct type.
  Feature Value: This fix improves the stability and data accuracy of the system, preventing service anomalies due to type mismatches and enhancing the user experience.

• Related PR: #613
  Contributor: @lc0138
  Change Log: This PR strengthens the content security policy (CSP) by modifying the front-end configuration, preventing cross-site scripting attacks and other security threats, ensuring the application is more secure and reliable.
  Feature Value: Enhances the security of the front-end application, effectively defending against common web security attacks, protecting user data from unauthorized access or tampering, and improving user experience and trust.

• Related PR: #611
  Contributor: @qshuai
  Change Log: This PR fixes a spelling error in the controller API title in the LlmProvidersController.java file, ensuring consistency between the documentation and the code.
  Feature Value: Fixing the title spelling error improves the accuracy and readability of the API documentation, helping developers better understand and use the relevant interfaces.

• Related PR: #609
  Contributor: @CH3CHO
  Change Log: This PR corrects the type of the name field in the Consumer interface from boolean to string, ensuring the accuracy of the type definition.
  Feature Value: By fixing the type definition error, the code quality and maintainability are improved, reducing potential runtime errors and enhancing the developer experience.

• Related PR: #605
  Contributor: @SaladDay
  Change Log: Fixes the AI route name validation rules to support dot characters and unifies them to allow only lowercase letters. Also updates the error messages in both Chinese and English to accurately reflect the new validation logic.
  Feature Value: Resolves the inconsistency between the UI prompt and backend validation logic, improving the consistency and accuracy of the user experience, ensuring users can correctly enter AI route names according to the latest rules.

• Related PR: #552
  Contributor: @lcfang
  Change Log: Adds the vport attribute to fix the issue of route configuration failure when the service instance port changes. By adding the vport attribute in the registry configuration, it ensures that changes to the backend service port do not affect the route.
  Feature Value: Solves the compatibility issue caused by changes in the service instance port, enhancing the stability and user experience of the system, ensuring that services remain accessible even if the backend instance port changes.

• Related PR: #610
  Contributor: @heimanba
  Change Log: Updates the required and associated explanations for the document configuration fields, including changing the rewrite fields to optional and correcting some description texts.
  Feature Value: By adjusting the field descriptions in the documentation, the configuration flexibility and compatibility are improved, helping users better understand and use the front-end canary plugin.

• 🚀 New Features: 7 items
• 🐛 Bug Fixes: 10 items
• 📚 Documentation Updates: 1 item

Total: 18 changes

Thank you to all contributors for their hard work! 🎉

• @EndlessSeeker made their first contribution in https://github.com/alibaba/higress/pull/3066
• @YTGhost made their first contribution in https://github.com/alibaba/higress/pull/3200
• @Wangzy455 made their first contribution in https://github.com/alibaba/higress/pull/3136
• @maplecap made their first contribution in https://github.com/alibaba/higress/pull/3244
• @lwpk110 made their first contribution in https://github.com/alibaba/higress/pull/3022
• @wilsonwu made their first contribution in https://github.com/alibaba/higress/pull/3171
• @nixidexiangjiao made their first contribution in https://github.com/alibaba/higress/pull/3255
• @CZJCC made their first contribution in https://github.com/alibaba/higress/pull/3305
• @qshuai made their first contribution in https://github.com/alibaba/higress/pull/3241
• @zth9 made their first contribution in https://github.com/alibaba/higress/pull/3341
• @ThxCode-Chen made their first contribution in https://github.com/alibaba/higress/pull/3384
• @changsci made their first contribution in https://github.com/alibaba/higress/pull/3394

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.9...v2.2.0

This release includes 44 updates, covering feature enhancements, bug fixes, performance optimizations, and more.

• New Features: 23 items
• Bug Fixes: 13 items
• Refactoring and Optimization: 3 items
• Documentation Updates: 1 item
• Testing Improvements: 4 items

This release contains 3 important updates, which are recommended for your attention:

• feat(mcp-server): add server-level default authentication and MCP proxy server support (#3096): By introducing server-level default authentication, the system's security and flexibility have been enhanced, allowing users to manage tool and service security policies more conveniently, thereby improving overall service security and user experience.
• feat: add higress api mcp server (#2923): By integrating the higress api mcp server, users can more easily manage and operate Higress resources such as routing, service origins, and AI routing, enhancing the system's manageability and flexibility.
• feat: implement hgctl agent & mcp add subcommand (#3051): By introducing new subcommands, the convenience of user operations and the scalability of the system have been improved, allowing users to manage and configure MCP services more flexibly.

For more details, please refer to the Important Features section below.

Here is a detailed description of the key features and improvements in this release:

Related PR: #3096 | Contributor: @johnlanni

Usage Background

In modern microservice architectures, authentication and authorization are key factors in ensuring system security. Existing authentication mechanisms may be too dispersed and difficult to manage, leading to complex and error-prone configurations. Additionally, as the system scales, a single MCP server may not meet performance requirements, necessitating the introduction of a proxy server to distribute the load. This feature aims to address these issues by providing a unified, configurable authentication mechanism and supporting request forwarding through an MCP proxy server. The target user group includes developers and operators who need to enhance system security and scalability.

Feature Details

1. Server-Level Default Authentication: New configuration options defaultDownstreamSecurity and defaultUpstreamSecurity have been added to set default authentication for client-to-gateway and gateway-to-backend, respectively. These options can be configured at the global level, with tool-level settings overriding global settings. This design makes authentication configuration more flexible and manageable.
2. MCP Proxy Server Type: A new server type, mcp-proxy, has been introduced, allowing MCP requests from clients to be forwarded to backend MCP servers. The mcpServerURL field can specify the address of the backend MCP server, and the timeout field can control the request timeout. Additionally, full authentication mechanisms, including client-to-gateway and gateway-to-backend authentication, are supported.
3. Authentication Code Refactoring: The code related to authentication has been refactored to improve maintainability and extensibility. The version of the dependency library has been updated to ensure compatibility with the latest version.

Usage Instructions

1. Enable and Configure: First, enable defaultDownstreamSecurity and defaultUpstreamSecurity in the configuration file and set the corresponding authentication parameters. For the MCP proxy server, specify the mcpServerURL and timeout fields.
2. Typical Use Cases: Suitable for microservice architectures that require centralized management and unified distribution of authentication policies. For example, in a multi-tenant environment, default authentication configurations can be used to manage the authentication policies of all tenants uniformly.
3. Notes: Ensure version compatibility of all related components to avoid issues caused by version mismatches. It is also recommended to conduct thorough testing in a production environment before deployment to verify the effectiveness and performance of the configuration.

Feature Value

1. Enhanced Security: By providing a unified authentication configuration, the risk of configuration errors is reduced, enhancing the overall system security. In multi-tenant environments, it better isolates access permissions for different tenants.
2. Increased Flexibility: A multi-level priority configuration mechanism is provided, making authentication policies more flexible and manageable. Tool-level configurations can override global settings to adapt to different business needs.
3. Improved Scalability: By introducing an MCP proxy server, the load on a single MCP server can be effectively distributed, improving the overall performance and stability of the system. In large-scale distributed systems, this design significantly enhances system scalability.

Related PR: #2923 | Contributor: @Tsukilc

Usage Background

This feature addresses the convenience and flexibility of managing Higress resources. In the past, users may have needed to use multiple APIs or tools to manage different resources, such as routes, service origins, and plugins. Now, with the Higress API MCP Server, users can manage these resources in a unified interface, including new AI routes, AI providers, and MCP servers. This not only simplifies the operational process but also enhances the security and maintainability of the system. The target user group mainly consists of Higress operators and developers who need to manage various Higress resources efficiently and securely.

Feature Details

This PR mainly implements the following features:

1. New Higress API MCP Server: Provides a unified API interface to manage Higress resources such as routes, service origins, AI routes, AI providers, MCP servers, and plugins.
2. Updated Authentication Mechanism: Changed from the previous username and password authentication to HTTP Basic Authentication, enhancing security.
3. New Tool Registration: Registered new AI route, AI provider, and MCP server management tools, enabling the system to support these new features.
4. Code Optimization: Removed unnecessary type conversions, improving performance and code clarity.
5. Documentation Update: Updated the README documentation to reflect the new features. Technically, by introducing new structs and utility functions, the existing MCP Server functionality was extended, ensuring compatibility with existing features.

Usage Instructions

Enabling and configuring the Higress API MCP Server is simple:

1. Configure the URL address of the Higress Console.
2. Choose an appropriate authentication method (e.g., HTTP Basic Authentication) and provide the corresponding credentials.
3. Use the provided API tools for resource management. For example, use list-ai-routes to list all AI routes, and use add-ai-route to add a new AI route, etc.
4. For MCP server management, you can use list-mcp-servers to list all MCP servers and use add-or-update-mcp-server to add or update an MCP server, etc.
5. Notes: Ensure that all fields in the configuration files are correctly filled, especially those involving weight sum validation. It is recommended to use the latest client tools (e.g., Cherry Studio) to provide credentials, enhancing security.

Feature Value

This feature brings significant benefits to users:

1. Improved Management Efficiency: Through a unified API interface, users can more efficiently manage and configure various Higress resources, reducing operational complexity.
2. Enhanced Security: The new authentication mechanism (e.g., HTTP Basic Authentication) enhances system security, preventing unauthorized access.
3. Extended Functionality: The addition of AI route, AI provider, and MCP server management tools enables Higress to better support modern application needs.
4. Code Optimization: Removing unnecessary type conversions and optimizing query parameter concatenation logic improves system performance and code quality. Overall, this feature not only enhances user experience but also strengthens the system's stability and security, making it significant in the Higress ecosystem.

Related PR: #3051 | Contributor: @erasernoob

Usage Background

This PR addresses the inconvenience users face when managing and configuring MCP services. In the current Higress CLI tool, there is no direct function to add MCP services, requiring users to manually configure complex API calls. Additionally, there is a lack of a unified CLI tool to initialize and manage the environment. The new feature aims to simplify these operations, allowing users to quickly add and manage MCP services via simple command-line instructions and providing an interactive agent window to set necessary environment variables. The target user group includes Higress developers, operators, and any users who need to manage MCP services.

Feature Details

This update implements two new subcommands: hgctl agent and mcp add. The hgctl agent command starts an interactive agent window to guide users through environment setup. The mcp add command allows users to directly add MCP services, supporting two types of services: direct proxy and OpenAPI-based MCP services. For direct proxy services, users can publish services by specifying URLs and other parameters; for OpenAPI-based services, users can upload OpenAPI specification files and configure them. The core technical points involve integrating with the Higress Console API to achieve automatic service registration and management. Code changes primarily focus on the newly added agent package and related modules, such as base.go, core.go, and mcp.go.

Usage Instructions

To enable hgctl agent, simply run the hgctl agent command. The system will prompt the user to set necessary environment variables upon first use. To use the mcp add command to add an MCP service, users can choose one of the following two methods based on their needs:

1. Add a direct proxy service:

   hgctl mcp add mcp-deepwiki -t http https://mcp.deepwiki.com --user admin --password 123 --url http://localhost:8080

2. Add an OpenAPI-based service:

   hgctl mcp add openapi-server -t openapi --spec openapi.yaml --user admin --password 123 --url http://localhost:8080

Notes: Ensure that Go 1.24 or higher is installed, and the environment variables are correctly configured. Best practices include using a custom logging library to record errors and debug information in production environments.

Feature Value

The new feature significantly enhances the usability and flexibility of the Higress CLI tool. By introducing hgctl agent, users can easily initialize and manage the environment without manually configuring complex environment variables. The mcp add command further simplifies the process of adding MCP services, supporting multiple types of MCP services, and improving development and operational efficiency. Additionally, integration with the Higress Console API ensures the consistency and reliability of services. These improvements not only enhance user experience but also strengthen the overall performance and stability of the system, making it significant in the Higress ecosystem.

• Related PR: #3126
  Contributor: @johnlanni
  Change Log: This PR updates the Envoy dependency, allowing the WASM plugin to configure Redis client buffering behavior via URL query parameters, including setting the maximum buffer size and flush timeout.
  Feature Value: This feature allows users to more flexibly control buffer parameters related to Redis calls, thereby optimizing performance and meeting specific application needs.

