• Preserve failure nf status set by recordFinalError in buildZuulHttpResponse by @lindseyreynolds in https://github.com/Netflix/zuul/pull/2131

Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.6...v3.6.7

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

ETCD_VER=v3.7.0-beta.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd

# write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

ETCD_VER=v3.7.0-beta.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64

/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

etcd uses gcr.io/etcd-development/etcd as a primary container registry, and quay.io/coreos/etcd as secondary.

ETCD_VER=v3.7.0-beta.0

rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \
  docker rmi gcr.io/etcd-development/etcd:${ETCD_VER} || true && \
  docker run \
  -p 2379:2379 \
  -p 2380:2380 \
  --mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \
  --name etcd-gcr-${ETCD_VER} \
  gcr.io/etcd-development/etcd:${ETCD_VER} \
  /usr/local/bin/etcd \
  --name s1 \
  --data-dir /etcd-data \
  --listen-client-urls http://0.0.0.0:2379 \
  --advertise-client-urls http://0.0.0.0:2379 \
  --listen-peer-urls http://0.0.0.0:2380 \
  --initial-advertise-peer-urls http://0.0.0.0:2380 \
  --initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new \
  --log-level info \
  --logger zap \
  --log-outputs stderr

docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcd --version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdutl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl endpoint health
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl put foo bar
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl get foo

• Revert "Return bad request for invalid URI" by @fool1280 in https://github.com/Netflix/zuul/pull/2134

Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.5...v3.6.6

Upgrade urgency LOW: This is the first stable release of Valkey 9.1.

• (CVE-2026-23479) Use-After-Free in unblock client flow
• (CVE-2026-25243) Invalid Memory Access in RESTORE command
• (CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

• Add cluster bus network traffic usage metric in bytes by @hpatro (#3396)
• Reduce latency spikes during rehashing via incremental page release by @chzhoo (#3481)

• Fix(syncio): Set errno on EOF in syncRead and propagate to conn->last by @abmathur-ie (#3580)
• Fix GEOSEARCH BYPOLYGON leak on invalid COUNT by @bandalgomsu (#3568)
• Handle NULL pointer in streamTrim listpack delta calculation by @smkher (#3591)
• Fixes server crash when RDMA benchmark clients disconnect by @quanyeyang (#3448)
• Fix the memory leak in valkey-benchmark by @nmvk (#3643)

Please note: When updating your database, you should connect using psql with the -X flag to prevent any .psqlrc commands from accidentally triggering the load of a previous DB version.

This release contains performance improvements and bug fixes since the 2.27.0 release. We recommend that you upgrade at the next available opportunity.

Bugfixes

• #9795 Delete orphaned compression_settings before migrating catalog table
• #9799 Fix job_errors view leaking failed jobs to non-owners
• #9800 Check hypertable ownership before recompression
• #9801 Fix information leak in policy_reorder_remove
• #9824 Adding migration scripts for composite bloom filters
• #9828 Skip columnar index scan when grouping by an expression
• #9830 Skip ColumnarIndexScan for GROUPING SETS / ROLLUP / CUBE

Thanks

• @homanp for reporting an information leak with the job_errors view

This release contains security fixes, new features (especially around PromQL and Service Discovery), performance improvements in TSDB, Start Timestamp improvements and numerous bug fixes.

Thanks to all contributors!

• Security: Two security vulnerabilities have been addressed: a denial of service in remote-write (snappy decompression limit) and a secret exposure leak in STACKIT service discovery.
• PromQL & Metadata: Several features and bug fixes related to the experimental "start timestamps" support, including updates to rate(), irate(), increase(), and resets(). New experimental functions start(), end(), range(), and step() are introduced.
• TSDB Performance: Optimizations in head chunk lookup (constant time) and mmap operations to reduce CPU usage.
• Service Discovery: Added support for DigitalOcean Managed Databases and Outscale VM, along with improvements to AWS SD (IPv6 support for EC2, external ID support).
• UI: Added a web interface for deleting time series and cleaning tombstones.

