2026-06-01, Version 26.3.0 (Current), @aduh95
With Apple and its ecosystem progressively dropping support for Intel-based architectures, it has become apparent that the Node.js project may not be able to maintain the universal binaries we currently distribute for the full lifetime of Node.js 26. This change serves to communicate that risk. At present, our intention remains to continue shipping universal binaries supporting both Apple Silicon and Intel-based Macs for as long as practical.
Contributed by Antoine du Hamel in #63055.
- [
a2a4b33dd8] - (SEMVER-MINOR) buffer: increaseBuffer.poolSizedefault to 64 KiB (Matteo Collina) #63597 - [
051a2152f7] - crypto: update root certificates to NSS 3.123.1 (Node.js GitHub Bot) #63527 - [
49462eca37] - (SEMVER-MINOR) http: addhttpValidationoption to configure header value validation (RajeshKumar11) #61597 - [
97b7ab19bd] - (SEMVER-MINOR) inspector: expose precise coverage start to JS runtime (sangwook) #63079 - [
cfb80a2103] - (SEMVER-MINOR) lib,permission: addpermission.drop(Rafael Gonzaga) #62672
- [
a2a4b33dd8] - (SEMVER-MINOR) buffer: increase Buffer.poolSize default to 64 KiB (Matteo Collina) #63597 - [
0eff3e23b9] - build: defNODE_USE_NODE_CODE_CACHEonly used in node_mksnapshot (Chengzhong Wu) #63588 - [
447ab2d252] - build,win: fix VS2022 arm64 PGO build (Stefan Stojanovic) #63413 - [
86032758e4] - build,win: replace LTCG with Thin LTO for releases (Stefan Stojanovic) #63114 - [
5f4d794052] - build,win: add Rust toolchain automated configuration Windows (Mike McCready) #63381 - [
051a2152f7] - crypto: update root certificates to NSS 3.123.1 (Node.js GitHub Bot) #63527 - [
d0f65e3579] - crypto: coerce -0 keylen to +0 in pbkdf2 and scrypt (Jordan Harband) #63531 - [
e3ddb326c9] - crypto: harden WebCrypto against prototype pollution (Filip Skokan) #63363 - [
e04cd17dc0] - crypto: pass CryptoKey handles to KDF jobs (Filip Skokan) #63363 - [
64ba74d847] - crypto: remove async from WebCrypto methods (Filip Skokan) #63363 - [
bd230418b4] - crypto: add WebCrypto CryptoJob mode (Filip Skokan) #63363 - [
1a4090a83d] - debugger: surface inspector failures in probe mode (Joyee Cheung) #63437 - [
dbc78ff825] - debugger,test: deflake resume failure test and add debug logs (Joyee Cheung) #63524 - [
4da442f432] - deps: upgrade npm to 11.16.0 (npm team) #63602 - [
63372cfa87] - deps: SQLite: cherry-pick b869ed6b067d623cb1383549f2a18aa35508385d (Junsu Han) #63525 - [
e286fa170d] - deps: upgrade npm to 11.15.0 (npm team) #63463 - [
de996437a5] - doc: downgrade macOS x64 to Tier 2 (Antoine du Hamel) #63055 - [
22ac78750c] - doc: remove duplicated sentences in large-pull-requests.md (Joyee Cheung) #63650 - [
532f7f2085] - doc: updategit node landinstructions for security releases (Antoine du Hamel) #63586 - [
c61f90dfb9] - doc: drop --experimental from --permission (Rafael Gonzaga) #63583 - [
fd69d7b16a] - doc: improvefs.StatFsproperties descriptions (aymanxdev) #62578 - [
693257782c] - doc: generate llms.txt (Guilherme Araújo) #62027 - [
55a57beb26] - doc: explicitly ask for reproducible in JS (Rafael Gonzaga) #63479 - [
4895c2babc] - doc: fix URL postMessage example in worker_threads (Kit Dallege) #62203 - [
0355c36e37] - doc: clarifyfilteroption ofsqlite.database.applyChangeset(Antoine du Hamel) #63515 - [
c85ee22df6] - doc: fix double spaces in ERR_TLS_INVALID_PROTOCOL_METHOD (Daijiro Wachi) #63511 - [
62947192f6] - doc: move hyperlinks outside of text blocks (Aviv Keller) #63493 - [
9849690a1d] - doc: edit Rust toolchain general install instructions (Antoine du Hamel) #63488 - [
885d2462e9] - doc: fix double space in modules.md (Daijiro Wachi) #63512 - [
42fbb48bc6] - doc: fix "options" to "option" in tls.createServer (Daijiro Wachi) #63453 - [
05a7b0a301] - doc: add Rust toolchain general install instructions (Mike McCready) #63426 - [
e13dfd7ed0] - doc: update toolchain for official releases (Richard Lau) #63441 - [
82306881cc] - doc: fix typo in deprecations (Daijiro Wachi) #63434 - [
eeb77d217c] - doc,lib: align WebCrypto names with spec (Filip Skokan) #63518 - [
679e13c57f] - errors: handle V8 warnings in DisallowJavascriptExecutionScope (Divyanshu Sharma) #63491 - [
7f41f5d803] - ffi: validate 'void' as parameter type in getFunction and getFunctions (Anshika Jain) #63504 - [
972cd227cb] - ffi: remove function signature property aliases (René) #63482 - [
5d7805e433] - ffi: move DynamicLibrary disposer to native layer (René) #63459 - [
5a0b32dc24] - gyp: update deps gypfiles (Nad Alaba) #63117 - [
49462eca37] - (SEMVER-MINOR) http: add httpValidation option to configure header value validation (RajeshKumar11) #61597 - [
e3c6629ee3] - http2: emit session close before stream close (Matteo Collina) #63414 - [
97b7ab19bd] - (SEMVER-MINOR) inspector: expose precise coverage start to JS runtime (sangwook) #63079 - [
6bef10e7b7] - lib: cleanup stateless diffiehellman key handling (Filip Skokan) #62645 - [
fdc0b3d49c] - lib: definekEnumerablePropertyatomically (Antoine du Hamel) #63609 - [
99baf27aeb] - lib: fix typos in esm loader comments (RonGamzu) #63465 - [
cfb80a2103] - (SEMVER-MINOR) lib,permission: add permission.drop (Rafael Gonzaga) #62672 - [
8e75efb9bc] - meta: flip mcollina emails in .mailmap (Matteo Collina) #63621 - [
a4ae97045f] - meta: label "source maps" PRs (Chengzhong Wu) #63591 - [