• Related PR: #3123
  Contributor: @johnlanni
  Change Log: Upgraded the proxy version to v2.2.0, updated the Go toolchain to 1.23.7, and added architecture-specific build targets for golang-filter, while fixing dependency issues related to MCP server, OpenAI, and Milvus SDK support.
  Feature Value: This update enhances system compatibility and performance, making it easier for developers to deploy applications on different architectures and improving the stability of integration with other services like OpenAI and Milvus.

• Related PR: #3108
  Contributor: @wydream
  Change Log: Added video-related API paths and processing capabilities, including API name constants for video series, default function entries, and regular expression path handling, and updated the OpenAI provider to support these new endpoints.
  Feature Value: This feature expands the AI proxy plugin's capability to handle and parse more types of media content requests, especially video-related operations, thus enhancing user flexibility and efficiency in multimedia content management.

• Related PR: #3071
  Contributor: @rinfx
  Change Log: This PR adds a new feature example named inject_encoded_data_to_filter_chain_on_header, allowing the addition of a response body to a request even if there is no response body. By calling a specific Wasm function and processing requests and responses according to specified rules, it ensures the correct injection of data.
  Feature Value: This feature extends the application's service capabilities, allowing developers to more flexibly control HTTP response content, especially in scenarios where dynamic generation or modification of the response body is required, greatly enhancing service flexibility and user experience.

• Related PR: #3067
  Contributor: @wydream
  Change Log: This PR adds vLLM as a new AI provider, supporting various OpenAI-compatible APIs, including chat completion and text completion.
  Feature Value: The addition of vLLM support greatly expands Higress' capabilities in proxying AI services, allowing users to more flexibly use different types of AI models and services.

• Related PR: #3060
  Contributor: @erasernoob
  Change Log: This PR enhances the hgctl mcp and hgctl agent commands, enabling them to automatically fetch Higress Console credentials from installation configuration files and Kubernetes secrets.
  Feature Value: Simplifies the process of handling authentication information when using Higress, improving operational convenience and user experience.

• Related PR: #3043
  Contributor: @2456868764
  Change Log: Fixed the default port error for Milvus and added Python example code in the README.md to help users better understand and use the feature.
  Feature Value: By correcting the configuration error and providing Python example code, the system's stability and usability are improved, making it easier for users to get started and integrate.

• Related PR: #3040
  Contributor: @victorserbu2709
  Change Log: This PR adds ApiNameAnthropicMessages to the Claude feature, supporting the configuration of the anthropic provider without using protocol=original and directly forwarding /v1/messages requests to anthropic.
  Feature Value: Enhances the flexibility and compatibility of different AI service providers, making it easier for users to interact with the Claude API, thus improving the diversity and user experience of the application.

• Related PR: #3038
  Contributor: @Libres-coder
  Change Log: Added the list-plugin-instances tool, allowing the AI proxy to query plugin instances within a specified range via the MCP protocol, and updated the bilingual documentation.
  Feature Value: This feature enhances the management capability of plugin instances, allowing users to more flexibly query plugin information at different levels, improving system maintainability and user experience.

• Related PR: #3032
  Contributor: @johnlanni
  Change Log: This PR enables Qwen compatibility mode by default and adds missing API endpoints, including AsyncAIGC, AsyncTask, and V1Rerank, enhancing the AI proxy features.
  Feature Value: By enabling compatibility mode by default and expanding API coverage, this update provides users with a more complete out-of-the-box experience and more comprehensive feature support, enhancing system usability and flexibility.

• Related PR: #3029
  Contributor: @victorserbu2709
  Change Log: This PR adds support for v1/responses in the groq provider by updating the code in the groq.go file.
  Feature Value: The new responses feature allows users to better manage and process response data, improving system flexibility and usability, providing developers with more customization space.

• Related PR: #3024
  Contributor: @rinfx
  Change Log: Added malicious URL and model hallucination detection, fixed the issue of incorrect response when the response contains empty content, and adjusted specific consumer configurations.
  Feature Value: Enhances the system's ability to identify malicious behavior, improves user experience and security, and optimizes the handling logic for multiple event return scenarios.

• Related PR: #3008
  Contributor: @hellocn9
  Change Log: Added support for custom parameter names to configure MCP SSE stateful sessions via the higress.io/mcp-sse-stateful-param-name annotation.
  Feature Value: Allows users to customize the parameter names for MCP SSE stateful sessions, increasing the flexibility and configurability of the application to meet more scenario needs.

• Related PR: #3006
  Contributor: @SaladDay
  Change Log: This PR introduces Secret reference support for the Redis configuration of the MCP Server, allowing users to securely store passwords without exposing them in the ConfigMap.
  Feature Value: By allowing the use of Kubernetes Secrets to store sensitive information, the system's security is improved, avoiding the risks associated with storing passwords in plain text.

• Related PR: #2992
  Contributor: @rinfx
  Change Log: This PR records the consumer's name during the authentication and authorization process, even if the consumer is not authorized, for better log observation.
  Feature Value: By recording the names of unauthorized consumers, the system's auditability and troubleshooting capabilities are enhanced, allowing administrators to have a more comprehensive understanding of access requests.

• Related PR: #2978
  Contributor: @rinfx
  Change Log: This PR adds the X-Mse-Consumer header to the request to record the consumer's name, regardless of whether the consumer is authorized, once the consumer's identity is determined during the authentication process.
  Feature Value: This feature enhances the traceability of the system, allowing each request to carry consumer information, which is helpful for subsequent audits, log analysis, and problem troubleshooting.

• Related PR: #2968
  Contributor: @2456868764
  Change Log: Implemented vector database mapping, including a field mapping system and index configuration management, supporting various index types such as HNSW, IVF, and SCANN.
  Feature Value: Enhances the flexibility and compatibility of the system, allowing users to customize field mappings and index configurations, thus better adapting to the needs of different database architectures.

• Related PR: #2943
  Contributor: @Guo-Chenxu
  Change Log: This PR adds support for custom system prompts, allowing users to use custom system prompts when generating release notes. The implementation is done by modifying the GitHub Actions workflow configuration.
  Feature Value: This feature allows users to add personalized system prompt information when generating release note documents, improving the flexibility and user experience of the document, making the release notes more aligned with the actual project situation.

• Related PR: #2942
  Contributor: @2456868764
  Change Log: Fixed the handling logic when the LLM provider is empty, optimized the document structure and content, and updated the README to better describe the functions and configurations of the MCP server.
  Feature Value: Enhances the robustness of the system when the LLM provider is empty, improves the user experience, and allows users to better understand the tools and configuration requirements provided by the MCP server.

• Related PR: #2916
  Contributor: @imp2002
  Change Log: Implemented Nginx migration to the MCP server and provided 7 MCP tools to automate the migration of Nginx configurations and Lua plugins to Higress.
  Feature Value: This feature greatly simplifies the migration from Nginx to Higress, improves migration efficiency, and reduces the complexity of user operations.

• Related PR: #3120
  Contributor: @lexburner
  Change Log: Adjusted the log level in the ai-proxy plugin by lowering the log level of specific warning messages, reducing unnecessary redundant warning outputs.
  Feature Value: Reducing redundant warning messages improves the readability and maintainability of logs, helping users focus on important log information, thereby enhancing the overall user experience.

• Related PR: #3118
  Contributor: @johnlanni
  Change Log: This PR fixes the issue where port-level TLS and load balancing settings would unconditionally overwrite existing ingress annotation configurations. By adding null checks and improving policy merge logic, it ensures that existing configurations are not mistakenly overwritten.
  Feature Value: This fix avoids unnecessary loss or replacement of configurations, improving system stability and reliability, ensuring that user-defined ingress annotations take effect correctly, and enhancing the user experience.

• Related PR: #3095
  Contributor: @rinfx
  Change Log: Fixed the issue of usage information being lost during the claude2openai conversion process and added an index field to the bedrock streaming tool response to improve the accuracy and completeness of data processing.
  Feature Value: This fix ensures that users can obtain complete usage information when using claude2openai conversion and enhances the tracking capability of bedrock streaming responses by adding the index field, improving the user experience and system maintainability.

• Related PR: #3084
  Contributor: @rinfx
  Change Log: This PR fixes the issue where the Claude to OpenAI request does not include include_usage: true when using streaming.
  Feature Value: This fix ensures that users can correctly obtain usage statistics in streaming mode, improving the completeness and user experience of the service.

• Related PR: #3074
  Contributor: @Jing-ze
  Change Log: Added a check for Content-Encoding in the log-request-response plugin to prevent garbled log content due to compressed request/response bodies.
  Feature Value: By improving the log recording mechanism, it ensures that the response body information in the access logs is readable and accurate, enhancing the user experience and system debugging efficiency.

• Related PR: #3069
  Contributor: @Libres-coder
  Change Log: This PR fixes a bug in the CI test framework by adding the go mod tidy command in the prebuild.sh script, ensuring that the go.mod file in the root directory is also updated.
  Feature Value: Solves the issue of CI test failures due to the go.mod file not being correctly updated, ensuring that all PRs triggering e2e tests for wasm plugins pass the CI verification.

• Related PR: #3010
  Contributor: @rinfx
  Change Log: Fixed the parsing failure issue caused by the EventStream response being split, and adjusted the maxtoken conversion logic to ensure data integrity.
  Feature Value: Fixes the EventStream parsing error, improving system stability and reliability, ensuring that users receive accurate data.

• Related PR: #2997
  Contributor: @hanxiantao
  Change Log: Optimized the rate-limiting logic for clusters, AI tokens, and WASM plugins by cumulatively counting request counts and token usage, solving the issue of resetting counters when changing rate limit values.
  Feature Value: Ensures that even when adjusting rate limit thresholds, the existing request count or token usage is not reset, providing a more accurate and reliable rate-limiting mechanism.

• Related PR: #2988
  Contributor: @johnlanni
  Change Log: Corrected the issue in jsonrpc-converter by using the original JSON instead of the incorrect JSON string formatting method for data processing.
  Feature Value: Solves the data processing issue caused by JSON formatting errors, improving system stability and reliability, ensuring that users receive accurate data responses.

• Related PR: #2973
  Contributor: @CH3CHO
  Change Log: This PR solves the compatibility issue caused by setting match_rule_domain to an empty string by always using a wildcard when generating mcp-session configurations, avoiding incompatibility with Higress 2.1.8.
  Feature Value: Fixes the issue caused by setting match_rule_domain to an empty string, improving system stability and compatibility, allowing users to use the MCP server without encountering errors due to version differences.

• Related PR: #2952
  Contributor: @Erica177
  Change Log: Corrected the json tag of the Id field in the ToolSecurity struct from type to id to ensure correct mapping during data serialization.
  Feature Value: This fix resolves the data parsing issue caused by incorrect json tags, improving system stability and data accuracy, enhancing the user experience.

• Related PR: #2948
  Contributor: @johnlanni
  Change Log: Corrected the Azure service URL type detection logic, added support for the Azure OpenAI Response API, and improved streaming event parsing.
  Feature Value: Improves the stability and compatibility of Azure OpenAI integration, ensuring that custom paths and response APIs are correctly handled, enhancing the user experience.

• Related PR: #2941
  Contributor: @rinfx
  Change Log: This PR fixes compatibility issues with old configurations by adjusting the definition of data structures in the main.go file to support older versions.
  Feature Value: Improves backward compatibility, ensuring that existing users do not encounter functional anomalies due to changes in configuration format when upgrading to the new version.

• Related PR: #3119
  Contributor: @johnlanni
  Change Log: Replaced reqChan and deltaReqChan in Connection with channels.Unbounded to prevent deadlock issues caused by HTTP2 flow control.
  Feature Value: By avoiding deadlocks caused by HTTP2 flow control, it ensures smooth handling of client requests and responses, improving system stability and performance.

• Related PR: #3113
  Contributor: @johnlanni
  Change Log: Implemented recursive hash calculation and caching for Protobuf messages using the xxHash algorithm, with special handling for google.protobuf.Any type and map fields.
  Feature Value: Optimizes LDS performance by reducing redundant serialization operations in filter chain matching and listener processing, thereby improving overall system efficiency.

