• Add Web API examples in v3/examples/web-apis/ demonstrating 41 browser APIs including Storage (localStorage, sessionStorage, IndexedDB, Cache API), Network (Fetch, WebSocket, XMLHttpRequest, EventSource, Beacon), Media (Canvas, WebGL, Web Audio, MediaDevices, MediaRecorder, Speech Synthesis), Device (Geolocation, Clipboard, Fullscreen, Device Orientation, Vibration, Gamepad), Performance (Performance API, Mutation Observer, Intersection/Resize Observer), UI (Web Components, Pointer Events, Selection, Dialog, Drag and Drop), and more
• Add WebView API compatibility checker example (v3/examples/webview-api-check/) that tests 200+ browser APIs across platforms
• Add internal/libpath package for finding native library paths on Linux with parallel search, caching, and support for Flatpak/Snap/Nix
• WIP: Add experimental WebKitGTK 6.0 / GTK4 support for Linux, available via -tags gtk4 (GTK3/WebKit2GTK 4.1 remains the default)
  • Note: On tiling window managers (e.g., Hyprland, Sway), Minimize/Maximize operations may not work as expected since the WM controls window geometry

• BREAKING: Map keys in generated JS/TS bindings are now marked optional to accurately reflect Go map semantics. Map value access in Typescript now returns T | undefined instead of T, requiring null checks or assertions (#4943) by @fbbdev

• Fix file drag-and-drop on Windows not working at non-100% display scaling
• Fix HTML5 internal drag-and-drop being broken when file drop was enabled on Windows
• Fix file drop coordinates being in wrong pixel space on Windows (physical vs CSS pixels)
• Fix file drag-and-drop on Linux not working reliably with hover effects
• Fix HTML5 internal drag-and-drop being broken when file drop was enabled on Linux
• Fix DPI scaling on Linux/GTK4 by implementing proper PhysicalBounds calculation and fractional scaling support via gdk_monitor_get_scale (GTK 4.14+)
• Fix menu items duplicating when creating new windows on Linux/GTK4
• Fix generation of mapped types with enum keys in JS/TS bindings (#4437) by @fbbdev

🤖 This is an automated nightly release generated from the latest changes in the v3-alpha branch.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.68

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

Fix directory traversal vulnerability under Windows in Static middleware when default Echo filesystem is used. Reported by @shblue21 (https://github.com/labstack/echo/pull/2891).

This applies to cases when:

• Windows is used as OS
• middleware.StaticConfig.Filesystem is nil (default)
• echo.Filesystem is has not been set explicitly (default)

Exposure is restricted to the active process working directory and its subfolders.

Full Changelog: https://github.com/labstack/echo/compare/v5.0.2...v5.0.3

This release contains improvements and bug fixes.

• US-1263 DOCX to PDF right alignment for single tab
• US-1264 DOCX to PDF dot leader processing
• US-1265 DOCX to PDF several tabs processing
• US-585 DOCX to PDF logic for default header and footer on first page
• US-1266 Benchmark code for UniOffice library

• US-1271 Document.RemoveComment(id) removes the comment cause invalid references fix
• US-1295 Document dynamic colspan cause invalid XML fix
• US-1294 Document nested table cause invalid XML fix
• US-1269 DOCX to PDF inconsistencies table column width fix

• Upgrade protobuf dependency to v1.36.11 to fix missing go_package errors for Editions feature protos (e.g. cpp_features.proto). (#8853)

• Add blog link to homepage by @asim in https://github.com/micro/go-micro/pull/2837
• Fix go install @latest failures by documenting specific version by @Copilot in https://github.com/micro/go-micro/pull/2839
• Apply rate limiting before singleflight to prevent goroutine blocking on etcd timeout by @Copilot in https://github.com/micro/go-micro/pull/2841
• Implement NATS connection pooling and fix connection leaks by @Copilot in https://github.com/micro/go-micro/pull/2840
• [WIP] Remove reflect usage and improve performance by @Copilot in https://github.com/micro/go-micro/pull/2842
• TLS certificate verification: opt-in security to preserve backward compatibility by @Copilot in https://github.com/micro/go-micro/pull/2843
• Replace custom logger with log/slog by @Copilot in https://github.com/micro/go-micro/pull/2844
• Fix google.protobuf.Any JSON marshaling missing @type field by @Copilot in https://github.com/micro/go-micro/pull/2845

Full Changelog: https://github.com/micro/go-micro/compare/v5.13.0...v5.14.0

• Added how to do One Time Handlers in the docs for Listening to Events in JavaScript by @AbdelhadiSeddar

• Changed the use of Event into Events according to changes in @wailsio/runtime and appropriate function calls in the docs in Features/Events/Event System by @AbdelhadiSeddar

• Fix "ghost windows" issue on macOS caused by not accessing AppKit APIs from the Main Thread in App.Window.Current() (#4947) by @wimaha
• Fix HTML <input type="file"> not working on macOS by implementing WKUIDelegate runOpenPanelWithParameters (#4862)
• Fix native file drag-and-drop not working when using @wailsio/runtime npm module on macOS/Linux (#4953) by @leaanthony
• Fix binding generation for cross-package type aliases (#4578) by @fbbdev

🤖 This is an automated nightly release generated from the latest changes in the v3-alpha branch.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.67

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

• Add UseApplicationMenu option to WebviewWindowOptions allowing windows on Windows/Linux to inherit the application menu set via app.Menu.Set() by @leaanthony

• Move EnabledFeatures, DisabledFeatures, and AdditionalBrowserArgs from per-window options to application-level Options.Windows (#4559) by @leaanthony