• [SECURITY] Remote: Reject snappy-compressed received requests via Remote Write whose declared decoded length exceeds the 32MB. Thanks to @hibrian827 for reporting it. #18642
• [SECURITY] STACKIT SD: Fix secrets being exposed in plaintext via /-/config endpoint. Thanks to @August829 and @Phaxma for reporting. GHSA-39j6-789q-qxvh #18649
• [CHANGE] TSDB/Agent: Adds Start Timestamp field to all WAL Histogram samples in memory; used st-storage flag is enabled. #18221
• [FEATURE] API: Add /api/v1/status/self_metrics endpoint returning the current state of the Prometheus server's own metrics about itself as JSON. #18411
• [FEATURE] Discovery: Add DigitalOcean Managed Databases service discovery #18287
• [FEATURE] Prometheus: Add support for the aix/ppc64 compilation target #18321
• [FEATURE] Discovery: Add Outscale VM service discovery (outscale_sd_configs) for discovering scrape targets from the Outscale Cloud API. #18139
• [FEATURE] PromQL: Emit a warning when sort, sort_by_label or sort_by_label_desc is used within range (matrix) queries, as these functions do not have effect in that context. #18498
• [FEATURE] PromQL: Add start(), end(), range(), and step() experimental functions #17877
• [FEATURE] PromQL: Update resets() function to consider start timestamp resets. Hidden behind use-start-timestamps feature flag. #18627
• [FEATURE] Prometheus: Promote auto-reload-config as stable #18620
• [FEATURE] TSDB/Agent: Add CheckpointFromInMemorySeries option to agent.DB that enables checkpoint based on in-memory series. #17948
• [FEATURE] UI: Add a web interface for deleting time series and cleaning tombstones, accessible from the Status menu. #18390
• [FEATURE] PromQL: Use start timestamps for rate(), irate(), and increase()calculations, behind a feature flaguse-start-timestamps. Doesn't work together with extended range selectors anchoredandsmoothed`. #18344
• [FEATURE] Scrape: Added a feature flag st-synthesis which synthesizes unknown STs for scraped cumulative metrics. Useful when Remote Writing 2.0 with delta or Otel-based backends. #18279
• [FEATURE] promqltest: support @st annotation in load blocks to specify per-sample start timestamps. #18360
• [ENHANCEMENT] API: reject concurrent fgprof profiles. #18651
• [ENHANCEMENT] AWS SD: Add optional external_id field to ECS/MSK/RDS/Elasticache. #18579
• [ENHANCEMENT] AWS SD: Add optional external_id field. #17171
• [ENHANCEMENT] Discovery: Propagate SD target updates faster by introducing dynamic backoff interval instead of static 5s interval for throttling. #18187
• [ENHANCEMENT] Promtool: Add --header flag to query instant command, matching existing query range behaviour. #18418
• [ENHANCEMENT]: AWS SD: Allows EC2 service discovery to discover IPv6 addresses to communicate with target endpoints. The private IPv4 address remains the default when both IPv4 and IPv6 addresses are present. #16088
• [PERF] TSDB: Make head chunk lookup in range queries constant time instead of quadratic time #18302
• [PERF] TSDB: Skip entire stripes in mmapHeadChunks when no series need mmapping, reducing CPU utilization significantly at production-relevant scales. #18541
• [PERF] TSDB: Skip clean series during periodic head chunk mmap using cached head chunk count #18272
• [PERF] PromQL: Address FloatHistogram.KahanAdd performance regression on Go 1.26. #18568
• [BUGFIX] PromQL: Fix info() function incorrectly handling negated __name__ matchers #17932
• [BUGFIX] API: Return duration expressions in /parse_ast. #18624
• [BUGFIX] API: correctly document formats accepted for duration query request parameters (step, timeout and lookback delta) in OpenAPI spec #18305
• [BUGFIX] Scrape: AppenderV2 now tracks staleness even when OOO/duplicate series errors happen similar to AppenderV1 #18567
• [BUGFIX] Config: Validate remote_write queue_config fields at load time to prevent runtime panic and silent misconfiguration. #18209
• [BUGFIX] Discovery/Consul: Add health_filter for Health API filtering, fixing breakage when using Catalog-only fields like ServiceTags in filter. #18479 #18499
• [BUGFIX] OTLP: limit decompressed body size for gzip-encoded OTLP write requests. #18408
• [BUGFIX] PromQL: Fix smoothed rate/increase returning zero instead of no result when all data falls strictly after the query range. #18523
• [BUGFIX] PromQL: Fix metric name not being dropped when last_over_time or first_over_time is applied to subqueries containing name-dropping functions like abs(). #18409
• [BUGFIX] PromQL: Fix missing warning when mixing exponential and custom-bucket histograms in stats queries. #18660
• [BUGFIX] PromQL: Fix parsing of range() keyword in duration expressions such as foo[5m+range()]. #18623
• [BUGFIX] PromQL: Fix smoothed vector selector returning no results in binary operations when the @ modifier is used. #18531
• [BUGFIX] PromQL: Reject NaN, infinite, and out-of-range duration expressions instead of silently producing an out-of-range time.Duration. #18639
• [BUGFIX] Scrape: Fix panic when scraping malformed native histograms. #18414
• [BUGFIX] Scrape: fix panic when scraping a target exposing a summary with no quantiles via the protobuf format. #18382
• [BUGFIX] Scrape: fix scrape failure log file occasionally not applied after a configuration reload. #18421
• [BUGFIX] TSDB: Allow retention percentage with new data path. #18628
• [BUGFIX] TSDB: Preserve decimal precision in percentage-based retention #18374
• [BUGFIX] TSDB: fix prometheus_tsdb_head_chunks going negative after WAL replay #18401
• [BUGFIX] TSDB: panic with native histograms during query of overlapping chunks. #18692
• [BUGFIX] Tracing: fix startup failure for insecure OTLP HTTP tracing #18469
• [BUGFIX] UI: Escape label values offered by PromQL autocomplete. #18658
• [BUGFIX] UI: Improve Y-axis tick label precision for graph values over small ranges. #18682
• [BUGFIX] prometheus_sd_refresh* and prometheus_sd_discovered_targets metrics for specific scrape jobs are deleted when the scrape job is removed. #17614
• [BUGFIX] Remote: fixed validation for received RW2 requests when parsing metadata unit symbols. This fixes a case when request would cause (recovered) handler panic. #18641
• [BUGFIX] TSDB/Agent: fix race in agent appender where concurrent appends for the same label set could produce duplicate in-memory series and duplicate WAL records. #18292
• [BUGFIX] Config: Update --enable-feature flag description and sort feature names. #18487