• Related PR: #2945
  Contributor: @rinfx
  Change Log: This PR optimizes the pod selection logic in the ai-load-balancer by updating the Lua script for global minimum request count, reducing unnecessary code lines and improving performance.
  Feature Value: The optimized load balancing strategy more efficiently distributes requests, reducing latency and resource waste, enhancing user experience and service stability.

• Related PR: #2965
  Contributor: @CH3CHO
  Change Log: Updated the description of azureServiceUrl in the ai-proxy README to ensure the documentation accurately reflects the actual purpose of the configuration item.
  Feature Value: By improving the description of the azureServiceUrl field, it helps users better understand its role and configuration method, enhancing the readability and practicality of the documentation.

• Related PR: #3110
  Contributor: @Jing-ze
  Change Log: This PR adds the CODECOV_TOKEN environment variable in the CI workflow to ensure the Codecov upload step is correctly authenticated.
  Feature Value: By adding CODECOV_TOKEN, it improves the accuracy and security of code coverage reports, helping project maintainers better monitor and improve test coverage.

• Related PR: #3097
  Contributor: @johnlanni
  Change Log: Added unit test code for the mcp-server plugin to ensure the stability and reliability of its core functionalities.
  Feature Value: By adding unit tests, the quality of the mcp-server plugin is improved, enhancing system robustness and reducing the likelihood of potential errors.

• Related PR: #2998
  Contributor: @Patrisam
  Change Log: This PR implements end-to-end test cases for Cloudflare, adding content to go-wasm-ai-proxy.go and go-wasm-ai-proxy.yaml.
  Feature Value: By adding Cloudflare end-to-end test cases, it improves the reliability and stability of the system, helping developers better understand and validate the integrated system's performance.

• Related PR: #2980
  Contributor: @Jing-ze
  Change Log: Added coverage gating functionality to the WASM Go plugin unit test workflow, including detailed coverage information display and a 80% coverage threshold setting.
  Feature Value: By increasing the coverage requirements in the CI process, it ensures the quality and stability of the WASM Go plugin, helping developers promptly identify potential issues.

• 🚀 New Features: 23 items
• 🐛 Bug Fixes: 13 items
• ♻️ Refactoring and Optimization: 3 items
• 📚 Documentation Updates: 1 item
• 🧪 Testing Improvements: 4 items

Total: 44 changes (including 3 key updates)

Thank you to all contributors for their hard work! 🎉

This release includes 18 updates, covering various aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 7
• Bug Fixes: 10
• Documentation Updates: 1

• Related PR: #621
  Contributor: @Thomas-Eliot
  Change Log: This PR optimizes some interaction capabilities of the MCP Server, including header rewriting in direct routing scenarios, support for selecting transport types, and special character handling in DB to MCP Server scenarios.
  Feature Value: By improving the interaction methods and processing capabilities of the MCP Server, the system's flexibility and compatibility are enhanced, making it more convenient for users to configure and use backend services, thereby improving the user experience.

• Related PR: #612
  Contributor: @zhwaaaaaa
  Change Log: This PR resolves the issue of Grafana pages not working properly due to the reverse proxy server sending a transfer-encoding: chunked header by adding support for ignoring hop-to-hop headers.
  Feature Value: This feature ensures that even in complex network environments (such as when using a reverse proxy), the Grafana monitoring dashboard can display information correctly, enhancing user experience and system compatibility.

• Related PR: #608
  Contributor: @Libres-coder
  Change Log: This PR adds plugin display support to the AI routing management page, allowing users to view enabled plugins and expand the AI routing row for more information.
  Feature Value: This enhancement improves the AI routing management function, enabling users to more intuitively understand and manage the status of plugins in their AI routing configurations, thereby enhancing the user experience.

• Related PR: #604
  Contributor: @CH3CHO
  Change Log: This PR enhances path rewriting flexibility by adding support for using regular expressions with the higress.io/rewrite-target annotation.
  Feature Value: This increase in path rewriting flexibility allows users to modify request paths using more complex rules, enhancing the system's customizability and user experience.

• Related PR: #603
  Contributor: @CH3CHO
  Change Log: This PR adds a fixed service port 80 display function to the frontend page for static service sources. It defines a constant and updates the form component to show this port number.
  Feature Value: This provides users with a more intuitive view to identify and confirm the standard HTTP port (80) used by static service sources, simplifying the configuration process and reducing potential misunderstandings.

• Related PR: #602
  Contributor: @CH3CHO
  Change Log: This PR adds a search function when selecting upstream services for AI routing. By introducing a search mechanism in the frontend component, it improves the efficiency of users finding the required services.
  Feature Value: The new search function significantly enhances the user experience, especially when the service list is long, helping users quickly locate the target service and simplifying the configuration process.

• Related PR: #566
  Contributor: @OuterCyrex
  Change Log: This PR adds support for custom Qwen services, including enabling internet search and uploading file IDs. The main changes involve the backend SDK and frontend pages to support these new features.
  Feature Value: By adding support for custom Qwen services, users can now more flexibly configure their AI services, particularly for applications requiring specific functionalities like internet search or file handling, greatly enhancing the user experience and service customizability.

• Related PR: #620
  Contributor: @CH3CHO
  Change Log: Corrected a spelling error in the sortWasmPluginMatchRules logic to ensure correct sorting of match rules.
  Feature Value: Fixing the spelling error improves code accuracy and readability, avoiding potential logical errors due to misspellings, thereby enhancing system stability and user experience.

• Related PR: #619
  Contributor: @CH3CHO
  Change Log: This PR removes version information from the data JSON when converting from AiRoute to ConfigMap, as these details are already stored in the ConfigMap metadata.
  Feature Value: Removing redundant version information helps reduce data duplication and ensures that the information stored in the ConfigMap is more concise and clear, improving maintainability and consistency.

• Related PR: #618
  Contributor: @CH3CHO
  Change Log: This PR refactors the API authentication logic in the SystemController to eliminate known security vulnerabilities. It introduces a new AllowAnonymous annotation and updates the relevant controllers to ensure system security.
  Feature Value: This fix eliminates security vulnerabilities in the system, enhancing overall security and protecting users from potential attack threats, thus increasing user trust and experience.

• Related PR: #617
  Contributor: @CH3CHO
  Change Log: Fixed warnings about missing unique key attributes in list items in the frontend console, issues with image loading violating the content security policy, and incorrect type for the Consumer.name field.
  Feature Value: Addressing these frontend errors encountered by users enhances the user experience and system stability.

• Related PR: #614
  Contributor: @lc0138
  Change Log: This PR corrects an error in the ServiceSource type field and adds dictionary value validation logic to ensure the field's accuracy.
  Feature Value: Fixing the error in the service source type field enhances system stability and data consistency, preventing issues caused by type mismatches.

• Related PR: #613
  Contributor: @lc0138
  Change Log: This PR addresses CSP and other security risks in the frontend documentation by adding specific meta tags to enhance web page security.
  Feature Value: Enhancing the security of the web application reduces potential security threats, improving the security of user usage.

• Related PR: #611
  Contributor: @qshuai
  Change Log: Corrected a spelling error in the API method annotations of the LlmProvidersController class, changing 'Add a new route' to the correct description.
  Feature Value: Although a small fix, it ensures the accuracy of the API documentation, helping developers better understand and use the API interfaces.

• Related PR: #609
  Contributor: @CH3CHO
  Change Log: Corrected the type error of the name field in the Consumer interface, changing it from a boolean to a string.
  Feature Value: This fix ensures the correct data type for the Consumer.name field, avoiding runtime errors due to type mismatches, thus enhancing system stability and data accuracy.

• Related PR: #605
  Contributor: @SaladDay
  Change Log: Corrected the AI routing name validation rules to support periods and only allow lowercase letters, and updated the error message to accurately describe the new validation rules.
  Feature Value: This fix addresses the inconsistency between the UI prompt and the actual validation logic, improving the consistency and accuracy of the user experience, ensuring that users receive the correct feedback when configuring AI routes.

• Related PR: #552
  Contributor: @lcfang
  Change Log: To address compatibility issues caused by inconsistent backend service ports, a new vport attribute was added. When the service instance port in the registry changes, the default or specified virtual port can be configured through vport to maintain the validity of the routing configuration.
  Feature Value: This PR enhances system stability and reliability, ensuring that routing configurations do not fail when service ports change, thereby improving the user experience and system availability.

• Related PR: #610
  Contributor: @heimanba
  Change Log: This PR adjusts the configuration field descriptions in the frontend canary documentation, including making fields like rewrite non-mandatory and updating the associated description for the name field in rules. It also updates the Chinese and English README and spec.yaml files.
  Feature Value: By increasing the flexibility of configuration options and improving compatibility, users can more easily configure according to their actual needs. Additionally, the consistency and accuracy of the documentation are improved, helping to reduce the difficulty of use and enhance the user experience.

• 🚀 New Features: 7
• 🐛 Bug Fixes: 10
• 📚 Documentation Updates: 1

Total: 18 Changes

Thank you to all contributors for your hard work! 🎉

• @hellocn9 made their first contribution in https://github.com/alibaba/higress/pull/3008
• @Patrisam made their first contribution in https://github.com/alibaba/higress/pull/2998
• @victorserbu2709 made their first contribution in https://github.com/alibaba/higress/pull/3040
• @Libres-coder made their first contribution in https://github.com/alibaba/higress/pull/3038
• @SaladDay made their first contribution in https://github.com/alibaba/higress/pull/3006

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.8...v2.1.9

This release includes 11 updates, covering areas such as feature enhancements, bug fixes, performance optimizations, and more.

• New Features: 3
• Bug Fixes: 5
• Refactoring and Optimization: 1
• Documentation Updates: 2

• Related PR: #2978
  Contributor: @rinfx
  Change Log: In the key-auth plugin, regardless of whether authentication is successful, the consumer name will be recorded after it is determined. This is achieved by adding the X-Mse-Consumer field to the HTTP request header.
  Feature Value: This feature allows the system to obtain and record the consumer's name earlier, which is very important for logging and subsequent processing, improving the traceability and transparency of the system.

• Related PR: #2968
  Contributor: @2456868764
  Change Log: This PR introduces the core functionality of vector database mapping, including a field mapping system and index configuration management, supporting various index types.
  Feature Value: By providing flexible field mapping and index configuration capabilities, users can more easily integrate with different database architectures, enhancing the system's compatibility and flexibility.

• Related PR: #2943
  Contributor: @Guo-Chenxu
  Change Log: Added a feature for customizing system prompts, allowing users to add personalized notes when generating release notes. This is implemented by modifying the GitHub Actions workflow file.
  Feature Value: This feature allows users to include customized system prompts when generating release notes, enhancing the flexibility and richness of information in the release notes, thereby improving the user experience.

• Related PR: #2973
  Contributor: @CH3CHO
  Change Log: This PR fixes an issue in Higress version 2.1.8 where the mcp-session filter did not support setting match_rule_domain to an empty string, using wildcards to match all domains and eliminate compatibility risks.
  Feature Value: This resolves a compatibility issue caused by specific configurations, ensuring that users do not encounter errors due to empty string settings during upgrades or configuration, thus improving the stability and user experience of the system.

• Related PR: #2952
  Contributor: @Erica177
  Change Log: Corrected the JSON tag for the Id field in the ToolSecurity struct from type to id, ensuring correct mapping during data serialization.
  Feature Value: This fix addresses data inconsistency issues caused by incorrect field mapping, enhancing the stability and data accuracy of the system.

• Related PR: #2948
  Contributor: @johnlanni
  Change Log: Fixed the Azure service URL type detection logic to support custom full paths. Enhanced the handling of Azure OpenAI response APIs and improved edge case parsing in streaming events.
  Feature Value: This ensures better compatibility with Azure OpenAI services, improves error handling and user experience, especially when using non-standard paths or streaming responses.

• Related PR: #2942
  Contributor: @2456868764
  Change Log: Fixed the issue of LLM provider being empty and optimized documentation and prompt messages. Specifically, updated README.md for better explanations and adjusted the default LLM model.
  Feature Value: By enhancing the robustness of LLM provider initialization and optimizing related documentation, this improves the stability and user experience of the system, making it clearer for users to understand system configuration and usage.