3455a48ae1] - meta: addvfssubsystem label (René) #62331 - [
01bfcdfc20] - meta: skip scheduled workflows on forks (Jamie Magee) #63565 - [
bc4c457eae] - meta: add additional gitignore entries (James M Snell) #63267 - [
e1d65d9509] - module: load ESM helpers eagerly in the snapshot (Joyee Cheung) #63550 - [
6a97b0932a] - quic: add proper error codes & messages for QUIC failures (Tim Perry) #63198 - [
5989f4a6e1] - quic: support hostname verification (James M Snell) #63483 - [
b4d30e7a78] - quic: add stream idle timeout (James M Snell) #63483 - [
8a1017f774] - quic: add block list support for endpoints (James M Snell) #63483 - [
5a3ab93c49] - quic: improve peer cert verification (James M Snell) #63483 - [
9701a82a78] - quic: handle h3 max header size option (James M Snell) #63483 - [
71788a2048] - quic: add rate limiting docs (James M Snell) #63483 - [
309bd49906] - quic: cache timestamp for address lru cache (James M Snell) #63483 - [
2ce5588d51] - quic: add session creation rate limiting (James M Snell) #63483 - [
98808baed1] - quic: refine rate limiting (James M Snell) #63483 - [
75a4176b32] - quic: flip preferred address policy default to 'ignore' (James M Snell) #63483 - [
8b6b03d60c] - quic: add doc note about certificate size limitations (James M Snell) #63483 - [
30eff873e0] - quic: add applicationOptions to session (James M Snell) #63267 - [
4303daa43c] - quic: add getters for local and remote transport parameters (James M Snell) #63267 - [
e1b1bb5465] - quic: improve recv coalescing test sizes (James M Snell) #63267 - [
25a416f457] - quic: add initial RTT option to session options (James M Snell) #63267 - [
22e91c357f] - quic: enable recvmmsg batching in Endpoint (James M Snell) #63267 - [
c96d8a9d9b] - quic: improve stream header collection performance (James M Snell) #63267 - [
409460f2ce] - quic: add reusePort option to QuicEndpoint (James M Snell) #63267 - [
9a2afffec9] - quic: coalesce received data into fewer buffers (James M Snell) #63267 - [
f9a6a2f558] - quic: apply multiple additional minor improvements (James M Snell) #63267 - [
ea5f3724ee] - quic: fix tests that are missing serverEndpoint close (James M Snell) #63267 - [
6cffc931fc] - quic: fixup some v8:: qualifiers (James M Snell) #63267 - [
9bc875e522] - quic: fix premature unref of endpoint when listening (James M Snell) #63267 - [
f940d6b1be] - quic: fixup UAFs in bindingdata, streams, and app (James M Snell) #63267 - [
fd00e0acb0] - quic: fix UAF in Application::OnTimeout() (James M Snell) #63267 - [
378dbf00e9] - quic: improve the quic js structure (James M Snell) #63267 - [
0045dc30b6] - quic: improve internal structure of QuicStream (James M Snell) #63267 - [
5e38946b26] - quic: add aliased struct arenas (James M Snell) #63267 - [
95430437a0] - quic: add handshake timeout and default connection limits (James M Snell) #63267 - [
5622701429] - quic: implement rate limiting for version nego and immediate close (James M Snell) #63267 - [
b171f391cd] - quic: fixup linting issue after other changes (James M Snell) #63267 - [
24e9f4f177] - quic: fix crash in early handshake failure (James M Snell) #63267 - [
5025e85d0a] - quic: eliminate per-received datagram allocation (James M Snell) #63267 - [
aec1e17ec5] - quic: cache the timestamp on send and receive (James M Snell) #63267 - [
9560084560] - quic: add support for future ECN marking (James M Snell) #63267 - [
2b3ff8ada2] - quic: improve batching of packet sending (James M Snell) #63267 - [
fe3639a4d6] - quic: improve backend quic packet processing (James M Snell) #63267 - [
f043013d9a] - src: remove TOCTOU race condition when encoding SAB-backedBuffers (Antoine du Hamel) #63517 - [
343958224d] - src: skip duplicate UTF-8 validation in TextDecoder fatal path (Mert Can Altin) #63231 - [
2906fa833d] - src: dispatch ToV8Value(string_view) via StringBytes::Encode (Mert Can Altin) #63370 - [
860f9d8d4b] - src: fix ContextifyContext property definer interception result (Chengzhong Wu) #63549 - [
fcccffcbe6] - src: fix crash when reading length on Storage.prototype (Mohamed Sayed) #63529 - [
55f65f9fb6] - src: improve token return value check (James M Snell) #63483 - [
7a36ca46cd] - src: exposenode::RegisterContextto make a node managed context (Chengzhong Wu) #62322 - [
9bda92963c] - src,sqlite: only passxFilterwhen user provided a callback (Antoine du Hamel) #63516 - [
563db50f38] - stream: switch to internalsleepbinding (Antoine du Hamel) #63611 - [
a6e2322ee6] - stream: use data listener for compose forwarding (Trivikram Kamat) #63593 - [
7198895c6b] - stream: serialize concurrent share consumer reads (Trivikram Kamat) #63478 - [
70ba8be1d7] - stream: fix lint error (Antoine du Hamel) #63598 - [
1608d905a7] - stream: reject pending reads on iterator throw (Trivikram Kamat) #63555 - [
dc12b730d8] - stream: wait for push writer end fallback to drain (Trivikram Kamat) #63503 - [
4f40a85a1a] - stream: flush each fused stateless transform (Trivikram Kamat) #63468 - [
526e0fc427] - stream: avoid duplicate writes in toWritable (Trivikram Kamat) #63360 - [
0008d01f9c] - stream: propagate abort reason in share and broadcast (Trivikram Kamat) #63358 - [
217338e18b] - stream: fix Writable.toWeb() hang on synchronous drain (sangwook) #61197 - [
381f4b1b10] - stream: disallow writing string chunk with 'buffer' encoding (René) #63062 - [
