This release introduces fixes for a regression in v1.45.0, where we were batching deletions by filter with other deletions or additions. It also enables the new settings indexer to support more parameters, making the engine faster to index documents when those settings are specified.

• Support exact and disable on numbers in the new settings indexer by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6398 Introduce support for exact words and disable-on-words parameters in the new settings indexer, making the engine more efficient when changing these settings.

• Support computing prefixes in the new settings indexer by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6391 Support for the prefix search settings in the new settings indexer, so that changing this parameter makes the engine more efficient.

• Better limit read bytes when creating the S3 multipart part by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6405 This fixes an issue we had with the multipart part size by ensuring we never construct a part larger than the defined multipart part size. With this fix, we always create a multipart with the provided multipart part size, except for the last part. Thanks, @vidit-virmani, for the help investigating the issue.

• Batch of documentDeletionByFilter with documentAdditionOrUpdate by @Kerollmops and @ManyTheFish in https://github.com/meilisearch/meilisearch/pull/6415 Correctly implement the support for auto-batching deletion by filter with document replacement and updates. This fixes a regression introduced in v1.45.0.

• Fix a panic with incomplete filters by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6421 Fixes an internal panic when a filter is incomplete by returning an error instead.

• Bump tar from 0.4.45 to 0.4.46 by @dependabot[bot] in https://github.com/meilisearch/meilisearch/pull/6418

• OpenAPI CI: disable rule to avoid crash (workaround) by @curquiza in https://github.com/meilisearch/meilisearch/pull/6417
• Remove milli benchmarks by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6419
• Add precision in the index swap documentation by @ManyTheFish in https://github.com/meilisearch/meilisearch/pull/6408
• Fix broken links in the documentation by @Kerollmops in https://github.com/meilisearch/meilisearch/pull/6406

• Misc

  • fix(http): check delete request errors before auth by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9784
  • chore(weed/storage/needle): prune unused test functions by @alrs in https://github.com/seaweedfs/seaweedfs/pull/9812
  • [test] update docker image for s3test by @kmlebedev in https://github.com/seaweedfs/seaweedfs/pull/9811
  • security: hot-reload JWT signing keys on SIGHUP by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9826
  • ip.bind: bind outbound connections to the configured address by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9834
  • s3: actually bind outbound connections when -ip.bind is set by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9849
  • operation: index VidCache by map instead of slice by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9853
  • rust release: fix large-disk/normal binary overwrite + publish md5 checksums by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9862

• Volume Server

  • [CheckDisk]: implement disk health detection by @MilanFun in https://github.com/seaweedfs/seaweedfs/pull/9560
  • fix(needle): use discovered file content type by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9851
  • ec placement: spread EC shards evenly across machines, not onto the lowest-id one by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9855
  • Treat co-located volume servers as one fault domain when balancing and allocating by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9854
  • ec.balance: verify shard landed on destination before deleting the source by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9858

• Admin Server and Worker

  • fix(admin): make scheduler pruning lane-aware by @ahalaun in https://github.com/seaweedfs/seaweedfs/pull/9790
  • admin: show S3 servers under Cluster by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9847
  • worker: drop ec.balance from the default admin script by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9848
  • admin: default -dataDir to "." so maintenance task state persists across restarts by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9856
  • admin/maintenance: reload in-flight tasks on startup instead of discarding them by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9857

• S3 API

  • fix(s3/lifecycle): report success to admin via JobCompleted by @ahalaun in https://github.com/seaweedfs/seaweedfs/pull/9787
  • fix(s3api): authorize DeleteObjects per key so object-scoped policies match by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9793
  • fix(s3api): keep ListBucket resource ARN at bucket level by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9792
  • test(s3/iam): scope ListBucket isolation via s3:prefix condition by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9805
  • fix(iam): implement CreatePolicyVersion for managed policies by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9795
  • fix(iam): return a valid user ARN from CreateUser and GetUser by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9794
  • s3: route object reads to the key's owner filer by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9806
  • s3: defer a recently-unreachable owner that is also the current filer by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9808
  • s3: keep dynamic IAM live when -iam.config is set by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9817
  • s3: return BucketAlreadyOwnedByYou when recreating your own bucket by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9822
  • fix(s3api): standardize ETag calculation in copy handlers by @phucnguyen261199 in https://github.com/seaweedfs/seaweedfs/pull/9829
  • s3: make lifecycle TTL fast path per-bucket opt-in by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9825
  • filer: replicate RECOMPUTE_LATEST pointer updates to peers by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9840
  • s3: rescan .versions when the cached latest pointer is missing on a list by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9841
  • s3: list directory key objects in versioned bucket version listings by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9842
  • test(s3): deref Object.Size in versioned list assertion by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9843
  • test(s3): make the whole versioning suite pass and gate it in CI by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9844
  • s3: collapse suspended-versioning deletes onto one null marker by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9845
  • test(s3): address review feedback on the versioning suite by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9846
  • fix(s3api): require space in v2 auth prefix by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9852
  • fix(s3api): reject zero default retention years by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9860