• Related PR: #2941
  Contributor: @rinfx
  Change Log: This PR fixes compatibility issues with old configurations, ensuring the system can correctly handle outdated configuration parameters, avoiding potential errors due to configuration changes.
  Feature Value: By supporting older version configurations, this enhances the system's backward compatibility, reducing inconvenience to users during upgrades or configuration adjustments, and improving the user experience.

• Related PR: #2945
  Contributor: @rinfx
  Change Log: Optimized the logic for selecting pods based on the minimum number of requests globally, updated the Lua script code related to ai-load-balancer, reducing unnecessary checks and improving performance.
  Feature Value: By improving the minimum request count algorithm in load balancing strategies, this enhances the system's response speed and resource allocation efficiency, allowing users to utilize cluster resources more efficiently.

• Related PR: #2965
  Contributor: @CH3CHO
  Change Log: Updated the description of the azureServiceUrl field in the ai-proxy plugin README file to provide clearer and more accurate information.
  Feature Value: By improving the description in the documentation, users can better understand how to configure the Azure OpenAI service URL, thus enhancing the user experience and configuration accuracy.

• Related PR: #2940
  Contributor: @github-actions[bot]
  Change Log: This PR adds English and Chinese release notes for version 2.1.8, detailing 30 updates in this version.
  Feature Value: By providing detailed release notes, users can more easily understand the new features, bug fixes, and other information included in the new version, allowing them to make better use of the new features.

• 🚀 New Features: 3
• 🐛 Bug Fixes: 5
• ♻️ Refactoring and Optimization: 1
• 📚 Documentation Updates: 2

Total: 11 changes

Thank you to all contributors for their hard work! 🎉

This release includes 4 updates, covering multiple aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 1
• Bug Fixes: 2
• Documentation Updates: 1

This release contains 1 significant update, which is recommended for special attention:

• feat: Support using a known service in OpenAI LLM provider (#589): This feature allows users to use predefined services within the OpenAI LLM, thereby enhancing development efficiency and flexibility, and meeting the needs of a wider range of application scenarios.

For more details, please refer to the Important Feature Details section below.

Below are detailed explanations of key features and improvements in this release:

Related PR: #589 | Contributor: @CH3CHO

Usage Background

As more organizations and services adopt large language models (LLMs), access and management of these models have become increasingly important. Especially when integration with specific known services, such as an on-premises OpenAI API server or a custom API endpoint, is required. This feature addresses the need for direct support of custom OpenAI services within the Higress system, allowing users to more flexibly configure and use their services. The target user groups include, but are not limited to, developers, operations personnel, and enterprises requiring highly customized solutions.

Feature Details

The update primarily focuses on the OpenaiLlmProviderHandler class, introducing support for custom service sources. By adding new configuration options like openaiCustomServiceName and openaiCustomServicePort, users can now directly specify the details of their custom OpenAI service. Additionally, the code has been improved so that if a custom upstream service is specified, a service source will not be created for the default service. This design not only simplifies the configuration process but also enhances the system's scalability. Technically, this is achieved by overriding the buildServiceSource and buildUpstreamService methods, which include checks for user-defined settings.

Usage Instructions

To enable and configure this new feature, users first need to provide the necessary custom service information in their OpenAI LLM provider settings. This typically involves filling in fields such as the custom service name, host address, and port number. The general steps are: 1. Locate the relevant LLM provider settings section in the Higress console or corresponding configuration file; 2. Enter the appropriate custom service details as prompted; 3. Save the changes. A typical use case might be a company wishing to use its own internally hosted OpenAI interface instead of the publicly available one. It is important to ensure that the provided custom service address is accurate and network-accessible.

Feature Value

This feature greatly enhances the adaptability of the Higress platform to different environments, especially for scenarios requiring high levels of customization. It not only improves the user experience—making the configuration process more intuitive and simple—but also promotes the overall stability and security of the system, as it now allows for the direct use of trusted internal resources. In the long run, such enhancements help build a more robust ecosystem, encouraging more innovative application development.

• Related PR: #591
  Contributor: @CH3CHO
  Change Log: Fixed the issue where required fields were not properly validated when enabling route rewriting, ensuring that both host and newPath.path must provide valid values when enabled.
  Feature Value: This fix improves the accuracy and robustness of system configurations, preventing functional anomalies due to incomplete configurations and enhancing the user experience.

• Related PR: #590
  Contributor: @CH3CHO
  Change Log: Fixed an error in the Route.customLabels processing logic, ensuring that built-in labels are correctly excluded during updates.
  Feature Value: Resolved the conflict between custom labels and built-in labels when updating Routes, improving the stability and user experience of the system.

• Related PR: #595
  Contributor: @CH3CHO
  Change Log: This PR updated the README.md file, removing non-project-level descriptions and adding code formatting guidelines.
  Feature Value: By cleaning up irrelevant information and providing formatting suggestions, it helps developers better understand the project documentation, promoting consistency and readability in code contributions.

• 🚀 New Features: 1
• 🐛 Bug Fixes: 2
• 📚 Documentation Updates: 1

Total: 4 changes (including 1 significant update)

Thank you to all contributors for your hard work! 🎉

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.8...v2.1.9-rc.1

This release includes 30 updates, covering various aspects such as feature enhancements, bug fixes, performance optimizations, and more.

• New Features: 13
• Bug Fixes: 7
• Refactoring and Optimization: 5
• Documentation Updates: 4
• Testing Improvements: 1

This release includes 2 major updates, which are highly recommended for your attention:

• feat: add rag mcp server (#2930): By introducing the RAG MCP server, this update provides a new way for users to manage and retrieve knowledge, enhancing the functionality and practicality of the system.
• refactor(mcp): use ECDS for golang filter configuration to avoid connection drain (#2931): Using ECDS for filter configuration avoids instability caused by directly embedding golang filter configurations, improving the system's stability and maintainability, and reducing unnecessary service interruptions for users.

For more details, please refer to the important features section below.

Below is a detailed description of the key features and improvements in this release:

Related PR: #2930 | Contributor: @2456868764

Use Case

In modern applications, knowledge management and retrieval have become increasingly important. Many systems require fast and accurate extraction and retrieval of information from large volumes of text data. RAG (Retrieval-Augmented Generation) technology combines retrieval and generation models to effectively enhance the efficiency and accuracy of knowledge management. This PR introduces a Model Context Protocol (MCP) server specifically for knowledge management and retrieval, meeting the needs of users for efficient information processing. The target user group includes enterprises and developers who need to handle large amounts of text data, especially in the fields of natural language processing (NLP) and machine learning.

Feature Details

This PR implements the RAG MCP server, adding multiple functional modules, including knowledge management, block management, search, and chat functions. The core features include:

1. Knowledge Management: Supports creating knowledge blocks from text.
2. Block Management: Provides functionalities for listing and deleting knowledge blocks.
3. Search: Supports keyword-based search.
4. Chat Function: Allows users to send chat messages and receive responses. Technically, the server uses several external libraries, such as github.com/dlclark/regexp2, github.com/milvus-io/milvus-sdk-go/v2, and github.com/pkoukk/tiktoken-go, which provide regular expression handling, vector database management, and text encoding functionalities. Key code changes include adding an HTTP client, configuration files, and multiple processing functions to ensure the flexibility and configurability of the system.

Usage Instructions

To enable and configure the RAG MCP server, follow these steps:

1. Enable the MCP server in the higress-config configuration file and set the corresponding path and configuration items.
2. Configure the basic parameters of the RAG system, such as splitter type, chunk size, and overlap.
3. Configure the LLM (Large Language Model) provider and its API key, model name, etc.
4. Configure the embedding model provider and its API key, model name, etc.
5. Configure the vector database provider and its connection information. Example configuration:

rag:
  splitter:
    type: "recursive"
    chunk_size: 500
    chunk_overlap: 50
  top_k: 5
  threshold: 0.5
llm:
  provider: "openai"
  api_key: "your-llm-api-key"
  model: "gpt-3.5-turbo"
embedding:
  provider: "openai"
  api_key: "your-embedding-api-key"
  model: "text-embedding-ada-002"
vectordb:
  provider: "milvus"
  host: "localhost"
  port: 19530
  collection: "test_collection"

Notes:

• Ensure all configuration items are correct, especially API keys and model names.
• In production environments, it is recommended to adjust parameters such as timeout appropriately to adapt to different network conditions.

Feature Value

The RAG MCP server provides a complete solution for knowledge management and retrieval, enhancing the intelligence and automation of the system. Specific benefits include:

1. Improved Efficiency: Through integrated knowledge management and retrieval functions, users can quickly process and retrieve large volumes of text data, saving time and resources.
2. Enhanced Accuracy: Combining RAG technology, the system can more accurately extract and retrieve information, reducing error rates.
3. Flexible Configuration: Provides rich configuration options, allowing users to flexibly adjust according to actual needs, meeting the requirements of different scenarios.
4. High Scalability: Supports multiple providers and models, making it easy for users to choose suitable components and technology stacks based on business needs.
5. Stability Improvement: Through detailed configuration validation and error handling mechanisms, the stability and robustness of the system are ensured.

Related PR: #2931 | Contributor: @johnlanni

Use Case

In the current implementation, Golang filter configurations are directly embedded in the HTTP_FILTER patch, which can lead to connection drain when configurations change. The main reason is the inconsistent sorting of Go maps in the map[string]any field, and the listener configuration changes triggered by HTTP_FILTER updates. This issue affects the stability and user experience of the system. The target user group is developers and operations personnel using Higress for service mesh management.

Feature Details

This PR splits the configuration into two parts: HTTP_FILTER only contains filter references with config_discovery, while EXTENSION_CONFIG contains the actual Golang filter configuration. This way, configuration changes do not directly cause connection drain. The specific implementation includes updating the constructMcpSessionStruct and constructMcpServerStruct methods to return formats compatible with EXTENSION_CONFIG and updating unit tests to match the new configuration structure. The core innovation lies in using the ECDS mechanism to separate configurations, making configuration changes smoother.

Usage Instructions

Enabling and configuring this feature does not require any additional operations as it is automatically handled in the background. A typical use case is when configuring Golang filters in Higress; the system will automatically split them into HTTP_FILTER and EXTENSION_CONFIG. Users only need to configure Golang filters as usual. Note that when upgrading to the new version, ensure all related configuration files are updated and thoroughly tested in the production environment to ensure that configuration changes do not introduce other issues.

Feature Value

By separating configurations and using ECDS, this feature eliminates the connection drain problem during configuration changes, significantly improving the system's stability and user experience. Additionally, this design makes configurations easier to manage and maintain, reducing potential issues caused by configuration changes. For large-scale service mesh deployments, this improvement is particularly important as it reduces service interruptions caused by configuration changes, thereby enhancing the overall reliability and availability of the system.

• Related PR: #2926
  Contributor: @rinfx
  Change Log: This PR adds support for multimodal, function calls, and thinking in vertex-ai, involving the introduction of a regular expression library and improvements to the processing logic.
  Feature Value: By adding new features, vertex-ai can better support application needs in complex scenarios, such as multimodal data processing and more flexible function call methods, enhancing the system's flexibility and practicality.

• Related PR: #2917
  Contributor: @Aias00
  Change Log: This PR adds support for Fireworks AI, expanding the functionality of the AI agent plugin, including the addition of necessary configuration files and test code.
  Feature Value: Adding support for Fireworks AI allows users to leverage the AI features provided by the platform, broadening the range of AI services that applications can integrate with, and enhancing the user experience.

• Related PR: #2907
  Contributor: @Aias00
  Change Log: This PR upgrades wasm-go to support outputSchema, involving dependency updates for jsonrpc-converter and oidc plugins.
  Feature Value: By supporting outputSchema, the functionality and flexibility of the wasm-go plugin are enhanced, making it easier for users to handle and define output data structures.

• Related PR: #2897
  Contributor: @rinfx
  Change Log: This PR adds multimodal support and thinking functionality to the ai-proxy bedrock, achieved by extending the relevant code in bedrock.go.
  Feature Value: The added multimodal and thinking support enriches the ai-proxy's feature set, enabling users to utilize more advanced AI technologies for complex scenarios, enhancing the system's flexibility and practicality.