cbee0de1cb] - stream: alignReadable.toWebtermination with eos (ikeyan) #62394 - [
be91f0a927] - test: shorten path in net pipe connect errors (Matteo Collina) #63405 - [
83cada8bcc] - test: deflake test-debugger-probe-timeout (Joyee Cheung) #63547 - [
3560b96a10] - test: deflake test-webcrypto-crypto-job-mode (Filip Skokan) #63543 - [
0c9c52373a] - test: remove test-node-output-v8-warning (Joyee Cheung) #63469 - [
12052dbe14] - test: cover webcrypto prototype pollution systematically (Filip Skokan) #63520 - [
8c479f274a] - test: update test426-fixtures to 9b9e225b5a63139e9a95cdd1bf874a8f0b9d131 (Node.js GitHub Bot) #63373 - [
2ca32a5ee8] - test: update WPT for url to e4a4672e9e (Node.js GitHub Bot) #63372 - [
1bf875bd21] - test: deflake async-hooks statwatcher test (Trivikram Kamat) #63396 - [
97dbfa09f7] - test: avoid test_runner watch restart in spec snapshot (Trivikram Kamat) #63392 - [
8b038d7b33] - test: reduce watch mode restart flakiness (Trivikram Kamat) #63390 - [
f504c01d66] - test: get rid of unnecessaryAbortControllerinstanciations (Antoine du Hamel) #63489 - [
170585ff90] - test: isolate rerun-failures state file under tmpdir (Chemi Atlow) #63449 - [
935468a49e] - test: fixup quic tests (James M Snell) #63267 - [
fbbdfdcfc7] - test: wait for ok before initial break after restart (Yuya Inoue) #62807 - [
db808ad77d] - test: unskip snapshot reproducibility test (Joyee Cheung) #63307 - [
259d8b3dce] - test: update WPT for WebCryptoAPI to 97bbc7247a (Node.js GitHub Bot) #63417 - [
d56c6cd708] - test_runner: ignore erased TS lines in coverage (Matteo Collina) #63510 - [
16015f1565] - test_runner: fix suite diagnostic chanel end (Moshe Atlow) #63533 - [
003b9ccbe9] - test_runner: dont buffer unordered events in process isolation mode (Moshe Atlow) #63432 - [
fdc4b5aed4] - test_runner: fix --test-rerun-failures swallowing failures on retry (Chemi Atlow) #63431 - [
6a0bd2f329] - test_runner: add parentId to test events with testId (Moshe Atlow) #63435 - [
a646c93254] - test_runner: show replayed-from-attempt hint in spec reporter (Moshe Atlow) #63429 - [
b1fa59cbb6] - test_runner: preserve run duration when using test-rerun (Moshe Atlow) #63429 - [
6ac7ff24ac] - tools: refinev8.nixsource definition (Antoine du Hamel) #63625 - [
59c01b959f] - tools: add lint rule for aborted AbortController (Trivikram Kamat) #63541 - [
2ab034f6f9] - tools: bump @node-core/doc-kit in /tools/doc in the doc group (dependabot[bot]) #63494 - [
a6af903e0a] - tools: bump brace-expansion from 5.0.5 to 5.0.6 in /tools/eslint (dependabot[bot]) #63415 - [
215cd543dd] - tools: skip commit-lint on backport pull requests (Marco) #63378 - [
0479f28e95] - tools: fix skip oftest-interneton forks (Antoine du Hamel) #63492 - [
69dfadf785] - tools: mock some Python utils inv8.nixto reuse builds (Antoine du Hamel) #63454 - [
7b3e222cda] - util: remove unused functions (Antoine du Hamel) #63612 - [
5a1f67c27b] - util: create hex style cache and fast path (Guilherme Araújo) #62999
Release v3.3.5
见Release附件。
拉取命令
docker pull ghcr.io/alibaba/loongcollector:3.3.5
docker pull ghcr.io/alibaba/loongcollector:latest
- Add C++ and Go coding standards, project knowledge documentation, and skills directory by @yyuuttaaoo in https://github.com/alibaba/loongcollector/pull/2539
- [Docs] Update docs by @Takuka0311 in https://github.com/alibaba/loongcollector/pull/2540
- Support whole_file in multiline options by @linrunqi08 in https://github.com/alibaba/loongcollector/pull/2545
- feat: optimize hostname to ip logic to ignore blacklist ifaces by @StartE in https://github.com/alibaba/loongcollector/pull/2546
- feat: update loongcollector-build-linux 2.1.15 -> 2.1.16, support spl 2.13.2 by @sunym1991 in https://github.com/alibaba/loongcollector/pull/2552
- fix: eliminate flaky OnetimeConfigUpdateUnittest via injectable clock by @Copilot in https://github.com/alibaba/loongcollector/pull/2551
- feat: add Claude/Cursor skills, and devcontainer enhancements by @yyuuttaaoo in https://github.com/alibaba/loongcollector/pull/2554
- feat: support cr for k8s entity generator by @StartE in https://github.com/alibaba/loongcollector/pull/2542
- feat(ebpf): add AgentSight plugin for LLM observability by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2555
- feat(ebpf): input_agentsight 支持 Cmdline/Domain 扁平化筛选与内置默认规则 by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2559
- Merge go alarm data to cpp core by @Takuka0311 in https://github.com/alibaba/loongcollector/pull/2558
- Refactor input_agentsight configuration: flat structure, object-style rules, and full doc rewrite by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2560
- Add AgentSight LLM tool definitions passthrough by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2561
- 更新第三方库节点 by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2564
- Implement centralized memory lock limit adjustment for eBPF plugins by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2565
- feat(input): add service_etw plugin for Windows Analytical ETW by @zdy in https://github.com/alibaba/loongcollector/pull/2556
- Add AgentSight Http Probe by @beartyson-tech in https://github.com/alibaba/loongcollector/pull/2567
- feat: Integrate coolbpf cpu profiling feature in loongcollector by @wokron in https://github.com/alibaba/loongcollector/pull/2391