• FUSE mount

  • fix(mount): don't strand a directory cached-but-empty when an eviction races a rebuild by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9791

• Filer

  • fix(log_buffer): re-check buffer before bailing with ResumeFromDiskError by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9804
  • filer: bound TraverseBfsMetadata memory by queuing directory paths by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9814
  • filer: stream persisted log files when serving metadata subscriptions by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9821
  • filer: keep S3 list order byte-lexicographic regardless of SQL name column collation by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9824
  • fix: handle meta backup offset errors safely by @7y-9 in https://github.com/seaweedfs/seaweedfs/pull/9818
  • feat(filer.backup): -initialSnapshot re-seeds a reinitialized destination by @kisow in https://github.com/seaweedfs/seaweedfs/pull/9828

• sFTPd

  • sftpd: support SSH user certificates signed by a trusted CA by @FabianHardt in https://github.com/seaweedfs/seaweedfs/pull/9815

• Master

  • fix(master): advance maxVolumeId when registering EC shards by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9827
  • master: grow rack-spanning volumes once per DC, capped at copy_N by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9835
  • vacuum: compact a read-only volume when an explicit volumeId is given by @chrislusf in https://github.com/seaweedfs/seaweedfs/pull/9861

• Helm Charts

  • fix(helm): suspend bucket versioning for YAML bool false by @lexfrei in https://github.com/seaweedfs/seaweedfs/pull/9836
  • fix(helm): deduplicate all-in-one extra environment variables by @lexfrei in https://github.com/seaweedfs/seaweedfs/pull/9837

• @ahalaun made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9790
• @FabianHardt made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9815
• @lexfrei made their first contribution in https://github.com/seaweedfs/seaweedfs/pull/9836

Full Changelog: https://github.com/seaweedfs/seaweedfs/compare/4.31...4.32

https://fluentbit.io/announcements/v5.0.7/

• release: update to 5.0.7 by @github-actions[bot] in https://github.com/fluent/fluent-bit/pull/11834
• http_server: serialize worker teardown to prevent race conditions by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11845
• http_server: fix libevent crash on connection drop by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11843
• out_chronicle: Support label and namespace mapping by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11836
• tests: internal: fuzzers: avoid destroying active input fuzzer tasks by @edsiper in https://github.com/fluent/fluent-bit/pull/11850
• config_format: fix YAML variant cleanup on parser errors by @edsiper in https://github.com/fluent/fluent-bit/pull/11857
• avro: Handle int64 values correctly by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11883
• tests: runtime: Stabilize out_lib test case by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11888
• in_elasticsearch: check map size before accessing first entry by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11856
• snappy: fix OOB reads in framed data parser by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11855
• zstd: add 100 MB decompression size limit by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11854
• in_mqtt: fix OOB read from hardcoded remaining length overhead by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11853
• in_collectd: reject parts with length < 4 and fix null-terminator OOB by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11849
• in_forward: validate array size before accessing message mode fields by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11851
• in_syslog: fix integer overflow in octet-counting length parser by @TristanInSec in https://github.com/fluent/fluent-bit/pull/11852
• out_stackdriver: fix multiple memory leaks and potential corruption by @baizhenyu in https://github.com/fluent/fluent-bit/pull/11879
• CODEOWNERS: remove @braydonk and @jefferbrecht by @braydonk in https://github.com/fluent/fluent-bit/pull/11909
• time: time_tz: Handle conversion rules of windows and IANA tzinfo by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11903
• storage: discard checksum corrupt chunks on startup by @edsiper in https://github.com/fluent/fluent-bit/pull/11886
• parser: Add IANA time_zone support for native timestamps by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11913
• workflows: pin all actions to SHA by @patrick-stephens in https://github.com/fluent/fluent-bit/pull/11908
• out_kinesis_streams: increase PUT_RECORDS_PAYLOAD_SIZE to 10MB by @ShelbyZ in https://github.com/fluent/fluent-bit/pull/11848
• in_stdin: support stdin plugin on windows by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11821
• in_ebpf: Implement dns trace by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11735
• out_s3: Provide options for inactive chunks behavior by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11816
• oauth: out_http: add user-agent option for oauth by @rja5 in https://github.com/fluent/fluent-bit/pull/11830
• in_tail: fix offset_key value multiplied by 8 on Windows 64-bit by @zshuang0316 in https://github.com/fluent/fluent-bit/pull/11893
• http_client_http2: bracket IPv6 authority hosts by @edsiper in https://github.com/fluent/fluent-bit/pull/11922