• Related PR: #2891
  Contributor: @rinfx
  Change Log: This PR adds the ability to configure specific detection services for different consumers in the AI content security plugin, allowing users to customize request and response check rules according to their needs.
  Feature Value: By supporting independent detection services for different consumers, this feature enhances the system's flexibility and security, enabling users to control the content review process more precisely, thus meeting diverse security policy requirements.

• Related PR: #2883
  Contributor: @Aias00
  Change Log: This PR adds support for Meituan Longcat, including integration with the Longcat platform and related unit tests.
  Feature Value: Adding support for Meituan Longcat expands the plugin's functionality, allowing users to leverage more AI service providers' technologies, enhancing the flexibility and diversity of the application.

• Related PR: #2867
  Contributor: @Aias00
  Change Log: This PR adds support for Gzip configuration and updates the default settings. By adding gzip options in the Helm configuration file, users can customize compression parameters to optimize response performance.
  Feature Value: Adding support for Gzip configuration allows users to adjust the compression level of HTTP responses according to their needs, helping to reduce the amount of transmitted data, speed up page loading, and improve the user experience.

• Related PR: #2844
  Contributor: @Aias00
  Change Log: This PR enhances the consistent hashing algorithm for load balancing by supporting useSourceIp, modifying the relevant Go code files, and adding an example configuration file.
  Feature Value: The newly added useSourceIp option allows users to perform consistent hash load balancing based on source IP addresses, which helps to improve the stability and reliability of services under specific network conditions.

• Related PR: #2843
  Contributor: @erasernoob
  Change Log: This PR adds NVIDIA Triton server support to the AI agent plugin, including related configuration instructions and code implementation.
  Feature Value: Adding support for the Triton server expands the AI agent plugin's feature set, allowing users to leverage high-performance machine learning inference services.

• Related PR: #2806
  Contributor: @C-zhaozhou
  Change Log: This PR makes ai-security-guard compatible with the MultiModalGuard interface, adding support for multimodal APIs and updating the relevant documentation.
  Feature Value: By supporting multimodal APIs, the functionality of ai-security-guard is enhanced, enabling it to handle more complex content security scenarios, improving the user experience and security.

• Related PR: #2727
  Contributor: @Aias00
  Change Log: This PR adds end-to-end testing support for OpenAI, including test cases for non-streaming and streaming requests.
  Feature Value: The added end-to-end testing for OpenAI ensures the system remains stable and accurate when handling different types of requests, improving the user experience.

• Related PR: #2593
  Contributor: @Xscaperrr
  Change Log: Adds the WorkloadSelector field to limit the scope of EnvoyFilter, ensuring that it does not affect other components in the same namespace in an open-source istio environment.
  Feature Value: By limiting EnvoyFilter to only apply to the Higress Gateway, this feature prevents interference with other istio gateways/sidecars in the environment, enhancing the security and isolation of the configuration.

• Related PR: #2938
  Contributor: @wydream
  Change Log: This PR fixes the issue where prompt attack detection fails due to the lack of AttackLevel field support in MultiModalGuard mode, ensuring that all levels of attacks are correctly identified.
  Feature Value: By adding support for the AttackLevel field, the system's security is improved, preventing high-risk-level prompt attacks from going undetected, ensuring user experience and security.

• Related PR: #2904
  Contributor: @johnlanni
  Change Log: This PR fixes the issue where the original Authorization header might be overwritten when processing HTTP requests. By unconditionally saving and checking for non-empty before writing to the context, it ensures the accuracy and security of authentication information.
  Feature Value: This fix improves the system's security and stability, preventing potential authentication failures or security vulnerabilities due to lost authentication information, enhancing user experience and trust.

• Related PR: #2899
  Contributor: @Jing-ze
  Change Log: This PR optimizes the MCP server, including pre-parsing the host pattern to reduce runtime overhead and removing the unused DomainList field. It also fixes the SSE message format issue, particularly the handling of extra newline characters.
  Feature Value: By improving pattern matching efficiency and memory usage, as well as correcting errors in SSE messages, the user experience and service stability are enhanced, ensuring the correctness and integrity of data transmission.

• Related PR: #2892
  Contributor: @johnlanni
  Change Log: This PR corrects the JSON unmarshalling error when Claude API returns content in array format and removes redundant code structures, improving code quality and maintainability.
  Feature Value: This resolves the message parsing failure due to incorrect data types, enhancing the system's stability and user experience. For users using array as the content format, this fix ensures a smooth message processing flow.

• Related PR: #2882
  Contributor: @johnlanni
  Change Log: This PR addresses the SSE event chunking issue in Claude's streaming response conversion logic, improving protocol auto-conversion and tool invocation state tracking.
  Feature Value: It enhances the bidirectional conversion reliability between Claude and OpenAI-compatible providers, avoiding connection blocking, and enhancing the user experience.

• Related PR: #2865
  Contributor: @Thomas-Eliot
  Change Log: This PR solves the issue where SSE connections would be blocked when SSE events were split into multiple chunks. By adding a caching mechanism in the proxy mcp server scenario, it ensures the continuity of data stream processing.
  Feature Value: This fix resolves the potential issue of SSE connection interruption, enhancing the system's stability and user experience. Users will no longer encounter incomplete data reception due to network conditions or server response methods.

• Related PR: #2859
  Contributor: @lcfang
  Change Log: This PR solves the issue of route configuration failure when the registered service instance ports are inconsistent by adding a vport element in the mcpbridge. The main changes include updating the CRD definition, protobuf files, and related generated code.
  Feature Value: This feature ensures that even if the backend instance ports change, the service route configuration remains valid, thereby improving the system's stability and compatibility, providing a more reliable service experience for users.

• Related PR: #2933
  Contributor: @rinfx
  Change Log: This PR removes duplicate think tags in bedrock and vertex, reducing redundant code and improving code readability and maintainability.
  Feature Value: By removing unnecessary duplicate code, the overall quality and development efficiency of the project are improved, making the code structure clearer and easier to maintain and extend.

• Related PR: #2927
  Contributor: @rinfx
  Change Log: This PR modifies the API name extraction logic in the ai-statistics plugin, adjusting the check condition from a fixed length of 5 to at least 3 parts to enhance flexibility and compatibility.
  Feature Value: By relaxing the restriction on API string splitting, the system's support for different format API strings is enhanced, improving the system's adaptability and stability.

• Related PR: #2922
  Contributor: @daixijun
  Change Log: This PR upgrades the Higress SDK package reference in the project from github.com/alibaba/higress to github.com/alibaba/higress/v2 to be compatible with the latest version.
  Feature Value: By updating the package name, the project can introduce and use the latest features and improvements of Higress, enhancing development efficiency and code quality.

• Related PR: #2890
  Contributor: @johnlanni
  Change Log: This PR refactors the matchDomain function, introduces the HostMatcher struct and matching types, replaces regular expressions with simple string operations to improve performance, and implements port stripping logic.
  Feature Value: By optimizing the host matching logic, the system performance and code maintainability are improved, making the handling of host headers with port numbers more accurate and efficient, enhancing the user experience.

• Related PR: #2915
  Contributor: @a6d9a6m
  Change Log: This PR fixes a broken link in README_JP.md and adds missing parts in README.md, making the multilingual documentation more consistent.
  Feature Value: This improves the accuracy and consistency of the documentation, helping users find relevant information more easily, enhancing the user experience.

• Related PR: #2912
  Contributor: @hanxiantao
  Change Log: This PR optimizes the English and Chinese documentation for the hmac-auth-apisix plugin, adding more detailed configuration explanations, and improving the clarity of the documentation.
  Feature Value: By providing more detailed documentation, it helps developers better understand and use the hmac-auth-apisix plugin, improving the user experience.

• Related PR: #2880
  Contributor: @a6d9a6m
  Change Log: This PR fixes grammatical errors in README.md, README_JP.md, and README_ZH.md files, ensuring the correctness and consistency of the documentation.
  Feature Value: By correcting language errors in the documentation, the quality and readability of the documentation are improved, helping users better understand project information.

• Related PR: #2873
  Contributor: @CH3CHO
  Change Log: This PR adds methods to obtain Higress runtime logs and configurations in the non-crash-safe vulnerability issue template, helping to better investigate problems.
  Feature Value: By providing more detailed log and configuration information, users can more easily diagnose and resolve issues, improving the efficiency and accuracy of problem handling.

• Related PR: #2928
  Contributor: @rinfx
  Change Log: This PR updates the test code for the ai-security-guard component, adding new test cases and adjusting some existing test logic.
  Feature Value: By improving the test coverage and accuracy of ai-security-guard, the stability and reliability of the entire project are enhanced, helping developers better understand and maintain related features.

• 🚀 New Features: 13
• 🐛 Bug Fixes: 7
• ♻️ Refactoring and Optimization: 5
• 📚 Documentation Updates: 4
• 🧪 Testing Improvements: 1

Total: 30 changes (including 2 major updates)

Thank you to all contributors for your hard work! 🎉

This release includes 4 updates, covering aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 1 item
• Bug Fixes: 2 items
• Documentation Updates: 1 item

This release contains 1 significant update, which is recommended for special attention:

• feat: Support using a known service in OpenAI LLM provider (#589): This feature allows users to utilize existing service resources within the OpenAI LLM provider, thereby enhancing the flexibility and usability of the system, offering more options to users.

For more details, please refer to the "Important Features in Detail" section below.

Here are detailed explanations of the important features and improvements in this release:

Related PR: #589 | Contributor: @CH3CHO

Usage Background

In many application scenarios, developers may wish to use their own custom OpenAI service instance instead of the default one. This could be due to specific security requirements, performance optimizations, or infrastructure constraints. This PR meets these needs by introducing support for known services. The target user group includes enterprise-level users and technical experts who require highly customized configurations. This feature addresses the issue of users not being able to flexibly choose and configure OpenAI services, improving the adaptability and user experience of the system.

Feature Details

This PR mainly implements the following:

1. Allows users to specify a custom service when configuring the OpenAI LLM provider.
2. Modifies the OpenaiLlmProviderHandler class, adding the buildServiceSource and buildUpstreamService methods to handle the logic for custom services.
3. Adds a delete method with an internal parameter to the WasmPluginInstanceService interface, supporting finer-grained control.
4. Updates the frontend internationalization resource files, adding prompts related to custom services. The key technical point lies in extending the existing architecture so that the system can recognize and use user-provided custom services while maintaining backward compatibility.

Usage Instructions

Enabling and configuring this feature is straightforward. First, when creating or updating an LLM provider, select the "Custom OpenAI Service" option and enter the corresponding service host and service path. Then, the system will automatically use these custom configurations to connect to the OpenAI service. Typical use cases include internally deployed OpenAI service instances within enterprises or environments requiring specific security policies. It's important to ensure that the entered URL is valid and that the service host and service path are correct. Best practice involves thorough testing to ensure that the custom configuration works as expected.

Feature Value

This new feature significantly enhances the flexibility and configurability of the system, allowing users to choose the most suitable OpenAI service based on their needs. For enterprise-level users who require high levels of customization, this flexibility is particularly crucial. Additionally, by supporting custom services, the system can better integrate into existing infrastructures, improving overall stability and performance. This is of great significance for maintaining and scaling large application systems. Overall, this feature not only enhances the user experience but also brings higher scalability and reliability to the system.

• Related PR: #591
  Contributor: @CH3CHO
  Change Log: This PR fixes the issue where mandatory fields were not properly validated when enabling route rewrite configuration, ensuring that both host and newPath.path must provide valid values to avoid configuration errors.
  Feature Value: By correcting the validation logic for route rewrites, it prevents potential errors caused by incomplete configurations, enhancing the system's stability and user experience.

• Related PR: #590
  Contributor: @CH3CHO
  Change Log: Fixed an error in the Route.customLabels handling logic, ensuring that built-in labels are correctly excluded during updates.
  Feature Value: Resolved the conflict between custom labels and built-in labels, ensuring flexibility and accuracy for users when updating route settings.