• Fix OpenFileDialog crash on Linux due to GTK thread safety violation (#3683) by @ddmoney420
• Fix SIGSEGV crash when calling Focus() on a hidden or destroyed window (#4890) by @ddmoney420
• Fix potential panic when setting empty icon or bitmap on Linux (#4923) by @ddmoney420
• Fix ErrorDialog crash when called from service binding on macOS (#3631) by @leaanthony
• Make menus to be displayed on Windows OS in v3\examples\dialogs by @ndianabasi
• Fix race condition causing TypeError during page reload (#4872) by @ddmoney420
• Fix incorrect output from binding generator tests by removing global state in the Collector.IsVoidAlias() method (#4941) by @fbbdev
• Fix <input type="file"> file picker not working on macOS (#4862) by @leaanthony

• BREAKING: Remove EnabledFeatures, DisabledFeatures, and AdditionalLaunchArgs from per-window WindowsWindow options. Use application-level Options.Windows.EnabledFeatures, Options.Windows.DisabledFeatures, and Options.Windows.AdditionalBrowserArgs instead. These flags apply globally to the shared WebView2 environment (#4559) by @leaanthony

🤖 This is an automated nightly release generated from the latest changes in the v3-alpha branch.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.66

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

Security

• Fix Static middleware when folder browsing is enabled (config.Browse=true , defaults to false) lists all files/subfolders from config.Filesystem root folder and not starting from config.Root and requested folder in https://github.com/labstack/echo/pull/2887 . Reported by @shblue21 in https://github.com/labstack/echo/issues/2886

Full Changelog: https://github.com/labstack/echo/compare/v5.0.1...v5.0.2

For a detailed view of all changes and the migration guide, visit: https://docs.gofiber.io/next/whats_new

Try our new migration tool to help you upgrade from v2 to v3:

go install github.com/gofiber/cli/fiber@latest
fiber migrate --to v3

• 🚀 App (Docs)
  • Rename WithTlsConfig method to WithTLSConfig in (#2570)
  • Use any as default Message type of Error struct in (#1925)
  • Add support for custom constraints in (#2807)
  • Add support for trusted origins in (#2910)
  • Add DialDualStack option for upstream IPv6 support in (#2900)
  • TrustedOrigins using https://*.example.com style subdomains in (#2925)
  • Add configuration support to c.SendFile() in (#3017)
  • Add CHIPS support to Cookie in (#3047)
  • Add TestConfig to app.Test() for configurable testing in (#3161)
  • Add buffered streaming support in (#3131)
  • Add support for AutoTLS / ACME in (#3201)
  • Add support for configuring TLS Min Version in (#3248)
  • Fix square bracket notation in Multipart FormData in (#3235)
  • Add support for application state management in (#3360)
  • Add support for NewErrorf in (#3463)
  • Add UNIX socket support in (#3535)
  • Add support for Msgpack in (#3565)
  • Add default UTF-8 charset in (#3583)
  • Support for SendEarlyHints in (#3483)
  • Add conditional copy helpers in (#3703)
  • Add request inspection helpers in (#3727)
  • Add support for redacting values in (#3759)
  • Add support for handling unsupported HTTP methods as HTTP 501 in (#3854)
  • Add support for ReloadViews() in (#3876)
  • Expose startup message customization hooks in (#3824)
  • Migrate from UUIDv4 to SecureToken for key generation in (#3946)
  • Add ExpirationFunc for dynamic expiration in (#3984)
  • Auto-enforce Secure=true for Partitioned cookies in Cookie() in (#3976)
• 📎 Binding (Docs)
  • Initial support for binding in (#1981)
  • Bind: add support for multipart file binding in (#3309)
  • Add All method to Bind in (#3373)
• 🌎 Client (Docs)
  • Client refactor in (#1986)
  • Add support for creating Fiber client from existing FastHTTP client in (#3214)
  • Add support for iterator methods to Fiber client in (#3228)
  • Add support for HostClient and LBClient in (#3774)
  • Add support for streaming response bodies in client and response handling in (#4014)
• 🧠 Context (Docs)
  • Convert fiber.Ctx type to interface in (#1928)
  • Add Drop method to DefaultCtx for silent connection termination in (#3257)
  • Add End() method to Ctx in (#3280)
  • Improve and Optimize ShutdownWithContext Func in (#3162)
  • Add support for context.Context in keyauth middleware in (#3287)
  • Fiber.Context implement context.Context in (#3382)
  • Add NewWithCustomCtx initialization helper in (#3476)
  • Add context methods to fiber.Storage interface in (#3566)
  • Add Fiber Context to BasicAuth Authorizer in (#3621)
  • Implement OverrideParam override behavior for DefaultCtx in (#3962)
  • Add context common request helpers in (#4007)
  • Adding GetReqHeaders and GetRespHeaders in (#2831)
  • Add Req and Res API in (#2894)
• 🔬 Extractors (Docs)
  • Introduce Extractor pattern for session ID retrieval in (#3625)
  • Enhance extractor functionality with metadata and security validation in (#3630)
  • Add extractors package in (#3725)
• 🧰 Generic (Docs)
  • Add QueryParser for get query using generic in (#2776)
  • Addition of Locals Function with Go Generics as an Alternative to c.Locals in (#2813)
  • Implement new generic functions: Params, Get and Convert in (#2850)
  • Support generic configurable logger in (#3705)
• 🚀 Listen (Docs)
  • Merge Listen methods & ListenConfig in (#1930)
  • Add support for graceful shutdown timeout in ListenConfig in (#3220)
  • Add TLSConfig to ListenConfig in (#4024)
• 🔌 Addons/retry (Docs)
  • Add retry mechanism in (#1972)
• 🧬 Middleware – adaptor (Docs)
  • Add BodyStream() logic to adaptor.FiberHandler middleware in (#3799)
  • Add local context support to adaptor middleware in (#3975)
• 🧬 Middleware – basicauth (Docs)
  • Add HeaderLimit option to BasicAuth middleware in (#3620)
  • Support hashed BasicAuth passwords in (#3631)
• 🧬 Middleware – cache (Docs)
  • Add Cache Invalidation Option to Cache Middleware in (#3036)
  • Add Max Func to Limiter Middleware in (#3070)
  • Support for disabling response headers in Limiter Middleware in (#3618)
• 🧬 Middleware – compression (Docs)
  • Add support for zstd compression in (#3041)
  • Add support for CBOR encoding in (#3173)
• 🧬 Middleware – cors (Docs)
  • Add support for Access-Control-Allow-Private-Network in (#2908)
• 🧬 Middleware – csrf (Docs)
  • Add support for Sec-Fetch-Site header in CSRF middleware in (#3913)
• 🧬 Middleware – encryptcookie (Docs)
  • Add cookie name authentication for EncryptCookie middleware in (#3788)
• 🧬 Middleware – favicon (Docs)
  • Add MaxBytes to favicon middleware in (#4016)
• 🧬 Middleware – earlydata (Docs)
  • Add earlydata middleware in (#2270)
• 🧬 Middleware – healthcheck (Docs)
  • Migrate HealthChecker to v3 in (#2884)
  • Add Startup Probe to Healthcheck Middleware in (#3069)
• 🧬 Middleware – idempotency (Docs)
  • Add idempotency middleware in (#2253)
• 🧬 Middleware – keyauth (Docs)
  • Add support for custom KeyLookup functions in the Keyauth middleware in (#3028)
• 🧬 Middleware – logger (Docs)
  • Refactor logger middleware in (#1979)
  • Add AllLogger to Config in (#3153)
  • Add Skip function to logger middleware in (#3333)
  • Add predefined log formats in (#3359)
  • Add support for ForceColors in Logger middleware in (#3428)
• 🧬 Middleware – proxy (Docs)
  • Add support for TrustProxy in (#3170)
  • Add KeepConnectionHeader option to Proxy middleware in (#3662)
• 🧬 Middleware – requestid (Docs)
  • Add Context Support to RequestID Middleware in (#3200)
  • Validate HTTP headers in RequestID middleware in (#3919)
• 🧬 Middleware – responsetime (Docs)
  • Add response time middleware in (#3891)
• 🧬 Middleware – session (Docs)
  • Re-write session middleware with handler in (#3016)
  • Add support for Keys() in session middleware in (#3517)
• 🧬 Middleware – static (Docs)
  • Add static middleware in (#3006)
• 🧬 Middleware – timeout (Docs)
  • Add config for Timeout middleware in (#3604)
• 🔄️ Redirect (Docs)
  • New redirection methods in (#2014)
• 🗺️ Router (Docs)
  • Router interface changes in (#2176)
  • Native support for net/http and fasthttp handlers in (#3769)
  • New Route method in (#2065)
  • New mounting system in (#2022)
  • Add support for RebuildTree in (#3074)
  • Add support for Express.js style req/res handlers in (#3809)
  • Add support for DisableAutoRegister of HEAD routes in (#3817)
  • Enhance CheckConstraint method for improved error handling in (#3356)
  • Add Support for Removing Routes in (#3230)
  • Add support for embedded Koa-Style Req and Res structs in (#3533)
  • Support Express-style next callback handlers in (#4029)
• 🧩 Services (Docs)
  • Add Support for service dependencies in (#3434)

