JavaGolangJavaScriptSwiftAndroidRustMiddleware
11 hours ago
fiber
gofiber

v3.3.0

🚀 New

  • Add support for configuring the Regex engine on the router (#4254) Swap the compiler used for regex() route constraints. Assign a drop-in engine such as coregex.MustCompile for faster matching;Fiber reuses the compiled matcher across requests. 
    app := fiber.New(fiber.Config{
    RegexHandler: coregex.MustCompile, // default: regexp.MustCompile
})
    https://docs.gofiber.io/api/fiber#regexhandler
  • Host auth middleware (#4199) New hostauthorization middleware that validates the incoming Host header against an allowlist (exact host, .subdomain wildcard, CIDR range) to protect against DNS rebinding attacks. 
    app.Use(hostauthorization.New(hostauthorization.Config{
    AllowedHosts: []string{"api.myapp.com", ".myapp.com", "10.0.0.0/8"},
}))
    https://docs.gofiber.io/middleware/hostauthorization
  • Delegate implementation to fasthttp/prefork (#4210) Prefork now delegates to fasthttp's prefork package and adds PreforkRecoverThreshold (max child restarts before the master exits) and PreforkLogger to ListenConfig. https://docs.gofiber.io/api/fiber#preforkrecoverthreshold
  • Add support for contextual logs (#4241) Render request-scoped fields in log.WithContext(c) by configuring a template with log.SetContextTemplate, reusing the middleware/logger engine (including ${value:key} for arbitrary context values). 
    log.MustSetContextTemplate(log.ContextConfig{Format: log.RequestIDFormat})

app.Get("/", func(c fiber.Ctx) error {
    log.WithContext(c).Info("start") // renders the request id
    return c.SendString("ok")
})
    https://docs.gofiber.io/api/log#bind-context
  • Add storage backed SharedState for prefork applications (#4243) A prefork-safe, storage-backed key/value store via app.SharedState() for data shared across workers/processes, with JSON/MsgPack/CBOR/XML helpers and automatic key namespacing. app.State() stays process-local. 
    app := fiber.New(fiber.Config{
    SharedStorage: redis.New(), // any fiber.Storage shared across workers
})
app.SharedState().SetJSON("config", cfg, 0)
    https://docs.gofiber.io/api/state#sharedstate-prefork-safe
  • Add lightweight SSE middleware (#4239) A Fiber-native middleware/sse for Server-Sent Events: SSE headers, event/comment/retry frames, per-write flushing, heartbeats, Last-Event-ID access, and disconnect detection via stream.Context(). 
    app.Get("/events", sse.New(sse.Config{
    Handler: func(c fiber.Ctx, stream *sse.Stream) error {
        return stream.Event(sse.Event{Name: "message", Data: fiber.Map{"message": "hello"}})
    },
}))
    https://docs.gofiber.io/middleware/sse

🧹 Updates

  • Add prefixes to unexported boolean fields (#4300)
  • Improve error messages in SaveFileToStorage (#4173)
  • Streamline request handler selection and context management for improved performance (#4233)

🐛 Fixes

  • Preserve mounted sub-app regex handler during mount prefixing (#4308)
  • Trim only one trailing dot in host normalization (#4307)
  • Reject oversized unknown-length adaptor request bodies (#4306)
  • Fix compress middleware's shouldSkip method to avoid memory growth (#4284)
  • Reject malformed host authorities in hostauthorization (#4293)
  • Synchronize view reloads with template rendering (#4288)
  • Avoid panic for non-struct listeners in TLS config discovery (#4305)
  • Clear plaintext cookie when encryption fails (#4303)
  • Fix regex route constraint parsing with literal > (#4292)
  • Reject empty normalized host before dynamic matching (#4291)
  • Preserve idempotency replay protection for oversized responses (#4287)
  • Enforce CookieJar domain acceptance and host-only cookie matching (#4282)
  • Avoid panic when reading released Fiber context values (#4271)
  • Enforce static root for fs-backed directory serving (#4277)
  • Prevent negative paginate start overflow (#4272)
  • Prevent SharedState namespace key collisions (#4274)
  • Copy FullURL string before returning pooled buffer (#4275)
  • Enforce paginate sort allowlist when AllowedSorts is unset (#4276)
  • Validate and safely apply workflow version updates (#4273)
  • Close BodyStream in adaptor FiberHandler streaming path (#4267)
  • Prevent panic when MsgPack is not configured (#4268)
  • Keep IsFromLocal loopback-only and add unix-socket helper (#4270)
  • Prevent panic when CBOR is not explicitly configured (#4269)
  • Guard session logger tag against released middleware (#4265)
  • Add X-Real-IP protection to Forward and DomainForward variants (#4261)
  • Ensure BalancerForward overwrites X-Real-IP header (#4260)
  • Add test coverage for multipart BodyLimit error handling (#4237)
  • Improve error propagation in Express-style handler (#4250)
  • Remove SSE Next and clarify SSE handler docs (#4247)
  • BasicAuth verifier for unknown users (#4245)