• Related PR: #595
  Contributor: @CH3CHO
  Change Log: Removed irrelevant descriptions from README.md and added a code formatting guide, making the documentation more focused on the project itself.
  Feature Value: By updating README.md, users can more clearly understand the project structure and code formatting requirements, helping new contributors get up to speed quickly.

• 🚀 New Features: 1 item
• 🐛 Bug Fixes: 2 items
• 📚 Documentation Updates: 1 item

Total: 4 changes (including 1 significant update)

Thank you to all contributors for their hard work! 🎉

• @a6d9a6m made their first contribution in https://github.com/alibaba/higress/pull/2880
• @C-zhaozhou made their first contribution in https://github.com/alibaba/higress/pull/2806
• @Xscaperrr made their first contribution in https://github.com/alibaba/higress/pull/2593

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.7...v2.1.8

• Add release notes by @github-actions[bot] in https://github.com/alibaba/higress/pull/2693
• Fix the issue where AI route fallback does not work when using Bedrock. by @johnlanni in https://github.com/alibaba/higress/pull/2653
• feat: Rust WASM supports Redis database configuration option by @hanxiantao in https://github.com/alibaba/higress/pull/2704
• fix(wasm-go): transformer performs an add op when the replace key does not exist by @WeixinX in https://github.com/alibaba/higress/pull/2706
• AI security streaming by @rinfx in https://github.com/alibaba/higress/pull/2696
• feat(ai-proxy): gemini model thinking support by @SCMRCORE in https://github.com/alibaba/higress/pull/2712
• Deprecate the use of slash as a concatenation character for mcp server and tool, to avoid non-compliance with function naming conventions. by @johnlanni in https://github.com/alibaba/higress/pull/2711
• feat(provider): add support for Grok provider in AI proxy by @Aias00 in https://github.com/alibaba/higress/pull/2713
• feat(wasm-go): add field reroute to disable route reselection by @WeixinX in https://github.com/alibaba/higress/pull/2739
• add value length limit for ai statistics, truncate when over limit by @rinfx in https://github.com/alibaba/higress/pull/2729
• feat: improve ai statistic plugin by @Aias00 in https://github.com/alibaba/higress/pull/2671
• chore: Update some log levels in ai-statistics by @CH3CHO in https://github.com/alibaba/higress/pull/2740
• feat(ai-proxy): gemini model multimodal support by @erasernoob in https://github.com/alibaba/higress/pull/2698
• fix(ip-restriction): fix bug of set ip_source_type by @Jing-ze in https://github.com/alibaba/higress/pull/2743
• Fix typos by @co63oc in https://github.com/alibaba/higress/pull/2628
• fix(golang-filter): fix bug of stop and buffer in decode data by @Jing-ze in https://github.com/alibaba/higress/pull/2754
• fix(golang-filter): fix mcp server contruct envoy filter unit test by @Jing-ze in https://github.com/alibaba/higress/pull/2757
• fix: Allow duplicated items in the IP list of ip-restriction config by @CH3CHO in https://github.com/alibaba/higress/pull/2755
• feat(transformer): Add split and retain strategy for dedupe by @johnlanni in https://github.com/alibaba/higress/pull/2761
• feat: Support adding a proxy server in between when forwarding requests to upstream by @CH3CHO in https://github.com/alibaba/higress/pull/2710
• fix: Fix the malfunction of match_service rules in C++ Wasm plugins by @CH3CHO in https://github.com/alibaba/higress/pull/2723
• fix: Fix bugs in the bedrock model name escaping logic by @CH3CHO in https://github.com/alibaba/higress/pull/2663
• update ai-prompt-decorator to new plugin wrapper api by @StarryVae in https://github.com/alibaba/higress/pull/2777
• fix(ai-proxy): Do not change the configured components of Azure URL by @CH3CHO in https://github.com/alibaba/higress/pull/2782
• chore: Restructure the path-to-api-name mapping logic in ai-proxy by @CH3CHO in https://github.com/alibaba/higress/pull/2773
• fix: Remove "accept-encoding" header for mcp-sse upstreams by @CH3CHO in https://github.com/alibaba/higress/pull/2786
• feat(mcp-server): update the dependency github.com/higress-group/wasm-go to support MCP response images by @zat366 in https://github.com/alibaba/higress/pull/2788
• Update CRD file in the helm folder by @github-actions[bot] in https://github.com/alibaba/higress/pull/2769
• feat(ai-proxy): bedrock support tool use by @rinfx in https://github.com/alibaba/higress/pull/2730
• fix RegisteTickFunc by @co63oc in https://github.com/alibaba/higress/pull/2787
• chore: fix typos by @co63oc in https://github.com/alibaba/higress/pull/2770
• fix(wasm-go-build): correct the build command by @erasernoob in https://github.com/alibaba/higress/pull/2799
• feat(ai-proxy): add anthropic/v1/messages and openai/v1/models support for DeepSeek by @daixijun in https://github.com/alibaba/higress/pull/2808
• feat(ai-proxy): add auto protocol compatibility for OpenAI and Claude APIs by @johnlanni in https://github.com/alibaba/higress/pull/2810
• chore: fix typos by @Asnowww in https://github.com/alibaba/higress/pull/2816
• feat(wasm-plugin): add hmac-auth-apisix plugin by @hanxiantao in https://github.com/alibaba/higress/pull/2815
• feat(ai-proxy): add OpenRouter provider support by @johnlanni in https://github.com/alibaba/higress/pull/2823
• feat(wasm-plugin): add jsonrpc-converter plugin by @johnlanni in https://github.com/alibaba/higress/pull/2805
• feat(wasm-go): add wasm go plugin unit test and ci workflow by @Jing-ze in https://github.com/alibaba/higress/pull/2809
• feat: add MCP SSE stateful session load balancer support by @johnlanni in https://github.com/alibaba/higress/pull/2818
• feat(wasm-plugin): add tests and docs for hmac-auth-apisix by @hanxiantao in https://github.com/alibaba/higress/pull/2842
• Add security schema for nacos mcp by @Erica177 in https://github.com/alibaba/higress/pull/2847

• @SCMRCORE made their first contribution in https://github.com/alibaba/higress/pull/2712
• @zat366 made their first contribution in https://github.com/alibaba/higress/pull/2788
• @Asnowww made their first contribution in https://github.com/alibaba/higress/pull/2816

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.6...v2.1.7

This release includes 33 updates, covering various aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 14 items
• Bug Fixes: 5 items
• Refactoring and Optimization: 8 items
• Documentation Updates: 5 items
• Testing Improvements: 1 item

• Related PR: #2679 Contributor: erasernoob Change Log: This PR adds support for external FQDNs by introducing a new configuration option in the mirror annotation and updating the relevant test cases to ensure the correctness of the new feature. Feature Value: Users can now use external services as mirror targets, enhancing the system's flexibility and scalability, allowing for a wider range of service integration scenarios.

• Related PR: #2667 Contributor: hanxiantao Change Log: This PR adds the functionality to set global route rate limit thresholds for the AI Token rate limiting plugin and improves the base logic and log prompts for the cluster-key-rate-limit and ai-token-ratelimit plugins. Feature Value: The new feature allows users to more flexibly control traffic by setting global rate limit thresholds to prevent overload, improving system stability and availability, and optimizing the user experience.

• Related PR: #2652 Contributor: OxalisCu Change Log: This PR adds support for first-byte timeout for LLM streaming requests in the AI proxy plugin by introducing the firstByteTimeout parameter in the configuration. Feature Value: This feature enhances the system's ability to handle long non-responsive LLM services, improving user experience and system stability.

• Related PR: #2650 Contributor: zhangjingcn Change Log: This PR implements the functionality to fetch ErrorResponseTemplate configurations from the Nacos MCP registry by modifying the mcp_model.go and watcher.go files. Feature Value: This feature makes it easier for users using the MCP registry to obtain error response templates, thereby enhancing the system's flexibility and maintainability.

• Related PR: #2649 Contributor: CH3CHO Change Log: This PR introduces support for different formats of Azure OpenAI URLs, including three new URL configuration methods, and ensures that the api-version parameter is always required. Feature Value: This enhancement increases the system's flexibility and compatibility, making it easier for users to configure connections with Azure OpenAI services, supporting more use cases.

• Related PR: #2648 Contributor: daixijun Change Log: This PR adds support for the /v1/messages interface of the Anthropic provider in the qwen Provider by introducing new dependencies and modifying related code logic in the qwen.go file. Feature Value: The new feature expands the capabilities of the qwen Provider, allowing users to process messages using the Anthropic API, enhancing the system's flexibility and applicability.

• Related PR: #2639 Contributor: johnlanni Change Log: This PR optimizes the request processing flow by disabling route redirection in specific plugins. The main changes involve multiple WASM plugin-related files to ensure that plugins that do not need re-matching do not trigger additional routing logic. Feature Value: For users using these plugins, this feature can improve API gateway performance, reduce unnecessary resource consumption, and speed up response times, thereby enhancing overall system efficiency.

• Related PR: #2585 Contributor: akolotov Change Log: This PR adds a configuration file for the Blockscout MCP server, including detailed YAML configuration and corresponding README documentation. Feature Value: By integrating the Blockscout MCP server, users can more easily monitor and analyze EVM-compatible blockchain networks, enhancing system observability and user experience.

• Related PR: #2551 Contributor: daixijun Change Log: This PR adds support for the Anthropic and Gemini APIs, including the anthropic/v1/messages, anthropic/v1/complete, and gemini/v1beta/generatecontent interfaces. Feature Value: By supporting more AI service provider APIs, users can more flexibly choose and integrate different AI functionalities, thereby expanding application capabilities and enhancing user experience.

• Related PR: #2542 Contributor: daixijun Change Log: This PR adds a token usage statistics feature for the images, audio, and responses interfaces, and defines UnifySSEChunk and GetTokenUsage as public utility functions to reduce code duplication. Feature Value: This new feature allows users to better monitor and manage API token usage, especially for multimedia file processing-related interfaces, enhancing system observability and cost control capabilities.

• Related PR: #2537 Contributor: wydream Change Log: This PR adds text re-ranking support for the Qwen model, introducing a new API endpoint qwen/v1/rerank and making corresponding updates in the provider.go and qwen.go files. Feature Value: By introducing the Qwen text re-ranking feature, users can now use this new feature for more efficient information retrieval and sorting, enhancing the application's data processing capabilities.

• Related PR: #2535 Contributor: wydream Change Log: This PR introduces the basePath and basePathHandling options, allowing flexible handling of request paths. By setting the removePrefix or prepend mode, the behavior of the base path can be controlled to adapt to different routing needs. Feature Value: This new feature enables the API gateway to better handle URLs with prefixes, simplifying the backend service's path handling logic and enhancing the flexibility of service configuration and user experience.

• Related PR: #2517 Contributor: cr7258 Change Log: This PR re-implements the Higress API MCP server using golang-filter, adding features such as route management, service discovery, and plugin resource management. Feature Value: The new feature provides a more flexible way to manage Higress resources, allowing users to more easily manage routes and service origins, enhancing system maintainability and scalability.

• Related PR: #2499 Contributor: heimanba Change Log: This PR adds the useManifestAsEntry configuration option, updates the GrayConfig struct, and modifies the related processing logic and documentation. The main changes include adding the UseManifestAsEntry field in GrayConfig, updating the HTML response handling logic, and updating the README. Feature Value: This feature allows users to control whether the homepage request is cached through the useManifestAsEntry configuration, enhancing the flexibility during gray releases and ensuring that the homepage request is not cached as expected in specific scenarios, thereby ensuring the effectiveness of the gray release strategy.

• Related PR: #2687 Contributor: Thomas-Eliot Change Log: This PR fixes an SQL error encountered when using the mcp client tool's describeTable function by introducing the strings library. Feature Value: This fix ensures that users can correctly obtain table structure information, enhancing the stability and reliability of the tool during the migration from Postgres to the MCP Server.

• Related PR: #2662 Contributor: johnlanni Change Log: This PR fixes a memory leak issue in proxy-wasm-cpp-host and a 404 error caused by port mapping mismatches when PPV2 is enabled, by updating the relevant configurations and optimizing the lookup logic. Feature Value: This resolution addresses resource wastage and service interruption risks due to memory leaks, enhancing system stability and performance; it also ensures correct routing in complex network environments, improving the user experience.