• ⚙️ Core & API
  • Replace string functions in (#3923)
  • Update conditional instructions for startup skip in (#3475)
  • Update AGENTS startup instructions in (#3474)
  • Add []byte support to utils.EqualFold in (#2029)
  • Change startup message in (#2041)
  • Update to use gofiber/utils/v2 in (#2184)
  • Router: return status 501 instead of 400 on unknown method in (#2220)
  • Cleanup in (#2255)
  • Fix ContextKey collisions in (#2781)
  • Update Ctx.Format to match Express's res.format in (#2766)
  • Update handler signature for v3 in (#2794)
  • Change interface{} to any in (#2796)
  • Added respects body immutability to ctx.Body() and ctx.BodyRaw() functions. in (#2812)
  • Print to stderr if log fails for default format in (#2830)
  • Clean up errcheck config in (#2841)
  • Update startup message formatting in (#2847)
  • Simplify content negotiation code in (#2865)
  • Rename "ClientNew" Function to "New" in (#2896)
  • Remove repetitive words in (#2917)
  • Improper query/body parsing with embedded structs in (#2906)
  • Improve and simplify logic of ctx.Next() in (#3063)
  • Use Named Fields Instead of Positional and Align Structures to Reduce Memory Usage in (#3079)
  • Use utils Trim functions instead of the strings/bytes functions in (#3087)
  • Consolidate Logic of Handling the Request Body in (#3093)
  • Use msgp for flash message encoding/decoding in (#3099)
  • Replace vendored gorilla/schema package in (#3152)
  • Improve naming convention for Context returning functions in (#3193)
  • Nil pointer dereference with Must Bind binding in (#3171)
  • Mark go1.23 as minimum go version in (#3226)
  • Rename the Method Names of FormData and FormDatas (#3251) in (#3255)
  • Reduce the Memory Usage of ignoreHeaders in (#3322)
  • Migrate randString to rand v2 in (#3329)
  • Sorting error in sortAcceptedTypes in (#3331)
  • Reduce the memory usage of RoutePatternMatch in (#3335)
  • Replace findLastCharsetPosition with strings.LastIndexByte in (#3338)
  • Replace isInCharset with bytes.IndexByte in (#3342)
  • Remove two string fields in DefaultCtx to save 32 bytes in (#3353)
  • Replace treePath with treePathHash in DefaultCtx to reduce memory usage in (#3368)
  • Remove redundant field method in DefaultCtx in (#3372)
  • Add findNextNonEscapedCharPosition for single-byte charset cases in (#3378)
  • Change c.Redirect() default status in (#3415)
  • Improve routing treeBuild flow in (#3456)
  • Make genericParseType return error in (#3473)
  • Update minimum go version to 1.24 in (#3481)
  • Use slices.Contains to simplify code in (#3486)
  • Use maps.Copy to simplify code in (#3490)
  • Update loop syntax for retry mechanism in (#3516)
  • Update codecov configuration in (#3528)
  • Use GetState to reduce duplicate code in (#3542)
  • Improve Cookie() validation in (#3546)
  • Improve Accept* compliance with RFC 9110 in (#3548)
  • Refactor fasthttp iter calls to range loops in (#3559)
  • Add iterator helpers for client types in (#3560)
  • Update utils dependency in (#3576)
  • Refactor Opt-in support for CBOR in (#3580)
  • Simplify generic function calls in (#3578)
  • Replace math/rand with crypto/rand in (#3508)
  • Add sync pool and release helpers for Bind in (#3660)
  • Add CBOR support to AutoFormat() in (#3665)
  • Fix AcceptsLanguages() RFC compliance in (#3672)
  • Respect immutable config in Params(), Protocol(), and Body() in (#3676)
  • Delay routing error creation in (#3683)
  • Using reflect.TypeAssert in (#3698)
  • Handle Transfer-Encoding bodies in HasBody in (#3748)
  • Improve error handling when using storage drivers in (#3754)
  • Use sync.Pool for Client hooks in (#3758)
  • Avoid locking in gc() if nothing to delete in (#3765)
  • Cleanup return error logic in Bind() in (#3764)
  • Update RouteChain function in (#3761)
  • Make boundary a const in (#3783)
  • Preallocate slice size in Client::Param() in (#3782)
  • Skip locking garbage collector if nothing to delete in (#3787)
  • Enhance Body handling in setConfigToRequest for better type su… in (#3820)
  • Improve propagation of context.Context in (#3822)
  • Inline Request state wrappers in (#3827)
  • Remove unneeded "utils" alias in (#3834)
  • Add FullPath() helper to context in (#3837)
  • Handle nil map targets in Binder in (#3839)
  • Extracted generic releasePooledBinder function in (#3841)
  • Return error during EncryptCookie failure in (#3842)
  • Fix gocritic httpNoBody and hugeParam issues in (#3855)
  • Refactor internal errors to use sentinel values in (#3864)
  • Improve byte-range handling for SendFile() in (#3870)
  • Use int64 when dealing with HTTP Ranges in (#3874)
  • Replace strings.TrimSpace with utils.TrimSpace in (#3918)
  • Replace strings.Index with strings.Cut for improved readallity in (#3956)
  • Validate constraint by bit operation in (#3963)
  • Use sync.Pool for form and multipart binding in (#3967)
  • Use sync.Pool for redirect old input map in (#3971)
  • Replace anonymous struct key with named type in (#4020)
• 🧬 Middleware & Addons
  • Document "null" origin handling in CORS middleware in (#4001) (Docs)
  • Refactor CSRF middleware and enhance documentation in (#3598)
  • Fix pprof middleware docs and default config in (#3642)
  • Fix CORS docs and comments in (#3637)
  • Fix CSRF error message mismatch with documentation in (#3636)
  • Refactor filesystem middleware with io/fs in (#2027) (Docs)
  • Remove mutex lock in logger middleware in (#2840)
  • Update CSRF and Limiter to remove repetitive names in (#2846)
  • Refactor(middleware/cors): Config, lists as list types. in (#2962)
  • Enforce key length for EncryptCookie middleware default functions in (#3056)
  • Middleware/CORS Remove Scheme Restriction in (#3163)
  • Unify and enhance timeout middleware in (#3275)
  • Simplify HealthCheck middleware in (#3380)
  • Improve proxy middleware in (#3468)
  • Enhance KeyAuth middleware to better comply with RFC 6750 in (#3482)
  • Enhance BasicAuth middleware to better comply with RFC 6750 in (#3484)