• Return bad request for invalid URI by @fool1280 in https://github.com/Netflix/zuul/pull/2127

Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.4...v3.6.5

• Return bad request for invalid URI by @fool1280 in https://github.com/Netflix/zuul/pull/2127

Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.4...v3.6.5

QuestDB 9.4.0 introduces a compact, high-performance posting and covering index for SYMBOL columns, a local parquet metadata sidecar that unlocks row-group pruning, parallelised SAMPLE BY FILL with new cross-column FILL(PREV) syntax, three new window functions, and sparkline() / bar() text visualisations. It also delivers meaningful GROUP BY / hash-join speed-ups and fixes a number of correctness issues across the SQL planner, the WAL apply path, and the PGWire protocol.

For any questions or feedback, please join us on Slack or on Discourse.

See also our prettier release notes page.

A new INDEX TYPE POSTING for SYMBOL columns delivers ~13x smaller index files and 1.3-1.5x faster lookups vs. the BITMAP index, at a ~9% write-amplification cost. An optional INCLUDE (...) list builds a covering sidecar so queries that read only the indexed column plus the included columns skip the column files entirely:

CREATE TABLE trades (
    ts TIMESTAMP,
    sym SYMBOL INDEX TYPE POSTING INCLUDE (price, qty),
    price DOUBLE,
    qty INT
) TIMESTAMP(ts) PARTITION BY DAY;

ALTER TABLE trades
    ALTER COLUMN sym ADD INDEX TYPE POSTING INCLUDE (price, qty);

Supported query shapes that benefit from the covering path include WHERE sym = 'X', WHERE sym IN (...), LATEST ON ts PARTITION BY sym, and SELECT DISTINCT sym. Covering data is ALP-compressed for FLOAT/DOUBLE, FoR bit-packed for integer types, and FSST-compressed for STRING/VARCHAR. Native AVX2 decoding fast paths kick in for common bit-widths.