• Related PR: #2656 Contributor: co63oc Change Log: This PR corrects spelling errors in multiple files, including variable names, function names, interface method names, and documentation, improving code readability and consistency. Feature Value: By fixing these spelling errors, the code quality and user experience are improved, reducing potential logical errors and runtime exceptions, ensuring system stability and reliability.

• Related PR: #2623 Contributor: Guo-Chenxu Change Log: This PR fixes issues that may occur when handling special character translations, ensuring that version release notes do not cause JSON format errors due to special characters. Feature Value: By resolving special character translation issues, the system stability and user experience are improved, ensuring the accuracy and readability of the version release notes.

• Related PR: #2507 Contributor: hongzhouzi Change Log: This PR corrects an error that occurs when compiling golang-filter.so on arm64 architecture machines, ensuring the correct installation of the corresponding architecture toolchain. Feature Value: This solution addresses compilation issues on specific architectures, ensuring cross-platform compatibility, and enhancing user experience and development efficiency.

• Related PR: #2688 Contributor: johnlanni Change Log: This PR updates the OSS upload tool in the CI/CD workflow and upgrades the version number from v2.1.5 to v2.1.6, with minor adjustments to the Makefile. Feature Value: By updating the tools and version numbers in the CI/CD process, the project's maintainability and consistency are improved, ensuring that users can access the latest stable versions.

• Related PR: #2673 Contributor: johnlanni Change Log: This PR improves the findEndpointUrl function to handle multiple SSE messages, supporting continued processing of subsequent messages even when non-endpoint events are encountered. Feature Value: This enhancement increases the robustness and flexibility of the MCP endpoint parser, ensuring that endpoint information can be correctly parsed even after receiving other types of messages, enhancing system stability and user experience.

• Related PR: #2661 Contributor: johnlanni Change Log: This PR adjusts the DNS service domain name validation regular expression, relaxing the domain format restrictions. Feature Value: By relaxing the domain validation rules, the system's flexibility and compatibility are increased, allowing a wider variety of domain names to be accepted, providing users with a broader range of use cases.

• Related PR: #2615 Contributor: johnlanni Change Log: This PR removes some unnecessary variables and configurations in the build process of wasm-go-related plugins, simplifying the Dockerfile, Makefile, and related extension files. Feature Value: By cleaning up redundant code, the project remains tidy, making maintenance easier and reducing potential error sources. For users, this helps to improve system stability and maintainability.

• Related PR: #2600 Contributor: johnlanni Change Log: This PR updates the Go version in the wasm-go build image to 1.24.4 and removes some comments and outdated information from the DockerfileBuilder. Feature Value: By upgrading the Go version, the security and stability of the build process are improved, ensuring developers can use the latest features and technical improvements.

• Related PR: #2598 Contributor: johnlanni Change Log: This PR updates the Go version in the wasm-go builder image to 1.24.4 and removes descriptions of support for specific architectures from the Dockerfile. Feature Value: By upgrading the Go version and simplifying the Dockerfile content, the consistency and stability of the build environment are enhanced, indirectly promoting the performance and compatibility of WASM plugins developed using this builder.

• Related PR: #2564 Contributor: rinfx Change Log: This PR optimizes the location of the request count logic to ensure correct handling even in exceptional cases; it also improves the Redis Lua script logic, including fixing string comparison issues and configuration parameter judgment errors. Feature Value: By moving the minimum request count -1 logic to streamdone and fixing type conversion and logical errors in the Lua script, the system's stability and accuracy are improved, reducing potential runtime errors.

• Related PR: #2532 Contributor: erasernoob Change Log: This PR migrates the WASM Go plugins to the new SDK and Go 1.24, updating the CI/CD configuration files and other related code to ensure compatibility and correct builds. Feature Value: By upgrading the Go version and SDK, the performance and stability of the plugins are improved, laying the foundation for future feature development and reducing potential compile-time and runtime errors.

• Related PR: #2675 Contributor: Aias00 Change Log: This PR fixes four invalid links in the documentation files, ensuring that users can access the correct external resources. Feature Value: By fixing broken links, the accuracy and usability of the documentation are improved, allowing developers to more smoothly obtain the necessary information, thereby enhancing the user experience.

• Related PR: #2668 Contributor: Aias00 Change Log: This PR updates the README file for the Rust Wasm plugin development framework, providing detailed development guidelines, including environment requirements, build steps, and testing methods. Feature Value: This update greatly improves the project's maintainability and ease of use, enabling new developers to quickly get started and understand how to develop Wasm plugins using Rust.

• Related PR: #2647 Contributor: Guo-Chenxu Change Log: This PR adds a new contributors list and a complete changelog, and adds a forced line break function in markdown to improve the organization and readability of the documentation. Feature Value: By adding a new contributors list and a complete changelog, the transparency of the project and recognition of community members are enhanced; the documentation format is also optimized, making the information more clearly and easily readable.

• Related PR: #2635 Contributor: github-actions[bot] Change Log: This PR adds release notes in both Chinese and English for version 2.1.5, summarizing 41 updates, covering new features, bug fixes, and performance optimizations. Feature Value: By providing detailed release notes, users can understand the specific content and improvements of the version update, enhancing the user experience and system transparency.

• Related PR: #2586 Contributor: erasernoob Change Log: This PR updates the README files related to the wasm-go plugins, removing TinyGo-related configurations and upgrading the Go version requirement from 1.18 to 1.24 to support wasm build features. Feature Value: By updating the documentation, users can obtain the latest compilation environment requirements, avoiding compilation failures due to outdated tool versions, thereby improving development efficiency and experience.

• Related PR: #2596 Contributor: Guo-Chenxu Change Log: This PR introduces a new GitHub Action workflow to automatically generate and submit release notes when a new version is released. By setting the necessary secrets, the security and reliability of the automation process are ensured. Feature Value: This feature greatly simplifies the version release process, reducing the manual work of writing and submitting release notes, improving the team's efficiency, and ensuring the consistency and accuracy of the documentation.

• 🚀 New Features: 14 items
• 🐛 Bug Fixes: 5 items
• ♻️ Refactoring and Optimization: 8 items
• 📚 Documentation Updates: 5 items
• 🧪 Testing Improvements: 1 item

Total: 33 changes

Thank you to all the contributors for their hard work! 🎉

This release includes 12 updates, covering feature enhancements, bug fixes, and performance optimizations.

• New Features: 6 items
• Bug Fixes: 5 items
• Refactoring and Optimization: 1 item

• Related PR: #562 Contributor: CH3CHO Change Log: This PR implements the functionality to configure multiple routes within a single route or AI route by modifying the backend services and frontend components. Feature Value: It allows users to configure multiple routes under one route or AI route, simplifying route management in complex scenarios, improving flexibility and user experience.

• Related PR: #560 Contributor: Erica177 Change Log: Added JSON Schema for multiple plugins, including AI agent, caching, data masking, history, and intent recognition, defining detailed configuration properties. Feature Value: By introducing JSON Schema, it enhances the plugin configuration management capability, allowing users to intuitively understand and set plugin parameters, improving the accuracy and ease of use of configurations.

• Related PR: #555 Contributor: hongzhouzi Change Log: Added execution, list display, table, and tool configuration features for DB MCP Server, ensuring that the configurations displayed in the console are consistent with those in higress-gateway. Feature Value: Users can now view and manage detailed configuration information of the DB MCP Server through the console, enhancing system maintainability and consistency.

• Related PR: #550 Contributor: CH3CHO Change Log: This PR updated the AI routing configuration logic to ensure correct synchronization of routing configurations when updating specific types of LLM providers. Feature Value: With this feature update, users can more accurately manage their AI service routing configurations, especially after changing LLM provider types, ensuring consistency and availability of service names.

• Related PR: #547 Contributor: CH3CHO Change Log: Enhanced user control over configuration changes by introducing undo/redo functionality on the system configuration page, mainly modifying the CodeEditor component and related page logic. Feature Value: The new undo/redo feature allows users to easily roll back or restore configuration changes, improving user experience and reducing the risk of errors.

• Related PR: #543 Contributor: erasernoob Change Log: This PR upgraded the plugin version from 1.0.0 to 2.0.0, involving updates to the plugins.properties file. Feature Value: Upgrading the plugin version to 2.0.0 enables users to enjoy performance improvements and enhanced features, improving overall system stability and user experience.

• Related PR: #559 Contributor: KarlManong Change Log: This PR corrected the line endings format in project files, ensuring all non-binary and cmd files end with LF, improving code consistency and cross-platform compatibility. Feature Value: Standardizing line endings to LF helps avoid issues caused by different operating systems, enhancing project maintainability and user experience.

• Related PR: #554 Contributor: CH3CHO Change Log: Fixed two UI issues in the LLM provider management module: 1. Missing scheme for Google Vertex service endpoint; 2. Ensured form state is reset after canceling the addition of a new provider. Feature Value: Fixing these UI issues improves the user experience when managing LLM providers, reducing operational errors due to interface problems and enhancing system usability and stability.

• Related PR: #549 Contributor: CH3CHO Change Log: This PR ensures that the latest plugin configuration is always loaded when opening the configuration edit drawer, achieved by updating a few lines of code in specific files. Feature Value: It fixed the issue of potentially displaying outdated plugin configurations, ensuring that users see the latest settings each time they view or edit, improving user experience consistency and accuracy.

• Related PR: #548 Contributor: CH3CHO Change Log: This PR fixed the issue of leading and trailing spaces in the Wasm image URL before submission, ensuring the URL format is correct by removing extra spaces. Feature Value: This fix improves system robustness and user input fault tolerance, ensuring successful submission even if users accidentally add spaces to the URL.

• Related PR: #544 Contributor: CH3CHO Change Log: Fixed the incorrect error message displayed when enabling authentication but not selecting a consumer, by updating translation files and adjusting component code to ensure accurate error messages. Feature Value: It improves the accuracy of information in the user interface, avoiding confusion caused by misleading error messages, enhancing user experience.

• Related PR: #551 Contributor: JayLi52 Change Log: Removed the disabled state for host and port fields in database configuration, changed the default API gateway URL from https to http, and updated the API gateway URL display logic in the MCP details page. Feature Value: These changes improve system flexibility, allowing users to customize database connection information and ensure consistency and compatibility by simplifying the URL protocol.