  • Improve cache middleware RFC compliance in (#3488)
  • Enhance config validation in EncryptCookie middleware in (#3491)
  • Refactor EnvVar middleware in (#3513)
  • Improve CORS middleware response headers in (#3505)
  • Improve BasicAuth middleware default security in (#3522)
  • Improve static middleware security in (#3595)
  • Remove SHA-1/MD5 support in BasicAuth middleware in (#3634)
  • Remove support for PasswordFromContext from BasicAuth middleware in (#3638)
  • Refactor KeyAuth Middleware: Extractor-Based Configuration and Enhanced Flexibility in (#3685)
  • Return generic errors in KeyAuth middleware in (#3692)
  • Fix CSRF subdomain wildcard boundary in (#3694)
  • Improve Cache middleware defaults in (#3740)
  • Migrate Session middleware to new extractors package in (#3744)
  • Improve Compress middleware RFC compliance in (#3745)
  • Improve KeyAuth middleware RFC compliance in (#3742)
  • Update CSRF middleware to use shared extractors in (#3746)
  • Update keyauth middleware to use shared extractors in (#3747)
  • Fix cache cleanup and redact token values in (#3757)
  • Ensure middleware prefix matching requires slash boundary in (#3755)
  • Reduce the memory usage of cacheableStatusCodes in (#3789)
  • Refactor configuration management for favicon and envvar middlewares in (#3898)
  • Improve Cache middleware compliance in (#3973)
  • Further improvements to Cache middleware in (#3989)
  • Skip caching oversized responses in idempotency middleware in (#4018)
• ⚡️ Performance & Benchmarks
  • Optimize the menu item text in (#3267)
  • Remove utils.Trim* because stdlib has same performance in go1.19 in (#2030)
  • Performance improvements in (#2838)
  • Add parallel benchmarks to adaptor middleware in (#2870)
  • Expand Tests and Benchmarks for Log package in (#2886)
  • Performance optimizations in (#2947)
  • Add Benchmarks for IsProxyTrusted() in (#2933)
  • Optimize Cache middleware handler in (#3031)
  • Update benchmarks for Logger Middleware in (#3061)
  • Improve performance of Adaptor Middleware in (#3078)
  • Refactor Benchmark Results Workflow in (#3082)
  • Improve performance of helper functions in (#3086)
  • Improve Performance of c.Body() by 125% in (#3090)
  • Add Benchmarks for Rewrite Middleware in (#3092)
  • Optimize IsFromLocal() performance in (#3140)
  • Improve Performance of Fiber Router in (#3261)
  • Improve Performance of getSplicedStrList in (#3318)
  • Optimize routeParser by using sync.Pool in (#3343)
  • Add Immutable benchmarks for default case in (#3374)
  • Performance optimizations in (#3477)
  • Improve performance for "equalFieldType" function in (#3479)
  • Fix compression benchmarks in (#3561)
  • Improve iterator performance. in (#3562)
  • Improve sanitizePath performance in (#3601)
  • Skip unstable GenericParseType benchmarks in (#3614)
  • Reduce allocation in AutoFormat in (#3652)
  • Optimize Fresh header parsing for fasthttp 1.65 in (#3687)
  • Improve Req/Res Benchmarks in (#3693)
  • Improve performance analyseConstantPart in (#3753)
  • Improve allocations for Request Params() in (#3766)
  • Reduce allocations in Request (saves ~16% B/op) in (#3768)
  • Benchmark for cache miss case in (#3836)
  • Improve performance of RebuildTree() by 68% in (#3895)
  • Optimize string handling and memory allocations in (#3922)
  • Improve performance (reduce allocations) in (#3964)
• 🛠️ Testing & Tooling
  • Use testify for assertion in (#2036)
  • Generate msgp tests in (#2263)
  • V3 Feature: Make app.Test accept a time.Duration timeout in (#2269)
  • Speed up addon/retry tests in (#2800)
  • Re-enable tparallel linter in (#2801)
  • Fix testifylint errors in middleware in (#2805)
  • Fix remaining testifylint errors in (#2806)
  • Fix force type assertions in session_test.go in (#2815)
  • Address multiple lint rules in (#2869)
  • Do not retry flaky tests in (#2875)
  • Enabling shuffling, cleanup and consistency across tests in (#2931)
  • Adding a generator to generate the CTX interface in (#3024)
  • Test(middleware/session): Remove extra release and acquire ctx calls in session_test.go in (#3044)
  • Test(ctx_test): Fix race condition in (#3081)
  • The value of map is unused in uniqueRouteStack in (#3320)
  • Mark unused tests with t.SkipNow in (#3366)
  • Fix proxy middleware tests for offline environments in (#3467)
  • Add unit-test for header injection in (#3470)
  • Add URI Test case for Test_Ctx_Binders in (#3480)
  • Test: Enhance CSRF tests to address unsafe header value issue (#2045) in (#3485)
  • Improve EarlyData middleware tests coverage in (#3520)
  • Improve Idempotency middleware tests coverage in (#3521)
  • Improve Helmet middleware tests coverage in (#3523)
  • Improve Retry addon tests coverage in (#3526)
  • Add missing CSRF token extractor tests in (#3527)
  • Improve hooks test coverage in (#3524)
  • Improve Binder tests coverage in (#3529)
  • Improve CORS tests coverage in (#3530)
  • Improve CSRF tests coverage in (#3531)
  • Improve Router tests coverage in (#3550)
  • Add tests for quoteRawString in (#3613)
  • Fix Makefile to install tools before running them in (#3612)
  • Fix Cookie SameSite constants to Pascal case per RFC specification in (#3608)
  • Fix timing for streaming test in (#3628)
  • Add missing checks in Ctx tests in (#3670)
  • Stabilize interrupted stream writer test in (#3669)
  • Use ephemeral ports in unit tests in (#3686)
  • Use project toolchain for go run tools in (#3709)
  • Expand Binder tests coverage in (#3714)
  • Prevent CopyContextToFiberContext panic and add comprehensive test coverage in (#3770)
  • Add flushing-related unit tests for net/http adaptor in (#3807)
  • Fix fatal error calls in adapter_test.go in (#3810)
  • Test HEAD request compliance in (#3868)
  • Improve OPTIONS wildcard regression test in (#3869)
  • Add table-driven integration tests in (#3894)
  • Improve timing robustness in flaky cache and session tests in (#3994)