🛠️ Maintenance

13 changes
  • bump github.com/shamaton/msgpack/v3 from 3.1.1 to 3.1.2 (#4296)
  • bump codecov/codecov-action from 6.0.0 to 6.0.1 (#4294)
  • bump actions/add-to-project from 1.0.2 to 2.0.0 (#4256)
  • bump github.com/shamaton/msgpack/v3 from 3.1.0 to 3.1.1 (#4281)
  • bump the golang-modules group with 3 updates (#4278)
  • bump golang.org/x/sys from 0.43.0 to 0.44.0 in the golang-modules group (#4262)
  • bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0 (#4259)
  • bump benchmark-action/github-action-benchmark from 1.22.0 to 1.22.1 (#4258)
  • bump github.com/valyala/fasthttp from 1.70.0 to 1.71.0 in the fasthttp-modules group (#4255)
  • bump github.com/klauspost/compress from 1.18.5 to 1.18.6 (#4249)
  • bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.1.0 (#4246)
  • bump github.com/mattn/go-isatty from 0.0.21 to 0.0.22 (#4242)

📚 Documentation

  • Fix invalid RouteChain method chaining example (#4304)
  • Harden reverse proxy X-Forwarded-For example (#4266)
  • Correct fasthttpctx Done semantics in context guide (#4264)
  • Clarify ${bytesSent} behavior in logger middleware (#4251)
  • Clarify prefork security model and OS-specific socket behavior (#4240)

📒 Documentation: https://docs.gofiber.io/next/

💬 Discord: https://gofiber.io/discord

Full Changelog: https://github.com/gofiber/fiber/compare/v3.2.0...v3.3.0

Thank you @ReneWerner87, @elton-peixoto-lu, @gaby, @gtoxlili, @lyyvalhalla, @mutantkeyboard, @pageton and @pratikramteke for making this release possible.

2 days ago
wails
wailsapp

Wails v3.0.0-alpha.95

Wails v3 Alpha Release - v3.0.0-alpha.95

Added

  • Added missing project structure page

Changed

  • Docs: Change to a couple of diagrams on architecture page to use sequence diagram for cleaner display
  • Docs: Include note about installing D2 as a prerequisite for running

Fixed

  • Fix wails3 generate appimage on the GTK4 default: the bundler now detects the GTK stack from the binary before searching for runtime files, so it picks libwebkitgtkinjectedbundle.so (under webkitgtk-6.0/) for GTK4 builds and libwebkit2gtkinjectedbundle.so (under webkit2gtk-4.1/) for -tags gtk3 builds. The .relr.dyn probe also checks libgtk-4.so.1 so stripping is correctly disabled on modern toolchains regardless of stack. (#5475)
  • Fix wails3 generate appimage failing when invoked with a relative -builddir: the bundler now resolves -binary, -icon, -desktopfile, -builddir and -outputdir to absolute paths up-front so the mid-flow s.CD doesn't break the AppRun download goroutine or the post-copy ldd probe.
  • Fix wails3 generate appimage failing to move the final AppImage to -outputdir when the desktop Name= field doesn't match the binary basename: the bundler now forces linuxdeploy's appimage plugin (via the OUTPUT env var) to write the AppImage to <binary>-<arch>.AppImage instead of the name derived from the desktop file.
  • Fix events.Common.ApplicationStarted, Common.ThemeChanged, Common.SystemWillSleep and Common.SystemDidWake not firing on Linux after the GTK4 + WebKitGTK 6.0 stack was promoted to the default in alpha.93. The new default application_linux.go run() wasn't calling setupCommonEvents() (which forwards Linux.* events to their Common.* counterparts) or monitorPowerEvents(). The DBus power-monitor helper is now shared between the GTK3 and GTK4 build paths via application_linux_dbus.go. (#5474)

🤖 This is an automated nightly release generated from the latest changes on master.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.95

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

3 days ago
wails
wailsapp

Wails v3.0.0-alpha.94

Wails v3 Alpha Release - v3.0.0-alpha.94

Fixed

  • Fix events.Common.ApplicationStarted, Common.ThemeChanged, Common.SystemWillSleep and Common.SystemDidWake not firing on Linux after the GTK4 + WebKitGTK 6.0 stack was promoted to the default in alpha.93. The new default application_linux.go run() wasn't calling setupCommonEvents() (which forwards Linux.* events to their Common.* counterparts) or monitorPowerEvents(). The DBus power-monitor helper is now shared between the GTK3 and GTK4 build paths via application_linux_dbus.go. (#5474)

🤖 This is an automated nightly release generated from the latest changes on master.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.94

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

3 days ago
sarama
IBM

Version 1.49.0 (2026-05-18)

What's Changed

🚨 Breaking Changes

🎉 New Features / Improvements

🐛 Fixes

🔧 Maintenance

Full Changelog: https://github.com/IBM/sarama/compare/v1.48.2...v1.49.0

4 days ago
tcell
gdamore

Version 3.4.0 Feature Release

This release has quite a number of bug fixes, but it also introduces some substantial new capabilities. Mostly the new support for advanced key reporting, along with backing support in the mouse demo, and enhanced configurability and overrides both for the application and for the user (environment variables).