• 🚀 New Features: 6 items
• 🐛 Bug Fixes: 5 items
• ♻️ Refactoring and Optimization: 1 item

Total: 12 changes

Thank you to all contributors for your hard work! 🎉

• @akolotov made their first contribution in https://github.com/alibaba/higress/pull/2585
• @Guo-Chenxu made their first contribution in https://github.com/alibaba/higress/pull/2596
• @OxalisCu made their first contribution in https://github.com/alibaba/higress/pull/2652
• @zhangjingcn made their first contribution in https://github.com/alibaba/higress/pull/2650
• @Thomas-Eliot made their first contribution in https://github.com/alibaba/higress/pull/2687
• @Aias00 made their first contribution in https://github.com/alibaba/higress/pull/2675

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.5...v2.1.6

• feat: Plugin server supports k8s deployment and configures the default download URL of the plugin(#2232, #2280,#2312) by @NorthernBob in https://github.com/alibaba/higress/pull/2389
• fix: change auto generate se namespace to mcp by @Erica177 in https://github.com/alibaba/higress/pull/2398
• fix(ai-proxy): fix bedrock Sigv4 mismatch by @HecarimV in https://github.com/alibaba/higress/pull/2402
• fix: fix const McpStreamableProtocol spell mistake by @Erica177 in https://github.com/alibaba/higress/pull/2405
• feat(ai-proxy): Adjust the streaming response structure to keep it consistent with the openai by @daixijun in https://github.com/alibaba/higress/pull/2391
• add mcp-server doc by @hourmoneys in https://github.com/alibaba/higress/pull/2327
• opt: unify the end-of-line markers in the MCP session filter. by @johnlanni in https://github.com/alibaba/higress/pull/2403
• fix(ai-proxy): fix gemini provider missing finishReason by @daixijun in https://github.com/alibaba/higress/pull/2408
• docs: fix broken link in mcp-servers README_zh.md by @xuruidong in https://github.com/alibaba/higress/pull/2418
• feat: support for wanxiang image/video generation in ai-proxy & ai-statistics by @mirror58229 in https://github.com/alibaba/higress/pull/2378
• feat: Add AI-based bidding information tool MCP service by @hourmoneys in https://github.com/alibaba/higress/pull/2343
• fix: When configuring an MCP server for SSE forwarding, the controller may crash by @johnlanni in https://github.com/alibaba/higress/pull/2423
• feat: add default route support for wanx image&video synthesis by @mirror58229 in https://github.com/alibaba/higress/pull/2431
• feat(ai-proxy): add support for OpenAI Fine-Tuning API by @wydream in https://github.com/alibaba/higress/pull/2424
• add release-notes of 2.1.4 by @johnlanni in https://github.com/alibaba/higress/pull/2433
• feat: add mcp-router plugin by @johnlanni in https://github.com/alibaba/higress/pull/2409
• update envoy and istio by @johnlanni in https://github.com/alibaba/higress/pull/2440
• release 2.1.5-rc.1 by @johnlanni in https://github.com/alibaba/higress/pull/2446
• fix: The mcp to rest capability of the mcp server supports returning status without returning a body from the backend, and instead responds via sse by @johnlanni in https://github.com/alibaba/higress/pull/2445
• refactor: mcp server depends on the latest wasm-go repository by @johnlanni in https://github.com/alibaba/higress/pull/2458
• fix too much logs when nacos is not avaiable by @luoxiner in https://github.com/alibaba/higress/pull/2469
• feat(mcp/sse): support passthourgh the query parameter in sse server to the rest api server by @erasernoob in https://github.com/alibaba/higress/pull/2460
• Feat: Ai data masking msg window support reasoning_content in response and n in request by @007gzs in https://github.com/alibaba/higress/pull/2404
• feat: add investoday MCP Server by @kenneth-bro in https://github.com/alibaba/higress/pull/2450
• fix(ai-proxy): Unify the naming convention & fix api name mapping by @wydream in https://github.com/alibaba/higress/pull/2441
• fix: add missing controller sa annotation. by @Colstuwjx in https://github.com/alibaba/higress/pull/2443
• fix(ai-proxy): fix openai provider customPath compatibility by @daixijun in https://github.com/alibaba/higress/pull/2475
• feat: mcp server support error template response by @johnlanni in https://github.com/alibaba/higress/pull/2485
• add trace_span_key & as_seperate_log_field configuration for ai-statistics by @rinfx in https://github.com/alibaba/higress/pull/2488
• Implement AI-image-reader plugin by @kai2321 in https://github.com/alibaba/higress/pull/1925
• Fix the incorrect behavior of decoding when constructing and sending requests if the path in the configured URL contains URL-encoded parts. by @johnlanni in https://github.com/alibaba/higress/pull/2497
• fix(ai-proxy): bedrock support additional request fields by @HecarimV in https://github.com/alibaba/higress/pull/2480
• feat(ai-proxy): add responses support for doubao by @daixijun in https://github.com/alibaba/higress/pull/2509
• fix(ai-proxy): add system message handling for Bedrock requests by @HecarimV in https://github.com/alibaba/higress/pull/2516
• fix: Fix an incorrect config property name in the README of ai-proxy plugin by @CH3CHO in https://github.com/alibaba/higress/pull/2503
• feat: advanced load balance policys for LLM service through wasm plugin by @rinfx in https://github.com/alibaba/higress/pull/2531
• fix(ai-proxy): restrict the stream_options parameter to be effective only in the openai/v1/chatcompletions by @daixijun in https://github.com/alibaba/higress/pull/2524
• feat(helm): comment tracing.skywalking by @daixijun in https://github.com/alibaba/higress/pull/2514
• feat: ai-proxy support config subPath field by @johnlanni in https://github.com/alibaba/higress/pull/2533
• feat: add DB MCP Server execute, list tables, describe table tools by @hongzhouzi in https://github.com/alibaba/higress/pull/2506
• Release 2.1.5 by @johnlanni in https://github.com/alibaba/higress/pull/2536

• @NorthernBob made their first contribution in https://github.com/alibaba/higress/pull/2389
• @xuruidong made their first contribution in https://github.com/alibaba/higress/pull/2418
• @wydream made their first contribution in https://github.com/alibaba/higress/pull/2424
• @erasernoob made their first contribution in https://github.com/alibaba/higress/pull/2460
• @kenneth-bro made their first contribution in https://github.com/alibaba/higress/pull/2450
• @hongzhouzi made their first contribution in https://github.com/alibaba/higress/pull/2506

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.4...v2.1.5

• feat: Plugin server supports k8s deployment and configures the default download URL of the plugin(#2232, #2280,#2312) by @NorthernBob in https://github.com/alibaba/higress/pull/2389
• fix: change auto generate se namespace to mcp by @Erica177 in https://github.com/alibaba/higress/pull/2398
• fix(ai-proxy): fix bedrock Sigv4 mismatch by @HecarimV in https://github.com/alibaba/higress/pull/2402
• fix: fix const McpStreamableProtocol spell mistake by @Erica177 in https://github.com/alibaba/higress/pull/2405
• feat(ai-proxy): Adjust the streaming response structure to keep it consistent with the openai by @daixijun in https://github.com/alibaba/higress/pull/2391
• add mcp-server doc by @hourmoneys in https://github.com/alibaba/higress/pull/2327
• opt: unify the end-of-line markers in the MCP session filter. by @johnlanni in https://github.com/alibaba/higress/pull/2403
• fix(ai-proxy): fix gemini provider missing finishReason by @daixijun in https://github.com/alibaba/higress/pull/2408
• docs: fix broken link in mcp-servers README_zh.md by @xuruidong in https://github.com/alibaba/higress/pull/2418
• feat: support for wanxiang image/video generation in ai-proxy & ai-statistics by @mirror58229 in https://github.com/alibaba/higress/pull/2378
• feat: Add AI-based bidding information tool MCP service by @hourmoneys in https://github.com/alibaba/higress/pull/2343
• fix: When configuring an MCP server for SSE forwarding, the controller may crash by @johnlanni in https://github.com/alibaba/higress/pull/2423
• feat: add default route support for wanx image&video synthesis by @mirror58229 in https://github.com/alibaba/higress/pull/2431
• feat(ai-proxy): add support for OpenAI Fine-Tuning API by @wydream in https://github.com/alibaba/higress/pull/2424
• add release-notes of 2.1.4 by @johnlanni in https://github.com/alibaba/higress/pull/2433
• feat: add mcp-router plugin by @johnlanni in https://github.com/alibaba/higress/pull/2409
• update envoy and istio by @johnlanni in https://github.com/alibaba/higress/pull/2440
• release 2.1.5-rc.1 by @johnlanni in https://github.com/alibaba/higress/pull/2446

• @NorthernBob made their first contribution in https://github.com/alibaba/higress/pull/2389
• @xuruidong made their first contribution in https://github.com/alibaba/higress/pull/2418
• @wydream made their first contribution in https://github.com/alibaba/higress/pull/2424

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.4...v2.1.5-rc.1

• feat(ai-proxy): support Amazon Bedrock Image Generation by @daixijun in https://github.com/alibaba/higress/pull/2212
• fix: Fix the incorrect rewrite config generated for Nacos 3 MCP Servers by @CH3CHO in https://github.com/alibaba/higress/pull/2211
• feat: update translate-readme action by @littlejiancc in https://github.com/alibaba/higress/pull/2208
• fix: Remove the Authorization request header when using AI-proxy to proxy Gemini by @hanxiantao in https://github.com/alibaba/higress/pull/2220
• fix : fix issue #2222 by @Erica177 in https://github.com/alibaba/higress/pull/2231
• Add test translation workflow by @MAVRICK-1 in https://github.com/alibaba/higress/pull/2228
• mcp server support API auth through OAS3 security schemes || mcp server support API auth through OAS3 security schemes by @johnlanni in https://github.com/alibaba/higress/pull/2241
• Fix : add fail strategy for wasmplugin generated by mcp server by @Erica177 in https://github.com/alibaba/higress/pull/2237
• fix: modify log level WARN -> DEBUG in key-auth plugin by @lexburner in https://github.com/alibaba/higress/pull/2275
• fix proxy-wasm-cpp-sdk by @johnlanni in https://github.com/alibaba/higress/pull/2281
• feat: Supports recording request header, request body, response header and response body information in the access log by @forgottener in https://github.com/alibaba/higress/pull/2265
• feat(mcp-server): add HackMD mcp server by @Whitea029 in https://github.com/alibaba/higress/pull/2260
• add mcp service shebao tools by @hourmoneys in https://github.com/alibaba/higress/pull/2303
• feat: Add a github action to copy CRD definitions from api folder to helm folder by @CH3CHO in https://github.com/alibaba/higress/pull/2268
• feat: allow skipping higress dev image build during wasmplugin e2e tests by @cr7258 in https://github.com/alibaba/higress/pull/2264
• feat: Refactor mcpServer.matchList config generation logic by @CH3CHO in https://github.com/alibaba/higress/pull/2207
• add info log of ai-search plugin by @johnlanni in https://github.com/alibaba/higress/pull/2323
• fix(ai-proxy): URL encode model name in Bedrock requests by @HecarimV in https://github.com/alibaba/higress/pull/2321
• feat(ai-proxy): add doubao Image Generation support by @daixijun in https://github.com/alibaba/higress/pull/2331
• feat: cluster-key-rate-limit support setting global rate limit thresholds for routes​ by @hanxiantao in https://github.com/alibaba/higress/pull/2262
• feat(ai-proxy): support OpenAI-compatible image and audio model Mapping by @daixijun in https://github.com/alibaba/higress/pull/2341
• fix: set "EnableSemanticCachefalse" to false when no vector configured in ai-cache by @mirror58229 in https://github.com/alibaba/higress/pull/2351
• feat(ai-proxy): add batches & files support by @daixijun in https://github.com/alibaba/higress/pull/2355
• feat: support dify ai-proxy e2e test || feat: support diify ai-proxy e2e test by @VinciWu557 in https://github.com/alibaba/higress/pull/2319
• fix content-length header not remove in ai-search plugin by @johnlanni in https://github.com/alibaba/higress/pull/2363
• feat(ai-proxy): add modelMapping regexp support by @daixijun in https://github.com/alibaba/higress/pull/2358
• feat(ai-proxy): Fixed the issue that the API pass-through path error does not support openaiCustomUrl after openai is configured. by @daixijun in https://github.com/alibaba/higress/pull/2364
• feat(frontend-gray): Add uniqueGrayTag configuration detection by @heimanba in https://github.com/alibaba/higress/pull/2371
• feat(ai-proxy): add models & image generation support for gemini by @daixijun in https://github.com/alibaba/higress/pull/2380
• feat(ai-proxy): support Google Cloud Vertex by @HecarimV in https://github.com/alibaba/higress/pull/2119
• add upstream override wasm abi by @johnlanni in https://github.com/alibaba/higress/pull/2387
• feat(ai-proxy): Add Claude image understanding and Tools calling capabilities by @daixijun in https://github.com/alibaba/higress/pull/2385
• fix: refactored mcp server auto discovery logic and fix some issue by @Erica177 in https://github.com/alibaba/higress/pull/2382
• fix : fix credential process logic for nacos mcp util and add ut for it by @Erica177 in https://github.com/alibaba/higress/pull/2394
• fix: Support mixing line breaks in a single SSE response by @CH3CHO in https://github.com/alibaba/higress/pull/2344
• Update CRD file in the helm folder by @github-actions in https://github.com/alibaba/higress/pull/2392

• @MAVRICK-1 made their first contribution in https://github.com/alibaba/higress/pull/2228
• @lexburner made their first contribution in https://github.com/alibaba/higress/pull/2275
• @forgottener made their first contribution in https://github.com/alibaba/higress/pull/2265
• @Whitea029 made their first contribution in https://github.com/alibaba/higress/pull/2260
• @hourmoneys made their first contribution in https://github.com/alibaba/higress/pull/2303

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.3...v2.1.4