• Fix logger benchmarks in (#2074)
• Fix benchmark results related to handler, next in (#2130)
• Testifylint failure that fell through the cracks in (#2821)
• Inconsistent and flaky unit-tests in (#2892)
• CORS handling in (#2938)
• Fix some struct names in comments in (#2974)
• Fixes #3038 "v3 Flash Message with redirect is not working" in (#3046)
• Mutex for thread safety in (#3049)
• Fix data-race with sync.Pool in (#3051)
• Fasthttp errors cause panic when Params is used in (#3055)
• Use Content-Length for bytesReceived and bytesSent tags in Logger Middleware in (#3066)
• Cache middleware: runtime error: "index out of range [0] with length 0" in (#3075)
• Error check in Form binder in (#3110)
• Client: fix SetProxyURL functionality in (#3109)
• Fix handle un-matched open brackets in the query params in (#3126)
• Fix issue with default logger when creating RequestCtx in (#3134)
• Fix typo in (#3145)
• Behavior of DefaultCtx.Fresh when 'Last-Modified' and 'If-Modified-Since' are equal in (#3150)
• Adaptor middleware duplicates cookies in (#3151)
• Close File After SaveFileToStorage in (#3197)
• Make SetValWithStruct set zero values and support more types #3167 in (#3227)
• Fix EnableSplittingOnParsers is not functional in (#3231)
• Memory leak removal in the idempotency middleware in (#3263)
• Make Render bind parameter type any again in (#3270)
• Fix app.Test() auto-failing when a connection is closed early in (#3279)
• Align cache middleware with RFC7231 in (#3283)
• Goroutine leakage in (#3306)
• GenericParseType parsing large uint leads to overflow in (#3315)
• Fix handler order in routing in (#3321)
• Update binder in form_test in (#3336)
• Fix client iterators when using break statement in (#3357)
• Fix: Logger Middleware tests to use regex for time validation in (#3392)
• Handling of next param position in (#3418)
• Fix redirection flash messages violate cookie structure in (#3457)
• Fix AGENTS markdown lint in (#3460)
• Parsing of IPv6 addresses in (#3466)
• Middlewares immutable config handling in (#3494)
• Subdomains offset handling in (#3495)
• Fix Cache-Control header parsing in (#3534)
• Fix Content-Type comparison in Is() in (#3536)
• Fix Subdomains() parsing for IDNs in (#3538)
• Fix Range() parsing of bytes unit in (#3541)
• Fix Etag validation per RFC 9110 in (#3554)
• Fix Range() handling of HTTP 416 per RFC 9110 in (#3552)
• Fix Accept-Language matching per RFC 4647 in (#3553)
• Fix Cache middleware handling of Age in (#3547)
• Fix Content-Disposition header per RFC 6266 in (#3551)
• Fix Body() handling of Content-Encoding per RFC 9110 in (#3543)
• Fix multipart boundary for Client per RFC 2046 in (#3563)
• Fix address parsing for leading/trailing spaces in (#3569)
• Fix missing Allow header in EnvVar middleware per RFC 9110 in (#3570)
• Fix static/favicon middlewares file descriptor leaks in (#3579)
• Fix CookieJar domain logic in (#3564)
• Fix handling of negative BodyLimit in (#3599)
• Fix MIME type equality checks in (#3602)
• Fix retry config handling in (#3609)
• Fix limiter middleware not counting fiber.NewErrorf responses as failed requests in (#3623)
• Fix race in cookie tests in (#3629)
• Fix bind All() merging logic in (#3659)
• Fix Static middleware browser support for subdirectories in (#3673)
• Fix CORS subdomain wildcard boundary in (#3690)
• Fix support for context.Context in (#3720)
• Improve BasicAuth middleware RFC compliance in (#3743)
• Handle Unix sockets in adaptor middleware in (#3760)
• Fix usage of runtime RO data for ppc64 and s390x platforms in (#3772)
• Respect DisablePathNormalizing during client requests in (#3773)
• Always close form file in (#3786)
• Fix recover middleware panic output formatting in (#3816)
• Correct fresh flag logic in getSession in (#3825)
• Prevent memory corruption in internal memory storage from pooled buffers in (#3828)
• Avoid writing into released Response in core::execFunc() in (#3830)
• Remove Flash Cookie from Response headers after parsing in (#3840)
• Fix binder splitting for pointer-backed slice fields in (#3844)
• Fix typos in some files in (#3847)
• Execute middleware routes when handling errors in (#3846)
• Fix copying of key/values in internal/memory in (#3829)
• Fix maintain CustomCtx across middlewares in (#3852)
• Fix default value for MaxFunc in Limiter middleware in (#3871)
• Fix handling of wildcard matching in acceptsOffer in (#3880)
• Fix handling of no-body HTTP statuses in (#3883)
• Fix and improvements for the sliding window Limiter in (#3893)
• Improve suffix range normalization in (#3902)
• Enhance Origin and Referer Validation in CSRF middleware in (#3904)
• Respect Authorization when caching responses in (#3905)
• Fprint to use format instead of fmtArgs in (#3925)
• Enforce body limits in SaveFileToStorage in (#3929)
• V3 fix custom errorhandler invokation in (#3930)
• Fix example in whats_new.md in (#3949)
• Ensure flash messages are consumed after retrieval in (#3936)
• Fix FIPS-140 compliance for EncryptCookie middleware in (#3955)
• Guard Binds decoder sync.Pool in (#3969)
• Fix Early-Data trusted proxy handling in (#3974)
• Preserve session data map across resets in (#3968)
• Improve cookie decryption handling by deleting invalid cookies after iteration in (#3988)
• Respect body limit configuration in adaptor middleware in (#3990)
• Security: Enforce case-sensitive null origin validation in CORS in (#3995)
• Optimize CORS origin validation to avoid unnecessary processing in (#3996)
• Validate CORS origins before using AllowOriginsFunc in (#3991)
• Trim forwarded host values in (#4012)
• Normalize forwarded scheme parsing in (#4011)
• Return immediately on timeout and propagate context correctly in (#4009)
• Trim values from getSplicedStrList in (#4026)
• Return bytes read from readContent in (#4027)
• Reload mounted view engines in ReloadViews in (#4031)
• Handle typed-nil http handler funcs in (#4030)