- Revert "feat: Integrate coolbpf cpu profiling feature in loongcollector" by @yyuuttaaoo in https://github.com/alibaba/loongcollector/pull/2572
- fix: skip GetGoAlarms on Windows to avoid cross-CRT heap crash by @StartE in https://github.com/alibaba/loongcollector/pull/2570
- feat: Enhance Dockerfile and CI workflow for multi-architecture support by @Takuka0311 in https://github.com/alibaba/loongcollector/pull/2569
- @Copilot made their first contribution in https://github.com/alibaba/loongcollector/pull/2551
- @beartyson-tech made their first contribution in https://github.com/alibaba/loongcollector/pull/2555
- @zdy made their first contribution in https://github.com/alibaba/loongcollector/pull/2556
- @wokron made their first contribution in https://github.com/alibaba/loongcollector/pull/2391
Full Changelog: https://github.com/alibaba/loongcollector/compare/v3.3.2...v3.3.5
3.2.53
This is a patch release with fixes in storage and remote protocol, be aware this contains a security fix so pleas update ASAP
- Made sure to list config free map in the database file type list for correct file delete
- Make sure to not include temporary storage config file from backups
- Add check for correct type when deserializing data java object from network
orientdb-community-3.2.53.tar.gz orientdb-community-3.2.53.zip
4.30
-
S3
- s3,iceberg: reject
..in URL path vars by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9687 - fix(s3tables/iceberg): make metadata spec-compliant and accept real-world manifest names by @qzhello in https://github.com/seaweedfs/seaweedfs/pull/9703
- fix: validate s3 ownership controls rule by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9684
- fix(s3): honor MetadataDirective=REPLACE for system metadata on CopyObject by @qzhello in https://github.com/seaweedfs/seaweedfs/pull/9721
- fix(s3): allow anonymous unsigned-streaming PutObject by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9727
- fix(s3): authenticate JWT unsigned-streaming uploads by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9729
- perf(s3.iam.GetUser): Make the API default to the request username if not specified by @LightJack05 in https://github.com/seaweedfs/seaweedfs/pull/9746
- s3,iceberg: reject
-
Misc
- writeJson: drop unused JSONP branch by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9686
- fix(util): guard BytesToUint{16,32,64} against short input by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9713
- chore(weed/storage/backend/s3_backend): remove unused function by @alrs in https://github.com/seaweedfs/seaweedfs/pull/9715
- [docker] add make test_keycloak_s3 for local develop and debug by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/9719
- s3, iam, volume, filer, master: add /healthz and /readyz health probes by @MChorfa in https://github.com/seaweedfs/seaweedfs/pull/9738
-
Filer
- redis2: apply keyPrefix in KV methods by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9693
- wdclient: prune filers dropped from master discovery by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9699
- fix(filer/postgres): default to ON CONFLICT upsert to keep tx alive by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9709
- refactor(filer): remove the inode->path index and the NFS gateway by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9724
- refactor: avoid unused sql insert result by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9734
- wdclient, dailyrun: add equal jitter to retry backoff by @MChorfa in https://github.com/seaweedfs/seaweedfs/pull/9737
- fix: return immediately on first error in DistributedOperation by @rushikesh90 in https://github.com/seaweedfs/seaweedfs/pull/9740
-
Master
- master: timeout AllocateVolume/DeleteVolume and defer growRequest cleanup by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9698
- fix(topology): recover heartbeat-fulled volumes once they shrink by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9742
- topology: fail replica writes fast when a replica is unreachable by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9744
-
Volume Server
- fix(volume): avoid nil-deref when needle map loader errors (#9694) by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9697
- fix(volume): avoid panic when URL path has a dot before the comma by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9712
- fix(ec): prefer credible replica as canonical metric in EC detection by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9717
- fix(ec): delete empty stub replicas before distributing EC shards by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9722
- fix(storage): keep EC .vif when deleting a coexisting regular volume by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9723
- test(ec): end-to-end encode over a multi-server multi-disk stuck layout by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9728
- fix(volume): stop flipping volumes read-only on a non-append-ordered .idx by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9726
- fix(vacuum): writable volume re-notification after worker VACUUM by @kisow in https://github.com/seaweedfs/seaweedfs/pull/9732
-
Replication, Filer Sync
- fix(filer.sync): validate chunk size in FilerSink to prevent 0-byte propagation by @kisow in https://github.com/seaweedfs/seaweedfs/pull/9701
