Full Changelog: https://github.com/Netflix/zuul/compare/v3.4.1...v3.4.2

• Fix ByteBuf leak on invalid Content-Length in Http2ContentLengthEnforcingHandler by @gavinbunney in https://github.com/Netflix/zuul/pull/2082
• Refactor Http2ContentLengthEnforcingHandler for readability by @gavinbunney in https://github.com/Netflix/zuul/pull/2083
• Skip invalid X-Forwarded-Port header in getOriginalPort by @gavinbunney in https://github.com/Netflix/zuul/pull/2084
• Upgrade GitHub Actions for Node 24 compatibility by @salmanmkc in https://github.com/Netflix/zuul/pull/2055
• build(deps): bump org.slf4j:slf4j-simple from 2.0.13 to 2.0.17 by @dependabot[bot] in https://github.com/Netflix/zuul/pull/2045
• build(deps): bump com.google.errorprone:error_prone_core from 2.36.0 to 2.45.0 by @dependabot[bot] in https://github.com/Netflix/zuul/pull/2047

• @salmanmkc made their first contribution in https://github.com/Netflix/zuul/pull/2055

Full Changelog: https://github.com/Netflix/zuul/compare/v3.4.0...v3.4.1

This release includes 6 updates, covering multiple aspects such as feature enhancements, bug fixes, and performance optimizations.

• New Features: 4
• Bug Fixes: 2

• Related PR: #666
  Contributor: @johnlanni
  Change Log: This PR adds support for pluginImageRegistry and pluginImageNamespace fields along with the corresponding environment variables, allowing users to customize the image registry and namespace of built-in plugins without directly editing configuration files.
  Feature Value: Provides users with more flexibility in configuring the source of built-in plugin images, enhancing system configurability and flexibility, and simplifying the management process.

• Related PR: #665
  Contributor: @johnlanni
  Change Log: Added support for Zhipu AI's Code Plan mode and Claude Code mode, including custom domain configuration, code plan mode switching, and API version configuration.
  Feature Value: This feature expands the options for AI service providers, allowing users to choose different advanced configurations based on their needs, especially optimized for code generation, improving development efficiency and flexibility.

• Related PR: #661
  Contributor: @johnlanni
  Change Log: This PR enables a lightweight mode in the ai-statistics plugin configuration by setting use_default_response_attributes: true to optimize AI routing performance, suitable for production environments.
  Feature Value: Using lightweight mode avoids unnecessary response attribute buffering, improving system performance and stability, providing a better user experience, especially in high-concurrency scenarios.

• Related PR: #657
  Contributor: @liangziccc
  Change Log: Added filtering functionality to the route management page, including five dimensions such as route name and domain, and supports switching between Chinese and English. The original input box search method has been removed.
  Feature Value: Improves the efficiency and experience of users when managing routes, enabling them to find and locate specific route configuration information more accurately.

• Related PR: #662
  Contributor: @johnlanni
  Change Log: This PR changes the OCI image path of mcp-server to match the new plugin structure. Specifically, it updates the mcp-server image path from mcp-server/all-in-one to plugins/mcp-server.
  Feature Value: By correcting the mcp-server image path, it ensures consistency with the new repository structure, preventing service deployment failures or functional anomalies due to incorrect paths.

• Related PR: #654
  Contributor: @fgksking
  Change Log: This PR fixes the issue of empty request body schema values displayed in swagger-ui by upgrading the springdoc-built-in swagger-ui dependency version, ensuring the accuracy of the API documentation.
  Feature Value: Resolves the problem of missing request body information due to a lower swagger-ui version, improving the user experience and development efficiency when using APIs.

• 🚀 New Features: 4
• 🐛 Bug Fixes: 2

Total: 6 changes

Thank you to all contributors for their hard work! 🎉

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.10...v2.1.11

Prometheus now offers a distroless Docker image variant alongside the default busybox image. The distroless variant provides enhanced security with a minimal base image, uses UID/GID 65532 (nonroot) instead of nobody, and removes the VOLUME declaration. Both variants are available with -busybox and -distroless tag suffixes (e.g., prom/prometheus:latest-busybox, prom/prometheus:latest-distroless). The busybox image remains the default with no suffix for backwards compatibility (e.g., prom/prometheus:latest points to the busybox variant).

For users migrating existing named volumes from the busybox image to the distroless variant, the ownership can be adjusted with:

docker run --rm -v prometheus-data:/prometheus alpine chown -R 65532:65532 /prometheus

Then, the container can be started with the old volume with:

docker run -v prometheus-data:/prometheus prom/prometheus:latest-distroless

User migrating from bind mounts might need to ajust permissions too, depending on their setup.