A few practical notes:

• ⚠️ Drop the posting index before rolling back to an older QuestDB version. Pre-9.4.0 binaries do not recognise the new index type in column metadata and will refuse to open a table that has a posting index. If you need to downgrade, run ALTER TABLE <t> ALTER COLUMN <sym> DROP INDEX on every posting-indexed column first.
• High-cardinality SYMBOL columns benefit most — hundreds to thousands of distinct values on wide tables where the win from skipping full column files is largest.
• The designated timestamp is auto-appended to INCLUDE when you supply an INCLUDE clause, so SHOW CREATE TABLE renders INCLUDE (price, qty) back as INCLUDE (price, qty, ts). Controlled by cairo.posting.index.auto.include.timestamp (default true).
• Verify the covering path with EXPLAIN — the plan shows CoveringIndex on: sym with: ..., with op: latest for LATEST ON queries and op: distinct for SELECT DISTINCT. SHOW COLUMNS and table_columns() also expose new indexType and indexInclude fields.
• Async GROUP BY and filter paths through the covering index are currently slower than the regular plan in some workloads. A follow-up release will close this gap. If EXPLAIN shows a query picking the covering path and you see a regression, opt that query out with /*+ no_covering */ (or /*+ no_index */ to disable indexing entirely) until the optimisations land.

See the posting index and covering index documentation for the full feature reference, encoding variants (POSTING DELTA / POSTING EF, both for benchmarking), and storage layout details. by @bluestreak01 in #6861

Each parquet partition now ships with a compact binary _pm sidecar that stores column descriptors, per-row-group byte ranges, encodings and min/max statistics. The query planner reads pruning information from _pm without ever opening data.parquet, which is a prerequisite for efficient cold-storage scans. A migration (Mig940) generates _pm files for all existing parquet partitions on engine upgrade. by @RaphDal in #6913

Imagine a stream of FX quotes where you want one-minute bars of average bid and ask. On quiet minutes you want both prices to show the last known ask — not the last bid for bid_price and the last ask for ask_price, which is what FILL(PREV, PREV) would give you. Before 9.4.0 that meant dropping down to a CTE with last_value(...) IGNORE NULLS OVER (...) and a coalesce per column. Now it is a one-liner:

SELECT timestamp, symbol,
       avg(bid_price) AS bid_price,
       avg(ask_price) AS ask_price
FROM core_price
WHERE symbol = 'EURUSD' AND timestamp IN '$today'
SAMPLE BY 100T FILL(PREV(ask_price), PREV);

FILL(PREV(col_ref)) carries the previous value of another aggregate column by alias. The reference must match the target column's type, cannot be broadcast across aggregates, and is rejected when either side is a SYMBOL. FILL(NULL), FILL(<constant>), and bare FILL(PREV) can be mixed freely in the same per-aggregate fill list.

At the same time, SAMPLE BY FILL(NULL | <constant> | PREV) moves from the sequential cursor path onto QuestDB's parallel GROUP BY path. Read-side wins compound for keyed queries on wide tables and for queries with FROM/TO boundaries — keyed FROM-TO with constant bounds is also now supported natively, removing the previous cookbook workaround.

Other fixes that ride along:

• Sub-day SAMPLE BY with TIME ZONE and FROM/TO no longer misaligns the fill grid by the timezone offset.
• ALIGN TO CALENDAR WITH OFFSET combined with FILL no longer falls into an infinite fill loop.
• SAMPLE BY FILL now works on tables with pre-1970 timestamps.

FILL(LINEAR) and ALIGN TO FIRST OBSERVATION continue to use the cursor path. See the SAMPLE BY FILL options and the Fill from one column cookbook recipe. by @jovfer in #6946

• ntile(n) — distributes rows of an ordered partition into n approximately equal buckets.
• cume_dist() — cumulative distribution of the current row within its partition.
• nth_value(expr, n) — the n-th value within the current frame; supports DOUBLE, LONG, and TIMESTAMP arguments. Works with ROWS and RANGE frames.

All three honour PARTITION BY and ORDER BY. by @jovfer in #6925 and #7037

Two new functions render numeric data as Unicode glyphs directly in SQL output:

SELECT symbol, sparkline(price) FROM trades SAMPLE BY 1m;
-- ▁▂▄▆█▇▅▃▂▁

SELECT symbol, bar(volume, 0, max(volume) OVER ()) FROM daily_volumes;
-- ▊▋▌▍▎▏

sparkline() is an aggregate that renders a trend line with auto-scaling, clamping and width control. bar() is a scalar that renders a single value as a horizontal bar with eight levels of sub-character precision. Both return VARCHAR and work across all clients. by @javier in #6975