- fix(filer.sync): resolve manifest chunks against source filer by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9705
- fix(remote_storage/s3): forward entry mime as ContentType by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9708
- fix(replication/s3sink): forward entry mime as ContentType by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9710
- fix(remote_storage/gcs): forward entry mime as ContentType by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9711
- fix(filer.sync): keep sync_offset fresh through filtered-event markers by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9733
-
Admin Server and Worker
- fix(vacuum): batch all replicas in a single plugin worker task by @kisow in https://github.com/seaweedfs/seaweedfs/pull/9702
-
Shell
- fix(shell): don't halt volume.fsck purge on a stuck read-only volume by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9714
- fix(shell): verify volume.merge output before overwriting replicas by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9731
- @MChorfa made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9738
- @rushikesh90 made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9740
- @LightJack05 made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9746
Full Changelog: https://github.com/seaweedfs/seaweedfs/compare/4.29...4.30
v8.0.0-RC5
- Documentation
- Commit Log
- Maintenance Policy
- Release Policy
- Release Schedule
- Changelog: RC1 RC2 RC3, RC4, RC5
Special thanks to the following individuals for their excellent contributions:
- @mmoayyed
- @leleuj
- @Minei3oat
- @vbonamy
1.0.0-beta.6
- feat: improve degraded readiness reporting and shutdown handling by @houseme in https://github.com/rustfs/rustfs/pull/3089
- feat(tls): add inspect command for TLS layouts by @houseme in https://github.com/rustfs/rustfs/pull/3092
- fix: reject invalid multipart part numbers by @overtrue in https://github.com/rustfs/rustfs/pull/3091
- fix(helm): add LoadBalancer service type support by @dcode in https://github.com/rustfs/rustfs/pull/3049
- chore(deploy): refine systemd and nixos service docs by @houseme in https://github.com/rustfs/rustfs/pull/3096
- fix(readiness): gate on lock quorum health by @houseme in https://github.com/rustfs/rustfs/pull/3100
- fix(ecstore): offload erasure encoding from async workers by @marshawcoco in https://github.com/rustfs/rustfs/pull/3099
- fix(lock): retry transient distributed lock timeouts by @marshawcoco in https://github.com/rustfs/rustfs/pull/3101
- fix(lifecycle): make transition worker resize nonblocking by @GatewayJ in https://github.com/rustfs/rustfs/pull/3090
- fix: retry namespace lock quorum contention by @overtrue in https://github.com/rustfs/rustfs/pull/3098
- fix(lock): isolate retry attempt lock ids by @houseme in https://github.com/rustfs/rustfs/pull/3102
- docs(readme): add Discord community links by @cxymds in https://github.com/rustfs/rustfs/pull/3103
- chore(release): prepare 1.0.0-beta.6 by @houseme in https://github.com/rustfs/rustfs/pull/3104
- fix(iam): avoid stale cache replacement on walk errors by @GatewayJ in https://github.com/rustfs/rustfs/pull/3094
- fix(ecstore): harden issue3031 multipart validation path by @houseme in https://github.com/rustfs/rustfs/pull/3106
- fix(ecstore): reduce restart-time startup race noise by @houseme in https://github.com/rustfs/rustfs/pull/3108
- fix: tolerate stalled listing readers after quorum by @overtrue in https://github.com/rustfs/rustfs/pull/3110
- fix(site-replication): refresh TLS peer client and tls inspect alias by @houseme in https://github.com/rustfs/rustfs/pull/3109
- fix(iam): serialize IAM cache writes by @GatewayJ in https://github.com/rustfs/rustfs/pull/3105
- fix(ecstore): send valid ping body in remote locker by @houseme in https://github.com/rustfs/rustfs/pull/3112
- chore(deps): bump workspace dependencies by @houseme in https://github.com/rustfs/rustfs/pull/3118
- fix(utils): tolerate bavail greater than bfree on Linux by @houseme in https://github.com/rustfs/rustfs/pull/3119
- fix(config): restore default credential startup by @overtrue in https://github.com/rustfs/rustfs/pull/3114
- fix(sse): optimize is_encrypted for old metadata compatibility by @Littlew0od in https://github.com/rustfs/rustfs/pull/3113
- @dcode made their first contribution in https://github.com/rustfs/rustfs/pull/3049
Full Changelog: https://github.com/rustfs/rustfs/compare/1.0.0-beta.5...1.0.0-beta.6
3.2.2 (May 29th, 2026)
Nacos 3.2.2 is mainly a bugfix and experience-improvement release for the 3.2 series.
This release focuses on:
- Console experience improvements for Config, Naming, MCP, Skill, AI resources, and namespace workflows.
- Stability and compatibility fixes across Config, Naming, plugins, startup scripts, and AI resource handling.
- AI Registry import, discovery, publishing, subscription, and security improvements.
For AI Registry and Console users, this release adds or improves:
- Importing AI resources from operator-configured external registries.
- Skill well-known discovery, Skill subscription, and latest protocol adapter support.
- Config diff confirmation, Prompt Markdown download, and Skill upload lifecycle improvements.
It also fixes bugs across Config, Naming, Console, MCP, Skill, plugins, and client-side watch handling.