• [CHANGE] Alerting: Add alertmanager dimension to following metrics: prometheus_notifications_dropped_total, prometheus_notifications_queue_capacity, prometheus_notifications_queue_length. #16355
• [CHANGE] UI: Hide expanded alert annotations by default, enabling more information density on the /alerts page. #17611
• [FEATURE] AWS SD: Add MSK Role. #17600
• [FEATURE] PromQL: Add fill() / fill_left() / fill_right() binop modifiers for specifying default values for missing series. #17644
• [FEATURE] Web: Add OpenAPI 3.2 specification for the HTTP API at /api/v1/openapi.yaml. #17825
• [FEATURE] Dockerfile: Add distroless image variant using UID/GID 65532 and no VOLUME declaration. Busybox image remains default. #17876
• [FEATURE] Web: Add on-demand wall time profiling under <URL>/debug/pprof/fgprof. #18027
• [ENHANCEMENT] PromQL: Add more detail to histogram quantile monotonicity info annotations. #15578
• [ENHANCEMENT] Alerting: Independent alertmanager sendloops. #16355
• [ENHANCEMENT] TSDB: Experimental support for early compaction of stale series in the memory with configurable threshold stale_series_compaction_threshold in the config file. #16929
• [ENHANCEMENT] Service Discovery: Service discoveries are now removable from the Prometheus binary through the Go build tag remove_all_sd and individual service discoveries can be re-added with the build tags enable_<sd name>_sd. Users can build a custom Prometheus with only the necessary SDs for a smaller binary size. #17736
• [ENHANCEMENT] Promtool: Support promql syntax features promql-duration-expr and promql-extended-range-selectors. #17926
• [PERF] PromQL: Avoid unnecessary label extraction in PromQL functions. #17676
• [PERF] PromQL: Improve performance of regex matchers like .*-.*-.*. #17707
• [PERF] OTLP: Add label caching for OTLP-to-Prometheus conversion to reduce allocations and improve latency. #17860
• [PERF] API: Compute /api/v1/targets/relabel_steps in a single pass instead of re-running relabeling for each prefix. #17969
• [PERF] tsdb: Optimize LabelValues intersection performance for matchers. #18069
• [BUGFIX] PromQL: Prevent query strings containing only UTF-8 continuation bytes from crashing Prometheus. #17735
• [BUGFIX] Web: Fix missing X-Prometheus-Stopping header for /-/ready endpoint in NotReady state. #17795
• [BUGFIX] PromQL: Fix PromQL info() function returning empty results when filtering by a label that exists on both the input metric and target_info. #17817
• [BUGFIX] TSDB: Fix a bug during exemplar buffer grow/shrink that could cause exemplars to be incorrectly discarded. #17863
• [BUGFIX] UI: Fix broken graph display after page reload, due to broken Y axis min encoding/decoding. #17869
• [BUGFIX] TSDB: Fix memory leaks in buffer pools by clearing reference fields (Labels, Histogram pointers, metadata strings) before returning buffers to pools. #17879
• [BUGFIX] PromQL: info function: fix series without identifying labels not being returned. #17898
• [BUGFIX] OTLP: Filter __name__ from OTLP attributes to prevent duplicate labels. #17917
• [BUGFIX] TSDB: Fix division by zero when computing stale series ratio with empty head. #17952
• [BUGFIX] OTLP: Fix potential silent data loss for sum metrics. #17954
• [BUGFIX] PromQL: Fix smoothed interpolation across counter resets. #17988
• [BUGFIX] PromQL: Fix panic with @ modifier on empty ranges. #18020
• [BUGFIX] PromQL: Fix avg_over_time for a single native histogram. #18058

• Documentation
• Commit Log
• Maintenance Policy
• Release Policy
• Release Schedule
• Changelog: RC1 RC2

Special thanks to the following individuals for their excellent contributions:

• @mmoayyed
• @leleuj
• @ilgrosso
• @marcinroman
• @liujed

Cherry-picked changes

Cherry-picked changes

• Introduce the idea of filter constraints by @jguerra in https://github.com/Netflix/zuul/pull/2072
• Refactor BaseZuulFilterRunner for readability by @gavinbunney in https://github.com/Netflix/zuul/pull/2074
• fmt by @gavinbunney in https://github.com/Netflix/zuul/pull/2076

Full Changelog: https://github.com/Netflix/zuul/compare/v3.3.9...v3.4.0