PARQUET_ENCODING(...) now propagates through projected streaming parquet exports — COPY (SELECT ...) TO ... WITH format parquet and /exp?query=... preserve the configured encoding instead of silently reverting to defaults for pass-through columns. by @RaphDal in #6949

• Parallel keyed GROUP BY: batched aggregate dispatch eliminates per-row virtual calls on the reducer, with up to ~4.6x speed-up on single-column count() over fixed-size keys and 1.4-1.8x on multi-aggregate GROUP BY queries. Also fixes a pre-existing data-correctness bug in count(uuid) for UUIDs whose high half equals Long.MIN_VALUE. by @puzpuzpuz in #6959
• GROUP BY, hash joins and count_distinct: a faster xxh3-derived hash finalizer and denser hash tables shave ~15-25% off many GROUP BY queries and improve worst-case probe behaviour by orders of magnitude on adversarial inputs. ClickBench total time improves by ~1.2% across 43 queries. by @puzpuzpuz in #6997
• Parallel top-K with SELECT projections: ORDER BY ... LIMIT N now uses the parallel top-K path even when a column projection (duplicate columns, computed columns) sits between the limit and the filtered scan. by @DHRUV6029 in #6993
• Timestamp equality filters: comparing a TIMESTAMP column against a string bind variable (or any runtime constant) no longer re-parses the value on every row. EXPLAIN plans may show the equality arguments swapped. by @jerrinot in #6986
• Lateral join decorrelation: shared sub-query computations now execute once instead of being cloned per correlated reference, by introducing a shared-cursor framework that GROUP BY factories also use. by @kafka1991 in #6941

• Create materialized view from the table menu: a new context-menu action on tables and existing materialized views generates a starter CREATE MATERIALIZED VIEW statement and drops it into the editor. From a base table the generator infers REFRESH IMMEDIATE, SAMPLE BY, PARTITION BY and TTL per QuestDB's default rules, and picks sum/last aggregates by column-name pattern. From an existing materialized view it produces a downsample one rung up the SAMPLE BY ladder, re-roots WITH BASE at the source view, rewrites aggregates against the layer-1 aliases, and steps TTL up to match. Disabled on non-WAL tables and tables without a designated timestamp. in questdb/ui#557

• Context-aware SQL autocompletion: function suggestions now filter by grammar context, so the popup stops dumping the full function list at every identifier position. Examples:

  • SELECT * FROM trades WHERE price = c| previously mixed scalars and aggregates (coalesce, count, count_distinct, corr, covar_*, ...) and now suggests scalars only (coalesce, concat, cos, ceil).
  • SELECT * FROM trades ASOF JOIN m| shrinks from 332 mixed entries to the three actual join targets (materialized_views, memory_metrics, table_writer_metrics).
  • INSERT INTO trades VALUES (n| previously offered nothing; now suggests now, now_ns, nullif, nanos, netmask.

  Statement-start suggestions also include implicit-SELECT targets, and the editor no longer hangs on a trailing comma in the SELECT list. in questdb/ui#556

• Fixed window functions nested inside GROUP BY expressions producing wrong results — e.g. avg(x) - avg(x) OVER () combined with GROUP BY. Such shapes are now rejected at compile time with a clear error rather than computing silently incorrect output. by @jovfer in #6943
• Fixed nested window inside aggregate with explicit GROUP BY (max(avg(x) OVER ()) patterns). by @jovfer in #6955
• Fixed EMA, VWEMA and KSUM failures when combined with other window functions in the same query. by @jerrinot in #7030
• Fixed WINDOW JOIN crash when the master side projects a symbol column. by @puzpuzpuz in #7098
• Fixed wrong results from the JIT filter when UUID bind variables are involved. by @nwoolmer in #7049
• Fixed BETWEEN evaluation inside sub-expressions (e.g. when it appears as an operand of a larger boolean expression). by @brunocalza in #7044
• Fixed silent drop of outer-join predicates of the form y.a = y.b (both sides on the slave); fixed NOT rewriting in UNION ALL queries that previously only descended into the left side; isolated parser state to allow concurrent SqlParser instances. by @bluestreak01 in #7027
• Fixed empty LIMIT inside a DECLARE sub-query. by @jerrinot in #6979
• Fixed crash on SELECT-CHOOSE with an explicit timestamp clause combined with a column rename. by @bluestreak01 in #6987
• Fixed ASOF/LT joins losing the timestamp shift when the slave subquery already shifts its timestamp. by @jerrinot in #6981
• Fixed arg_max / arg_min returning the wrong precision when the timestamp argument is a TIMESTAMP_NS column. by @bluestreak01 in #7078
• Fixed SAMPLE BY bucket timestamp after a DST-skipped day. by @bluestreak01 in #6988