Detailed changes in this release:
[#14695] Support label-based matching for Config gray rules. [#14848] Add Prompt version download as Markdown. [#14907] Support specifying a target version when uploading Skills. [#14985] Add persistent instance deregistration support in Console v3. [#15022] Support optional Skill auto-publish after review. [#15031] Extend nacos.functionMode with microservice and ai modes. [#15142] Support drag-and-drop ZIP upload and batch Skill upload. [#15183] Support importing AI resources from operator-configured external registries, including MCP resources, Skill well-known resources, importer APIs, SPI models, built-in presets, and source-based import UI. [#15234] Support commit messages when uploading AI skills. [#15247] Support the latest Skill well-known protocol in the registry adapter. [#15263] Add Skill subscription support and refactor AgentSpec subscription to HTTP polling with 304 handling.
[#14833][#15221] Route AI resource version trace logging through trace events and the default plugin. [#14911] Split LDAP authentication into an optional plugin and package the LDAP plugin JAR. [#14983] Enforce non-frontmatter Markdown body content during Skill validation. [#15059] Add the reviewed version status after pipeline approval for Skill versions. [#15066] Harden AgentSpec ZIP parsing with Zip Slip, Zip Bomb, and entry-count defenses. [#15138] Add Config publish diff confirmation in the new Console. [#15145] Restrict forcePublish to valid Skill states and add pipeline stale flags for re-edit. [#15164] Make Skill ZIP entry and size limits configurable. [#15165] Parallelize AgentSpec storage writes to align with Skill behavior. [#15258] Enable reviewed status by default for the AI publish pipeline.
[#11122] Accept healthCheckEnabled as a Naming switch-entry alias. [#14774] Shade Caffeine into the OIDC plugin JAR to avoid NoClassDefFoundError. [#14882] Fix Console theme color loss by adding RGB fallbacks. [#14952] Fix the incorrect MCP protocol value when the restToMcp switch is off. [#14992] Add v3 Naming APIs to DistroFilter to fix client API instance registration and deregistration in clusters. [#14997] Preserve SKILL.md indentation and validate Skill versions during upload and download. [#15000] Add the missing group_id LIKE placeholder in BaseConfigInfoMapper. [#15004] Replace deprecated AccessControlException usage with SecurityException. [#15037] Fix access denied errors on Console history detail, rollback, and compare pages. [#15067] Fix the missing write lock in MemoryMcpCacheIndex#removeIndex. [#15073] Preserve multi-byte UTF-8 characters across DiskUtils chunk boundaries. [#15136] Fix the password modification dialog display. [#15141] Fix namespace description editing when namespaceId is missing. [#15150] Prevent PostgreSQL tenant nulls from causing config sync row explosions. [#15152] Fix Config page display mismatches after namespace switching. [#15160] Fix ConfigChangeAspect misclassifying Console config changes as RPC when srcType is missing. [#15162] Default unlisted AI resources to base64 to avoid UTF-8 corruption. [#15167] Fix Console controller mapping with request context paths. [#15171] Re-exec startup scripts under bash when invoked through sh. [#15192] Reject submit requests for non-draft AI resource versions to protect formal version status. [#15201] Fix Skill description inconsistencies between list and detail after uploading a new version. [#15207] Fix MCP Console editor regressions for object-type tool input fields. [#15228] Guard fuzzy-watch futures against lost and spurious wakeups. [#15240] Fix Skill install card overflow with long Skill names in Console next. [#15252] Preserve namespace context on Console AI resource pages.
[#15039] Upgrade the PostgreSQL JDBC driver from 42.7.2 to 42.7.11. [#15060] Upgrade Micrometer to 1.15.10 to fix the Prometheus endpoint. [#15087] Upgrade vulnerable dependencies reported for the Nacos server image and enable default AI importers. [#15148] Add a console-ui-next npm min-release-age policy for supply-chain security.
| Module | Java Required |
|---|---|
| Nacos-Server / Nacos-Console | Java 17 |
| Nacos-Client | Java 8 |
| Nacos-Maintainer-Client | Java 8 |
- @Wyhhhh24 made their first contribution in https://github.com/alibaba/nacos/pull/14971
- @zy84338719 made their first contribution in https://github.com/alibaba/nacos/pull/15060
- @grllll made their first contribution in https://github.com/alibaba/nacos/pull/15057
- @ViperThanks made their first contribution in https://github.com/alibaba/nacos/pull/15110
- @jay666mnj made their first contribution in https://github.com/alibaba/nacos/pull/15178
- @wansho made their first contribution in https://github.com/alibaba/nacos/pull/15167
- @Hccake made their first contribution in https://github.com/alibaba/nacos/pull/15161
- @elnafateh made their first contribution in https://github.com/alibaba/nacos/pull/15118
- @Jholly2008 made their first contribution in https://github.com/alibaba/nacos/pull/15204
- @wushiyuanmaimob made their first contribution in https://github.com/alibaba/nacos/pull/15226
Full Changelog: https://github.com/alibaba/nacos/compare/3.2.1...3.2.2
3.12.0 / 2026-05-28
- [SECURITY] Remote-write: Reject snappy-compressed requests whose declared decoded length exceeds the 32MB. Thanks to @hibrian827 for reporting it. #18642
- [SECURITY] STACKIT SD: Fix secrets being exposed in plaintext via
/-/configendpoint. Thanks to @August829 and @Phaxma for reporting. GHSA-39j6-789q-qxvh #18649 - [CHANGE] TSDB/Agent: Adds Start Timestamp field to all WAL Histogram samples in memory; used
st-storageflag is enabled. #18221 - [FEATURE] API: Add
/api/v1/status/self_metricsendpoint returning the current state of the Prometheus server's own metrics about itself as JSON. #18411 - [FEATURE] Discovery: Add DigitalOcean Managed Databases service discovery #18287
- [FEATURE] Prometheus: Add support for the aix/ppc64 compilation target #18321
- [FEATURE] Discovery: Add Outscale VM service discovery (
outscale_sd_configs) for discovering scrape targets from the Outscale Cloud API. #18139 - [FEATURE] PromQL: Emit a warning when
sort,sort_by_labelorsort_by_label_descis used within range (matrix) queries, as these functions do not have effect in that context. #18498 - [FEATURE] PromQL: Add