• Bump github.com/valyala/fasthttp from 1.51.0 to 1.69.0 in (#2857, #3000, #3037, #3146, #3183, #3244, #3314, #3391, #3440, #3557, #3586, #3684, #3790, #3819, #3992)
• Updated fasthttp to 1.54.0 release in (#3010)
• Bump github.com/gofiber/schema from 1.2.0 to 1.6.0 in (#3308, #3462, #3504, #3574)
• Bump github.com/gofiber/utils/v2 from 2.0.0-beta.3 to 2.0.0-rc.6 in (#2935, #3062, #3174, #3389, #3540, #3568, #3689, #3853, #3914, #3926, #3997)
• Bump github.com/tinylib/msgp from 1.1.8 to 1.6.3 in (#3147, #3182, #3185, #3240, #3447, #3716, #3823, #3920, #3977, #3978)
• Bump github.com/shamaton/msgpack/v2 from 2.2.3 to 2.4.0 in (#3678, #3719, #3808)
• Bump github.com/klauspost/compress from 1.18.1 to 1.18.3 in (#3911, #4013)
• Bump github.com/google/uuid from 1.5.0 to 1.6.0 in (#2810)
• Bump golang.org/x/crypto from 0.28.0 to 0.45.0 in (#3243, #3247, #3274, #3305, #3327, #3341, #3395, #3438, #3506, #3737, #3796, #3863, #3882)
• Bump golang.org/x/net from 0.31.0 to 0.47.0 in (#3293, #3544, #3572, #3738, #3791, #3795, #3861)
• Bump golang.org/x/text from 0.29.0 to 0.33.0 in (#3797, #4003)
• Bump golang.org/x/sys from 0.39.0 to 0.40.0 in the golang-modules group in (#4000)
• Bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 in (#3277)
• Bump github.com/fxamacker/cbor/v2 from 2.7.0 to 2.9.0 in (#3384, #3581)
• Upgrade shamaton/msgpack from v2.4.0 to v3.0.0 in (#4023)
• Bump minimum version of Go to 1.21 in (#2911)
• Bump golangci-lint from v1.56.1 to v1.62.0 in (#2842, #2862, #3029, #3119, #3135, #3196)
• Make golangci-lint config stricter in (#2874)
• Add support for longtests during CI in (#3054)
• Bump nick-fields/retry from 2 to 3 in (#2824)
• Bump benchmark-action/github-action-benchmark from 1.16.2 to 1.20.7 in (#2827, #2950, #3008, #3177, #3730, #3736)
• Bump release-drafter/release-drafter from 5 to 6.2.0 in (#2826, #4022, #4025)
• Bump golangci/golangci-lint-action from 3 to 9.2.0 in (#2855, #2986, #2994, #3896, #3916)
• Bump github.com/stretchr/testify from 1.8.4 to 1.11.1 in (#2888, #3217, #3712, #3715)
• Bump codecov/codecov-action from 4.0.1 to 5.5.2 in (#2901, #2941, #2959, #2993, #2999, #3009, #3035, #3154, #3207, #3209, #3210, #3213, #3234, #3256, #3292, #3295, #3334, #3413, #3459, #3701, #3734, #3935)
• Bump actions/setup-go from 4 to 6.2.0 in (#2789, #3732, #3886, #4006)
• Bump github/codeql-action from 2 to 4.32.0 in (#2788, #3792, #3866, #3878, #3897, #3910, #3927, #3945, #3950, #4004, #4034, #4036)
• Bump actions/cache from 3 to 5.0.3 in (#2803, #3944, #3947, #4017, #4040)
• Bump fuxingloh/multi-labeler from 2 to 4 in (#2856)
• Bump DavidAnson/markdownlint-cli2-action from 16 to 22.0.0 in (#3128, #3208, #3266, #3453, #3873, #3932)
• Bump streetsidesoftware/cspell-action from 8.0.0 to 8.2.0 in (#3938, #3993, #4039)
• Bump kenchan0130/actions-system-info from 1.3.0 to 1.4.0 in (#3492, #3679)
• Bump actions/setup-node from 4 to 6.2.0 in (#3733, #3804, #3915, #4008)
• Bump actions/checkout from 3 to 6.0.2 in (#3083, #3681, #3877, #3887, #3917, #4028)
• Bump lewagon/wait-on-check-action from 1.4.1 to 1.5.0 in (#4033)
• Bump the golang-modules group with 4 updates in (#3931)
• Bump the golang-modules group with 2 updates in (#4005)
• Add go1.22 to test matrix in (#2835)
• Replace release-drafter autolabel with fuxingloh/multi-labeler in (#3872)
• Add CODEOWNERS file in (#2851)
• Update golangci-lint to v1.55.2 in (#2817)
• Update golangci-lint to enable more lint rules in (#2923)
• Add support for go1.23 and golangci-lint v1.60.1 in (#3101)
• Add go1.24 to CI matrix in (#3325)
• Add modernize lint in (#3590)
• Add inamedparam linter in (#2848)
• Remove repo codecov.yml in (#3525)
• Enable govet shadow in (#3617)
• Fix benchmark results in (#1982)
• Fix spelling issues in (#3813)
• Golangci-lint issue for go1.25.0 in (#3775)
• Require Go 1.25 in (#3682)
• Run tests against Apple M1 platform in (#2852)
• Update AGENTS.md in (#3901)