• Fixed a rare WAL apply live-lock when transactions are committed at a very high rate. by @ideoma in #7064
• Fixed a race between WAL writer open and the table-drop purge. by @kafka1991 in #7090
• Fixed a server-main error on a WAL table rename race. by @jerrinot in #7046
• Fixed incorrect write amplification and dedup counts reported by tables(). by @nwoolmer in #7047
• Avoided a redundant bitmap-index rollback after a WAL O3 append. by @jerrinot in #6971

• Fixed memory corruption from malformed PGWire messages. by @bluestreak01 in #6983
• Fixed partial query result when re-binding a suspended portal in PGWire. by @RaphDal in #7066
• Fixed JSON-escaping of CHAR column values in /exec and /query responses. by @jerrinot in #7106

• feat(core): add compact, high-performance posting index for symbol columns by @bluestreak01 in #6861
• feat(core): add local parquet metadata sidecar file for optimized query planning by @RaphDal in #6913
• feat(sql): add cross-column FILL(PREV) and parallelise SAMPLE BY FILL by @jovfer in #6946
• feat(sql): add ntile, cume_dist, and nth_value window functions by @jovfer in #6925
• feat(sql): add nth_value support for LONG and TIMESTAMP arguments by @jovfer in #7037
• feat(sql): add sparkline() and bar() text visualization functions by @javier in #6975
• feat(sql): add configurable encodings on parquet export by @RaphDal in #6949
• perf(sql): speed up parallel keyed GROUP BY queries by introducing batch calls by @puzpuzpuz in #6959
• perf(sql): speed up GROUP BY, hash joins, and count_distinct with a faster hash finalizer by @puzpuzpuz in #6997
• perf(sql): apply parallel top-K to queries with SELECT projections by @DHRUV6029 in #6993
• perf(sql): cache operands in timestamp equality filters by @jerrinot in #6986
• perf(sql): share repeated computations in lateral join decorrelation by @kafka1991 in #6941
• fix(core): avoid redundant bitmap index rollback after WAL O3 append by @jerrinot in #6971
• fix(sql): report empty LIMIT in DECLARE subquery by @jerrinot in #6979
• fix(sql): preserve shifted timestamps for ASOF/LT joins by @jerrinot in #6981
• fix(sql): fix crash on select-choose with explicit timestamp and column rename by @bluestreak01 in #6987
• fix(sql): fix SAMPLE BY DST bucket timestamp after a skipped day by @bluestreak01 in #6988
• fix(pgwire): fix memory corruption from malformed wire messages by @bluestreak01 in #6983
• fix(sql): fix window functions nested inside GROUP BY expressions producing wrong results by @jovfer in #6943
• fix(sql): fix nested window inside aggregate with explicit GROUP BY by @jovfer in #6955
• fix(core): avoid server-main error on WAL table rename race by @jerrinot in #7046
• fix(sql): between and inside sub-expression by @brunocalza in #7044
• fix(sql): fix wrong results from JIT filter with UUID bind variables by @nwoolmer in #7049
• fix(sql): preserve outer-join predicates, fix NOT in UNION, isolate parser state by @bluestreak01 in #7027
• fix(sql): fix EMA, VWEMA and KSUM failures in combined window queries by @jerrinot in #7030
• fix(wal): correct write amplification and dedup counts in tables() by @nwoolmer in #7047
• fix(pgwire): fix partial query result when re-binding a suspended portal by @RaphDal in #7066
• fix(sql): return correct precision from arg_max/arg_min on TIMESTAMP_NS columns by @bluestreak01 in #7078
• fix(core): fix rare WAL apply live lock when transactions are committed at a very high rate by @ideoma in #7064
• fix(core): fix race between WAL writer open and table drop purge by @kafka1991 in #7090
• fix(sql): WINDOW JOIN crash when master projects a symbol column by @puzpuzpuz in #7098
• fix(http): JSON-escape CHAR column values in /exec and /query responses by @jerrinot in #7106

Full Changelog: 9.3.5...9.4.0

Meilisearch v1.44.0 adds remote federated facet search, indexing performance improvements, and other improvements and bugfixes. It also contains a couple of breaking changes, detailed below.