start(),end(),range(), andstep()experimental functions #17877 - [FEATURE] PromQL: Update
resets()function to consider start timestamp resets. Hidden behinduse-start-timestampsfeature flag. #18627 - [FEATURE] Prometheus: Promote auto-reload-config as stable #18620
- [FEATURE] TSDB/Agent: Add
CheckpointFromInMemorySeriesoption toagent.DBthat enables checkpoint based on in-memory series. #17948 - [FEATURE] UI: Add a web interface for deleting time series and cleaning tombstones, accessible from the Status menu. #18390
- [FEATURE] PromQL: Use start timestamps for
rate(),irate(), andincrease()calculations, behind a feature flaguse-start-timestamps. Doesn't work together with extended range selectorsanchoredandsmoothed`. #18344 - [FEATURE] Scrape: Added a feature flag
st-synthesiswhich synthesizes unknown STs for scraped cumulative metrics. Useful when Remote Writing 2.0 with delta or Otel-based backends. #18279 - [FEATURE] promqltest: support
@stannotation inloadblocks to specify per-sample start timestamps. #18360 - [ENHANCEMENT] API: reject concurrent fgprof profiles. #18651
- [ENHANCEMENT] AWS SD: Add optional
external_idfield to ECS/MSK/RDS/Elasticache. #18579 - [ENHANCEMENT] AWS SD: Add optional
external_idfield. #17171 - [ENHANCEMENT] Discovery: Propagate SD target updates faster by introducing dynamic backoff interval instead of static 5s interval for throttling. #18187
- [ENHANCEMENT] Promtool: Add
--headerflag toquery instantcommand, matching existingquery rangebehaviour. #18418 - [ENHANCEMENT]: AWS SD: Allows EC2 service discovery to discover IPv6 addresses to communicate with target endpoints. The private IPv4 address remains the default when both IPv4 and IPv6 addresses are present. #16088
- [PERF] TSDB: Make head chunk lookup in range queries constant time instead of quadratic time #18302
- [PERF] TSDB: Skip entire stripes in mmapHeadChunks when no series need mmapping, reducing CPU utilization significantly at production-relevant scales. #18541
- [PERF] TSDB: Skip clean series during periodic head chunk mmap using cached head chunk count #18272
- [PERF] PromQL: Address FloatHistogram.KahanAdd performance regression on Go 1.26. #18568
- [BUGFIX] PromQL: Fix
info()function incorrectly handling negated__name__matchers #17932 - [BUGFIX] API: Return duration expressions in
/parse_ast. #18624 - [BUGFIX] API: correctly document formats accepted for duration query request parameters (step, timeout and lookback delta) in OpenAPI spec #18305
- [BUGFIX] Scrape: AppenderV2 now tracks staleness even when OOO/duplicate series errors happen similar to AppenderV1 #18567
- [BUGFIX] Config: Validate remote_write queue_config fields at load time to prevent runtime panic and silent misconfiguration. #18209
- [BUGFIX] Discovery/Consul: Add
health_filterfor Health API filtering, fixing breakage when using Catalog-only fields likeServiceTagsinfilter. #18479 #18499 - [BUGFIX] OTLP: limit decompressed body size for gzip-encoded OTLP write requests. #18408
- [BUGFIX] PromQL: Fix
smoothedrate/increase returning zero instead of no result when all data falls strictly after the query range. #18523 - [BUGFIX] PromQL: Fix metric name not being dropped when last_over_time or first_over_time is applied to subqueries containing name-dropping functions like abs(). #18409
- [BUGFIX] PromQL: Fix missing warning when mixing exponential and custom-bucket histograms in stats queries. #18660
- [BUGFIX] PromQL: Fix parsing of
range()keyword in duration expressions such asfoo[5m+range()]. #18623 - [BUGFIX] PromQL: Fix smoothed vector selector returning no results in binary operations when the
@modifier is used. #18531 - [BUGFIX] PromQL: Reject NaN, infinite, and out-of-range duration expressions instead of silently producing an out-of-range time.Duration. #18639
- [BUGFIX] Scrape: Fix panic when scraping malformed native histograms. #18414
- [BUGFIX] Scrape: fix panic when scraping a target exposing a summary with no quantiles via the protobuf format. #18382
- [BUGFIX] Scrape: fix scrape failure log file occasionally not applied after a configuration reload. #18421
- [BUGFIX] TSDB: Allow retention percentage with new data path. #18628
- [BUGFIX] TSDB: Preserve decimal precision in percentage-based retention #18374
- [BUGFIX] TSDB: fix prometheus_tsdb_head_chunks going negative after WAL replay #18401
- [BUGFIX] TSDB: panic with native histograms during query of overlapping chunks. #18692
- [BUGFIX] Tracing: fix startup failure for insecure OTLP HTTP tracing #18469
- [BUGFIX] UI: Escape label values offered by PromQL autocomplete. #18658
- [BUGFIX] UI: Improve Y-axis tick label precision for graph values over small ranges. #18682
- [BUGFIX]
prometheus_sd_refresh*andprometheus_sd_discovered_targetsmetrics for specific scrape jobs are deleted when the scrape job is removed. #17614 - [BUGFIX] Remote: fixed validation for received RW2 requests when parsing metadata unit symbols. This fixes a case when request would cause (recovered) handler panic. #18641
- [BUGFIX] TSDB/Agent: fix race in agent appender where concurrent appends for the same label set could produce duplicate in-memory series and duplicate WAL records. #18292
- [BUGFIX] Config: Update
--enable-featureflag description and sort feature names. #18487
v1.45.1 🦒
- Revert autobatch deletions by filter with additions by @kerollmops in https://github.com/meilisearch/meilisearch/pull/6412
Full Changelog: https://github.com/meilisearch/meilisearch/compare/v1.45.0...v1.45.1
ThingsBoard 4.3.1.2 Release
- Fixed CWE-770 in Jackson Core by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15368
- Fixed CVE-2026-34487, CVE-2026-34486, CVE-2026-34483 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15417
- Fixed CVE-2025-70340: system alarm comments access control by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15377
- Fixed multiple CVEs: 2026-39364, 2026-39363, 2026-4800 by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15466
- Fixed CVE-2026-40895 by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15538
- Fixed CVE-2026-5588, CVE-2026-5598, CVE-2025-14813, CVE-2026-35554, CVE-2026-27314 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15458