• Update Version Numbers in Docs in (#2853)
• Updates to fiberlog benchmarks and documentation in (#3059)
• Remove deprecated comments and documenting recent changes in (#3498)
• Update godoc for fiber.New() in (#3928)
• Undocumented function in session.md in (#2795)
• Fix typo in documentation in (#2802)
• Fix a misspelled comment in (#2809)
• Update Typo documentation in (#2820)
• Typo in routing.md in (#2836)
• Fix code snippet indentation in /docs/api/middleware/keyauth.md in (#2868)
• Fix TrustedProxies documentation related to IP ranges in (#2887)
• Update docs to reflect fiber.Ctx struct to interface change in (#2880)
• Improve translation in (#2899)
• Update Copilot docs and setup in (#3585)
• Refactor Documenation for HealthCheck in (#2905)
• Fixed a typo in app.go in (#2912)
• Cleanup and updates to README files in (#2914)
• Fix merge conflict in documentation in (#2957)
• Fix broken link to slim template in FAQ in (#2969)
• Update config TrustedOrigin comments in (#2963)
• Consolidate and Document Core Changes in v3 in (#2934)
• Fix some comments in (#2983)
• CORS middleware in (#2979)
• Add docs for new client in (#2991)
• Update intro.md to make clear fiber.Ctx is not thread-safe. in (#3014)
• Improve ctx.Locals method description, godoc and example in (#3032)
• Add zero-allocation section to README in (#3039)
• Add support for consistent documentation using markdownlint in (#3064)
• Update example in middleware/cors to v3 in (#3116)
• Update recover docs to not use reserved keyword in (#3129)
• Fix typos in client hooks documentation in (#3133)
• Replaced link to russian mozilla docs in (#3142)
• Removed zero width white space from logger docs in (#3144)
• Fix typo on comment in (#3158)
• Typo in hooks documentation in (#3164)
• Update README.md in (#3165)
• Update What's New documentation in (#3181)
• Clarify SendFile Docs in (#3172)
• Update intro documentation in (#3204)
• Updates to API documentation and README in (#3205)
• Updates to Context documentation in (#3206)
• Update documentation for Fiber client in (#3249)
• Fix static middleware CacheDuration data type typo in (#3273)
• Add ctx.Drop() to whats_new.md in (#3284)
• Add c.Drop() example to whats_new.md in (#3285)
• Update intro.md Static Files section in (#3303)
• Update adapter middleware documentation in (#3317)
• Add Retry Addon documentation in (#3330)
• Update Helmet Middleware default values in (#3348)
• Update helmet.md default values in (#3350)
• Add more validation examples in (#3369)
• Update docs for State Management in (#3388)
• Fix CSRF handler example in (#3412)
• Adjust Funding Custom URL in (#3432)
• Fix examples in middleware/session in (#3435)
• Idempotency add more detailed description for next method in (#3443)
• Document usage of Custom Tags in Logger middleware in (#3446)
• Fix typos in (#3464)
• Fix more typos across code base in (#3465)
• Fix typos in code and docs in (#3507)
• Enhance CORS middleware documentation with preflight request details and infrastructure considerations in (#3509)
• Add custom constraint example in (#3539)
• Incorrect usage of backslash characters in the constraint … in (#3549)
• Add net/http compatiblity section in (#3556)
• Add documentation for Stale() in (#3555)
• Update utils guide documentation in (#3575)
• Fix EarlyData middleware docs in (#3646)
• Fix Skip middleware docs in (#3649)
• Fix context changes doc in (#3650)
• Fix RequestID docs in (#3648)
• Fix Proxy middleware docs in (#3647)
• Fix Compress middleware docs in (#3645)
• Fix Cache middleware docs in (#3644)
• Fix Favicon middleware documentation in (#3640)
• Fix Static middleware docs in (#3643)
• Fix Healthcheck middleware documentation in (#3657)
• Fix KeyAuth middleware docs in (#3641)
• Improve Timeout middleware documentation in (#3675)
• Add context guide in (#3677)
• Add Learning Resources section with Go Interview Practice platform in (#3691)
• Fix typos in documentation in (#3695)
• Add early hints documentation in (#3697)
• Document utils package migration in (#3704)
• Note CSRF ContextKey removal in (#3706)
• Note removal of context keys in (#3707)
• Add migration tool info in (#3708)
• Improve wording and fix typos in (#3713)
• Full audit of documentation in (#3717)
• Add RoutePatternMatch documentation in (#3722)
• Clarify context interface implementation in (#3729)
• Ensure all exported elements are documented in (#3752)
• Document usage of reverse proxies for SendEarlyHints in (#3778)
• Fix broken link in the Routing guide in (#3831)
• Update docs/whats_new.md in (#3889)
• Clarify handler execution order and usage in Add() in (#3890)
• Update cache migration guidance in (#3908)
• Clarify client migration examples in (#3921)
• Add goroutine cancellation example using context.WithTimeout in (#3884)
• Fix some comments to improve readability in (#3943)
• Update logger middleware format constants in (#3951)
• Refresh adaptor middleware guidance in (#3981)
• Update Services icon and prefork warning for State Management in (#4002)