• When using the network experimental feature, with sharding enabled (leader is not null in the network configuration), POST /indexes/{indexUid}/facet-search calls now default to a remote federated facet search, fetching and merging results from all shards in the network.
• The timeout for calling an external REST embedder at search time is now tied to the searchCutOffMs defined in the index, rather than fixed.
  • If you observe missing semantic results after upgrading, or HTTP 500 errors for pure semantic search, please increase the value of the search cutoff in the index settings.
  • By @dureuill in https://github.com/meilisearch/meilisearch/pull/6377

Meilisearch now has the ability to search across all shards of a network during facet search via the existing dedicated facet search route.

• If you are using the network experimental feature and have a leader defined for your network, remote calls are now the default for calls to POST /indexes/{indexUid}/facet-search
• The behavior can be controlled explicitly via the new useNetwork parameter of the facet search object.

By @dureuill in https://github.com/meilisearch/meilisearch/pull/6375

Reduces allocated memory when computing prefixes and speeds up some operations to avoid unnecessary deserialization.

If you still see high memory usage while the engine is post-processing, we recommend using the --experimental-reduce-indexing-memory-usage option.

By @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6334

This PR upgrades the cellulite library to a version that includes a GeoJSON indexing optimization. With this change, GeoJSON indexing avoids reprocessing documents that were already indexed in dense cells, and only handles newly added documents incrementally as they descend through the recursive cell tree.

By @YoEight in https://github.com/meilisearch/meilisearch/pull/6374

Adds two new query parameters to GET /indexes/{indexUid}/stats and GET /stats:

• showInternalDatabaseSizes: boolean, optional, defaults to false. When present, the index stat objects in responses of the stat routes now contain an additional internalDatabaseSizes key, whose value is a dictionary of the internal database names and their current size in the index, like in the stats object of a batch.
• sizeFormat: human or raw: optional, defaults to raw. When present and set to human, then all database sizes in responses of the stat routes will be returned as a string containing an appropriate unit (MiB, GiB, etc). When missing or set to raw, then the current behavior of expressing the size in bytes as a number is retained.

Note for integrations: The keys in internalDatabaseSizes are subject to change and should not be exposed as a strongly typed object. This is the same as the existing internalDatabaseSizes in batch stats.

// curl -X GET "http://localhost:7700/indexes/movies/stats?showInternalDatabaseSizes=true"
{
  "numberOfDocuments": 31944,
  "rawDocumentDbSize": 20594688,
  "avgDocumentSize": 636,
  "isIndexing": false,
  "internalDatabaseSizes": {
    "wordPairProximityDocids": 100827136,
    "documents": 20594688,
    "wordPositionDocids": 18694144,
    "wordFidDocids": 10715136,
    "wordPrefixPositionDocids": 10256384,
    "wordDocids": 9453568,
    "wordPrefixFidDocids": 4603904,
    "wordPrefixDocids": 3424256,
    "main": 1425408,
    "externalDocumentsIds": 999424,
    "fieldIdWordCountDocids": 245760,
    "exactWordPrefixDocids": 16384,
    "celluliteMetadata": 16384
  },
  "numberOfEmbeddings": 0,
  "numberOfEmbeddedDocuments": 0,
  "fieldDistribution": {
    "genres": 31944,
    "id": 31944,
    "overview": 31944,
    "poster": 31944,
    "release_date": 31944,
    "title": 31944
  }
}