This also replaces the old WASM terminal with a new version based on the libghostty implementation. This should be much faster, and nicer to work with, with a larger set of full features such as advanced key reporting, better support for resizing, etc.

What's Changed

New Contributors

Full Changelog: https://github.com/gdamore/tcell/compare/v3.3.0...v3.4.0

5 days ago
wails
wailsapp

Wails v3.0.0-alpha.93

Wails v3 Alpha Release - v3.0.0-alpha.93

Added

  • Add XDG_SESSION_TYPE to wails3 doctor output on Linux by @leaanthony

Fixed

  • Fix window menu crash on Wayland caused by appmenu-gtk-module accessing unrealized window (#4769) by @leaanthony
  • Fix GTK application crash when app name contains invalid characters (spaces, parentheses, etc.) by @leaanthony
  • Fix "not enough memory" error when initializing drag and drop on Windows (#4701) by @overlordtm
  • Fix race condition in mainthread callback store using incorrect RLock for map deletion (Linux, macOS, iOS) (#4424) by @leaanthony
  • Fixed variable handling when passing command-line arguments to tasks. CLI variables specified as KEY=VALUE pairs are now properly initialized and propagated throughout task execution.
  • Fix NSWindowZoomButton conflict on macOS: MaximiseButtonState and FullscreenButtonState now apply the more restrictive state at both startup and runtime; neither setter can silently override the other (#5319)
  • Fix a cluster of pre-existing bugs in the legacy GTK3 build path (-tags gtk3) surfaced by CodeRabbit on #5463: file-association launches no longer skip startup handlers; getTheme is bounds- and type-safe; appName no longer frees GLib-owned memory; clipboardGet no longer leaks the gchar* returned by GTK; Calloc now uses pointer receivers (and NewCalloc returns *Calloc) so the pool actually tracks allocations; zoomOut uses the reciprocal of zoomInFactor instead of a negative multiplier that clamped to 1.0; execJS reuses the preallocated empty world-name instead of leaking a C.CString("") per call; a development fmt.Println was removed from menuItem.setAccelerator. Resolves #5465.
  • Fix the same Calloc value-receiver leak in the default GTK4 build path (linux_cgo.go): pointer receivers + NewCalloc() *Calloc so per-window c.String(...) allocations are actually tracked and freed.

🤖 This is an automated nightly release generated from the latest changes on master.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.93

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

7 days ago
wails
wailsapp

Wails v3.0.0-alpha.92

Wails v3 Alpha Release - v3.0.0-alpha.92

Added

  • Modify the Taskfiles to allow control of frontend package manager used via PACKAGE_MANAGER option
  • Enrich template data with {{.Opn}} and {{.Cls}} to make writing Taskfile templates more predictable

Changed

  • Modified a couple of the existing Taskfiles to make use of {{.Opn}} and {{.Cls}}

Fixed

  • Fix concurrent map read and map write runtime fatal in linuxSystemTray when the tray menu is updated while the panel reads it.
  • Use log instead of fmt for WebView2 error and stack trace output so messages aren't lost when the app runs without an attached console on Windows.

🤖 This is an automated nightly release generated from the latest changes on master.

Installation:

go install github.com/wailsapp/wails/v3/cmd/wails3@v3.0.0-alpha.92

⚠️ Alpha Warning: This is pre-release software and may contain bugs or incomplete features.

8 days ago
lego
go-acme

v5.0.4

lego is an independent, free, and open-source project, if you value it, consider supporting it! ❤️

Everybody thinks that the others will donate, but in the end, nobody does.

So if you think that lego is worth it, please consider donating.

For key updates, see the changelog.

Changelog

  • c23a229b70776112bc818df9426adc8922c4a7f2 docs: add menu icons (#3083)
  • 1c9159d9d71de51d03e8ea3a53bb34edeb9ac47b docs: fix typos (#3091)
  • 1fed358bb4f5580adab97435026d2342b6137dc2 docs: improve file configuration section (#3092)
  • 7eb0b53682e7fb20580908c9aef7a99c9a21cfe4 fix: allow account registration in all cases (#3085)
  • 8bfa4d5db0283f03bea6f5765429266845235b91 fix: missing hook env vars (#3089)
8 days ago
watermill
ThreeDotsLabs

v1.5.2

What's Changed

New Contributors

Full Changelog: https://github.com/ThreeDotsLabs/watermill/compare/v1.5.1...v1.5.2

9 days ago
lego
go-acme

v5.0.3

lego is an independent, free, and open-source project, if you value it, consider supporting it! ❤️

Everybody thinks that the others will donate, but in the end, nobody does.

So if you think that lego is worth it, please consider donating.

For key updates, see the changelog.

Changelog

  • 18bfb7f5c7aa5fcd37bc6d9d765ba5e6034ee482 docs: add a note about JSON files migration (#3078)
  • ff774dc2262e3cb989d3d0a4cb96e08480da1109 fix: propagate context to server listeners (#3082)
  • 583ab11c743225b2eea322bf11b8cb828ac005c6 fix: recursive NSs propagation checks (#3080)