Thank you to all contributors: @ad3n, @akilesh1706, @alequilesl, @alexandear, @Alijeyrad, @aliziyacevik, @andradei, @arturmelanchyk, @asyslinux, @AuroraTea, @axrav, @balcieren, @Behzad-Khokher, @BigJoe17, @brunodmartins, @canks69, @ckoch786, @cuiweixie, @darwin808, @dave-gray101, @deferdeter, @devhaozi, @devhsoj, @Dishank-Sen, @dockercui, @dojutsu-user, @dozheiny, @dreamscached, @duhnnie, @edvardsanta, @efectn, @emirhansirkeci, @ErfanMomeniii, @Fenny, @findfluctuate, @gaby, @gandaldf, @glensargent, @gopkg-dev, @gozeloglu, @grivera64, @guerzon, @haikalSusanto, @haochunchang, @hcancelik, @hotrungnhan, @hungthai1401, @imsk17, @ItsMeSamey, @JIeJaitt, @jsoref, @K0ng2, @KatzuYoru, @khanhkhanhlele, @kianmeng, @kirankumar-grootan, @kiuber, @KrisCarr, @ksw2000, @ktat, @LaptopCat, @Larinax999, @Lars-Schumann, @laughing-nerd, @leonklingele, @linogomez, @luk3skyw4lker, @mazyaryousefinia, @mdelapenya, @mitulagr2, @miyamo2, @MonkyMars, @negrel, @nexovec, @nickajacks1, @nnnkkk7, @oktayozkan0, @omaskery, @omer-cengel, @orvillesimba, @pjebs, @rabarar, @racerole, @ReneWerner87, @RezaSi, @ryanbekhen, @s19835, @SantiagoBobrik, @sebytza23, @shamaton, @sigmundxia, @SivaPA08, @sixcolors, @StrawHatHacker, @sunnyyssh, @techerfan, @the-hotmann, @TheAspectDev, @theleeeo, @tongjicoder, @trim21, @vhespanha, @wangjq4214, @xEricL, @yinheli, @yorickdewid, @ZihxS, @zingi

Full Changelog: https://github.com/gofiber/fiber/compare/v2.52.11...v3.0.0

For a detailed view of all changes and the migration guide, visit: https://docs.gofiber.io/next/whats_new

• Add support for using .icon files (Apple Icon Composer format) for generating Liquid Glass icons and asset catalogs (macOS) (#4934) by @wimaha

🤖 This is an automated nightly release generated from the latest changes in the v3-alpha branch.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.65

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.