// curl -X GET "http://localhost:7700/stats?showInternalDatabaseSizes=true&sizeFormat=human"
{
  "databaseSize": "351.38 MiB",
  "usedDatabaseSize": "350.64 MiB",
  "lastUpdate": "2026-04-16T13:07:02.74243Z",
  "indexes": {
    "comics": {
      "numberOfDocuments": 31944,
      "rawDocumentDbSize": "23.14 MiB",
      "avgDocumentSize": "751 B",
      "isIndexing": false,
      "internalDatabaseSizes": {
        "wordPairProximityDocids": "98.06 MiB",
        "documents": "23.14 MiB",
        "wordPositionDocids": "17.22 MiB",
        "wordFidDocids": "10.36 MiB",
        "wordPrefixPositionDocids": "9.47 MiB",
        "wordDocids": "8.97 MiB",
        "wordPrefixFidDocids": "4.36 MiB",
        "wordPrefixDocids": "3.27 MiB",
        "main": "1.36 MiB",
        "externalDocumentsIds": "944 KiB",
        "fieldIdWordCountDocids": "240 KiB",
        "exactWordPrefixDocids": "16 KiB",
        "celluliteMetadata": "16 KiB"
      },
      "numberOfEmbeddings": 0,
      "numberOfEmbeddedDocuments": 0,
      "fieldDistribution": {
        "genres": 31944,
        "id": 31944,
        "overview": 31944,
        "poster": 31944,
        "release_date": 31944,
        "title": 31944
      }
    },
    "movies": {
      "numberOfDocuments": 31944,
      "rawDocumentDbSize": "19.64 MiB",
      "avgDocumentSize": "636 B",
      "isIndexing": false,
      "internalDatabaseSizes": {
        "wordPairProximityDocids": "96.16 MiB",
        "documents": "19.64 MiB",
        "wordPositionDocids": "17.83 MiB",
        "wordFidDocids": "10.22 MiB",
        "wordPrefixPositionDocids": "9.78 MiB",
        "wordDocids": "9.02 MiB",
        "wordPrefixFidDocids": "4.39 MiB",
        "wordPrefixDocids": "3.27 MiB",
        "main": "1.36 MiB",
        "externalDocumentsIds": "976 KiB",
        "fieldIdWordCountDocids": "240 KiB",
        "exactWordPrefixDocids": "16 KiB",
        "celluliteMetadata": "16 KiB"
      },
      "numberOfEmbeddings": 0,
      "numberOfEmbeddedDocuments": 0,
      "fieldDistribution": {
        "genres": 31944,
        "id": 31944,
        "overview": 31944,
        "poster": 31944,
        "release_date": 31944,
        "title": 31944
      }
    }
  }
}

// curl -X GET "http://localhost:7700/stats"
{
  "databaseSize": 368443392,
  "usedDatabaseSize": 367673344,
  "lastUpdate": "2026-04-16T13:07:02.74243Z",
  "indexes": {
    "comics": {
      "numberOfDocuments": 31944,
      "rawDocumentDbSize": 24264704,
      "avgDocumentSize": 751,
      "isIndexing": false,
      "numberOfEmbeddings": 0,
      "numberOfEmbeddedDocuments": 0,
      "fieldDistribution": {
        "genres": 31944,
        "id": 31944,
        "overview": 31944,
        "poster": 31944,
        "release_date": 31944,
        "title": 31944
      }
    },
    "movies": {
      "numberOfDocuments": 31944,
      "rawDocumentDbSize": 20594688,
      "avgDocumentSize": 636,
      "isIndexing": false,
      "numberOfEmbeddings": 0,
      "numberOfEmbeddedDocuments": 0,
      "fieldDistribution": {
        "genres": 31944,
        "id": 31944,
        "overview": 31944,
        "poster": 31944,
        "release_date": 31944,
        "title": 31944
      }
    }
  }
}

By @dureuill in https://github.com/meilisearch/meilisearch/pull/6338

• Settings changes performed via a settings subroute (not the "all settings" route) are now correctly propagated to other remotes on the network. By @dureuill in https://github.com/meilisearch/meilisearch/pull/6380
• The chat route no longer fails in some condition when using Mistral as a provider. By @renezander030 in https://github.com/meilisearch/meilisearch/pull/6327
• Prevent accidentally renaming a remote when modifying the network configuration. By @dureuill in https://github.com/meilisearch/meilisearch/pull/6370

• Replace boolean by PatternMatch for searchable by @ManyTheFish in https://github.com/meilisearch/meilisearch/pull/6344
• Add query to federated search metadata by @StephaneRob in https://github.com/meilisearch/meilisearch/pull/6371
• Remove issue template for feature issues by @curquiza in https://github.com/meilisearch/meilisearch/pull/6372
• Improve the documentation of the health route by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6376

• @renezander030 made their first contribution in https://github.com/meilisearch/meilisearch/pull/6327
• @quyentonndbs made their first contribution in https://github.com/meilisearch/meilisearch/pull/6382

Full Changelog: https://github.com/meilisearch/meilisearch/compare/v1.43.1...v1.44.0