• @TristanInSec made their first contribution in https://github.com/fluent/fluent-bit/pull/11856
• @rja5 made their first contribution in https://github.com/fluent/fluent-bit/pull/11830

Full Changelog: https://github.com/fluent/fluent-bit/compare/v5.0.6...v5.0.7

OpenCV 5.0.0 released!

OpenCV 5.0.0 overview: https://opencv.org/opencv-5 OpenCV 4.x -> 5.x migration guide: https://github.com/opencv/opencv/wiki/OpenCV-4-to-5-migration

🔒 Security

• Bound default HTTP/2 server limits to mitigate memory exhaustion.
• Upgrade Rustls-related dev-dependencies to address rustls-webpki security advisories.

⚙️ Miscellaneous Tasks

• Pin tracing dependencies to preserve Rust 1.84 compatibility.
• Use cargo check for MSRV verification instead of compiling dev-dependencies during tests.
• Update the Semgrep OSS scanning workflow.
• Use valid paths in header serialization tests.
• Gate HTTP/1 CONNECT tests on patched HTTP/1 support.

Update urgency: HIGH: There are critical bugs that may affect a subset of users.

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #15163 MULTI queue memory incorrect memory accounting
• #14581 Rare server hang at shutdown
• #14545 ACL: AOF loading fails if ACL rules are changed and don't allow some commands in MULTI-EXEC
• #14537 SCAN: restore original filter order (revert change introduced in 8.2)
• #14816 setModuleEnumConfig() passing prefixed name to module callbacks
• #14659 ACL: Key-pattern bypass in MSETEX
• #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete entries for DELREF/ACKED strategies
• #14552 Streams: Incorrect behavior when using XDELEX...ACKEDafterXGROUP DESTROY`
• #14848 Crash during command processing on replicas performing full synchronization
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Update urgency: HIGH: There are critical bugs that may affect a subset of users.

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #15163 MULTI queue memory incorrect memory accounting
• #15115 Under-copy in the Lua debugger
• #15094 Cluster crash when CLIENT KILL unsubscribes SSUBSCRIBE client inside EXEC
• #14963 XREADGROUP: consumer replication inconsistency
• #14934 Client output buffer memory tracking not accounting for copy-avoided bulk string references
• #14970 Sentinel config injection via SENTINEL SET
• #14982 SCAN commands: integer overflow in COUNT parameter
• #15073 CLIENT TRACKING: self-overlap returning non-zero loop index
• #15059 Use-after-free
• #15037 XINFO STREAM: wrong value in the per-slot memory tracking
• #15034, #15081 Issues processing corrupt RDB data
• #15021 HEXPIRE: overflow on fields count
• #14942 Fix COMMAND GETKEYS for PFMERGE with no source keys
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Update urgency: HIGH: There are critical bugs that may affect a subset of users.

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #14537 SCAN: restore original filter order (revert change introduced in 8.2)
• #14816 setModuleEnumConfig() passing prefixed name to module callbacks
• #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete entries for DELREF/ACKED strategies
• #14552 Streams: Incorrect behavior when using XDELEX...ACKEDafterXGROUP DESTROY`
• #14420 Shutdown blocked client not being properly reset after shutdown cancellation
• #14415 Potential crash in lookupKey() when executing_client is NULL
• #14417 CLUSTER FORGET - heap-buffer-overflow
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Download Kong 3.9.2 and run it now:

https://konghq.com/install/ Docker Image

Links:

3.9.2 Changelog