- Fixed CVE-2026-40975, CVE-2026-40973, CVE-2026-22740, CVE-2026-42198 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15557
- Fixed SSRF vulnerability in AI model provider URLs by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15412
- Fixed SSRF and file access vulnerabilities in TBEL script sandbox by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15585
- Fixed CVE-2026-40682, CVE-2026-42027 by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15588
- Fixed CVE-2026-42579, CVE-2026-42583, CVE-2026-42584, CVE-2026-42587 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15598
- Hardened remote JS executor script invocation by @smatvienko-tb in https://github.com/thingsboard/thingsboard/pull/15600
- Fixed CVE-2026-41284, CVE-2026-43512 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15649
- Audit logging for tenant profile operations by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/13076
- Added entity keys V2 endpoint with sample values by @dskarzh in https://github.com/thingsboard/thingsboard/pull/15044
- Performance and reliability improvements for Efento message processing by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15333
- Refactored APIs to meet OpenAPI standard by @dashevchenko and @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15443
- Exposed HTTP response compression configuration params by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15520
- LZ4 compression support for Kafka by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15565
- Fixed WS sessions limit handling for public users by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15313
- Fixed REST API Call node blocking actor thread and semaphore permit leak by @smatvienko-tb in https://github.com/thingsboard/thingsboard/pull/15334
- Fixed entity filtering by boolean data key for EDQS by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15457
- Fixed alarm rule crash on duration source change by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15439
- Fixed MAX aggregation for mixed double and long telemetry values by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15560
- Added config property to control null ordering in dashboards by @dashevchenko in https://github.com/thingsboard/thingsboard/pull/15425
- Improved default tenant home dashboard by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15000
- Changed default "Add" button style in entity tables by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/14984
- Bumped Node.js version from 22.18.0 to 22.22.2 by @ViacheslavKlimov in https://github.com/thingsboard/thingsboard/pull/15330
- Enhanced localization: "save-to-gallery" translations by @deaflynx in https://github.com/thingsboard/thingsboard/pull/15339
- Exposed http-utils functions via WidgetContext.httpUtils by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15395
- Added roundDown option to ShortNumberPipe by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15393
- HTML container widget by @ikulikov in https://github.com/thingsboard/thingsboard/pull/15556
- Hidden "Add Telemetry" button for Entity view by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15362
- Added '@angular/core/rxjs-interop' to modules map by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15373
- Fixed Datasource determination for autocomplete patterns if datasource is empty by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15340
- Fixed hint alignment for propagate alarm rule field by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15360
- Fixed missing 'type' property in alarm rule condition on save by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15392
- Fixed select options being clipped in widget settings form by @vvlladd28 in https://github.com/thingsboard/thingsboard/pull/15399
- Fixed translation for Asset and Device profile by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15421
- Removed "Alarm rules" step from setting up device profile by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15422
- Fixed display long texts in Alarm asignee panel by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15408
- Fixed Alarm Assignee icon placement by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15423
- Adjusted size of entity type select to fit error message by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15427
- Fixed show/hide of custom header actions when using function to control visibility by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15430
- Fixed not set pageSize to child nodes in Entities hierarchy widget by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15433
- Fixed not process aggregation keys in Entities hierarchy widget by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15434
- Fixed icon placement in Value stepper icon by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15489
- Fixed display column panel hiding not selectable columns by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15490
- Fixed map shape labels drifting from center after viewport resize by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15531
- Map widget: fixed data aggregation for additional data keys and import/export widget JSON for polylines layer by @ChantsovaEkaterina in https://github.com/thingsboard/thingsboard/pull/15579
- Fixed CSV import not unescaping double quotes in unquoted fields by @ChantsovaEkaterina in https://github.com/thingsboard/thingsboard/pull/15581
- Removed unnecessary DomSanitizer bypass in photo camera input widget by @mtsymbarov-del in https://github.com/thingsboard/thingsboard/pull/15639
- Added automatic SSL/TLS certificate reload for transports without service restart by @AndriiLandiak in https://github.com/thingsboard/thingsboard/pull/15301
- Fixed app hanging on MQTT port conflict at startup by @zzzeebra in https://github.com/thingsboard/thingsboard/pull/15451
- SNMP: defer querying tasks until transport session is registered by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15346
- Added syncInProgress as edge attribute by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15111
- API key edge sync support by @volodymyr-babak in https://github.com/thingsboard/thingsboard/pull/15167
Full Changelog: https://github.com/thingsboard/thingsboard/compare/v4.3.1.1...v4.3.1.2