• [99a4e51f93] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
• [fbe4da5725] - (SEMVER-MINOR) deps: add LIEF as a dependency (Joyee Cheung) #61167
• [0feab0f083] - (SEMVER-MINOR) deps: add tools and scripts to pull LIEF as a dependency (Joyee Cheung) #61167
• [e91b296001] - (SEMVER-MINOR) fs: add ignore option to fs.watch (Matteo Collina) #61433
• [b351910af1] - (SEMVER-MINOR) sea: add --build-sea to generate SEA directly with Node.js binary (Joyee Cheung) #61167
• [957292e233] - (SEMVER-MINOR) sea: split sea binary manipulation code (Joyee Cheung) #61167
• [f289817ff8] - (SEMVER-MINOR) sqlite: enable defensive mode by default (Bart Louwers) #61266
• [069f3603e2] - (SEMVER-MINOR) sqlite: add sqlite prepare options args (Guilherme Araújo) #61311
• [5a984b9a09] - src: use node- prefix on thread names (Stewart X Addison) #61307
• [75c06bc2a8] - (SEMVER-MINOR) test: migrate to --build-sea in existing SEA tests (Joyee Cheung) #61167
• [cabd58f1cb] - (SEMVER-MINOR) test: use fixture directories for sea tests (Joyee Cheung) #61167
• [ff1fcabfc9] - (SEMVER-MINOR) test_runner: support expecting a test-case to fail (Jacob Smith) #60669

• [778a56f3c9] - assert,util: fix deep comparison for sets and maps with mixed types (Ruben Bridgewater) #61388
• [32cd18e37f] - async_hooks: enabledHooksExist shall return if hooks are enabled (Gerhard Stöbich) #61054
• [482b2568bc] - benchmark: add SQLite benchmarks (Guilherme Araújo) #61401
• [e9a34263bb] - buffer: make methods work on Uint8Array instances (Neal Beeken) #56578
• [8255cdefcf] - build: add --shared-nbytes configure flag (Antoine du Hamel) #61341
• [8dd379d110] - build: update android-patches/trap-handler.h.patch (Mo Luo) #60369
• [1b4b5eb0e4] - build: update devcontainer.json to use paired nix env (Joyee Cheung) #61414
• [86e2a763ad] - build: infer cargo mode with gyp var build_type directly (Chengzhong Wu) #61354
• [7e211e6942] - build: add embedtest into native suite (Joyee Cheung) #61357
• [637470e79f] - build: fix misplaced comma in ldflags (hqzing) #61294
• [a1a0f77a45] - build: fix crate vendor file checksums on windows (Chengzhong Wu) #61329
• [d597b8e342] - build,tools: fix addon build deadlock on errors (Vladimir Morozov) #61321
• [b5cdc27ba4] - build,win: improve logs when ClangCL is missing (Mike McCready) #61438
• [ef01f0c033] - build,win: update WinGet configurations to Python 3.14 (Mike McCready) #61431
• [d8a1cdeefe] - child_process: treat ipc length header as unsigned uint32 (Ryuhei Shima) #61344
• [588b00fafa] - cluster: fix port reuse between cluster (Ryuhei Shima) #60141
• [99a4e51f93] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
• [048f7a5c9c] - deps: upgrade npm to 11.8.0 (npm team) #61466
• [fbe4da5725] - (SEMVER-MINOR) deps: add LIEF as a dependency (Joyee Cheung) #61167
• [0feab0f083] - (SEMVER-MINOR) deps: add tools and scripts to pull LIEF as a dependency (Joyee Cheung) #61167
• [4bb00d7e3c] - deps: update googletest to 85087857ad10bd407cd6ed2f52f7ea9752db621f (Node.js GitHub Bot) #61417
• [6a3c614f27] - deps: update sqlite to 3.51.2 (Node.js GitHub Bot) #61339
• [13c0397d6d] - deps: update icu to 78.2 (Node.js GitHub Bot) #60523
• [098ec6f196] - deps: update ada to v3.4.0 (Yagiz Nizipli) #61315
• [320b576125] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #61135
• [98f5e7cf51] - deps: V8: cherry-pick highway@dcc0ca1cd42 (Richard Lau) #61008
• [e326df79c9] - deps: V8: backport 209d2db9e24a (Zhijin Zeng) #61322
• [ccfd9d9b30] - doc: remove v prefix for version references (Mike McCready) #61488
• [b6cc5d77a1] - doc: mention constructor comparison in assert.deepStrictEqual (Hamza Kargin) #60253
• [236d7ee635] - doc: add CVE delay mention (Rafael Gonzaga) #61465
• [0729fb6ee7] - doc: update previous version links in BUILDING (Mike McCready) #61457
• [0fb464252f] - doc: include OpenJSF handle for security stewards (Rafael Gonzaga) #61454
• [3331bdca7c] - doc: clarify process.argv[1] behavior for -e/--eval (Jeevankumar S) #61366
• [94b34c38e2] - doc: remove Windows Dev Home instructions from BUILDING (Mike McCready) #61434
• [a17016ee81] - doc: clarify TypedArray properties on Buffer (Roman Reiss) #61355
• [214fac9d7e] - doc: update Python 3.14 manual install instructions (Windows) (Mike McCready) #61428
• [6a32a685a6] - doc: note resume build should not be done on node-test-commit (Stewart X Addison) #61373
• [2a8e8dfaf3] - doc: refine WebAssembly error documentation (sangwook) #61382
• [f3caf27f8b] - doc: add deprecation history for url.parse (Eng Zer Jun) #61389
• [5ab8057856] - doc: add marco and rafael in last sec release (Marco Ippolito) #61383
• [f83cb1e785] - doc: packages: example of private import switch to internal (coderaiser) #61343
• [3d23bcd0e2] - doc: add esm and cjs examples to node:v8 (Alfredo González) #61328
• [1d159550e0] - doc: added 'secure' event to tls.TLSSocket (ikeyan) #61066
• [90080d2892] - doc: restore @watilde to collaborators (Daijiro Wachi) #61350
• [a87f7a50f8] - doc: run license-builder (github-actions[bot]) #61348
• [adf5c84701] - doc: clean up writing-and-running-benchmarks.md (Hardanish Singh) #61345
• [2be98add0c] - doc: document ALPNCallback option for TLSSocket constructor (ikeyan) #61331
• [2db4893c8d] - esm: ensure watch mode restarts after syntax errors (Xavier Stouder) #61232
• [828feb2e6b] - events: remove redundant todo (Gürgün Dayıoğlu) #60595
• [e91b296001] - (SEMVER-MINOR) fs: add ignore option to fs.watch (Matteo Collina) #61433
• [606184fae5] - fs: remove duplicate getValidatedPath calls (Mert Can Altin) #61359
• [434fcd7f8f] - fs: fix errorOnExist behavior for directory copy in fs.cp (Nicholas Paun) #60946
• [bacba16f5e] - fs: fix ENOTDIR in globSync when file is treated as dir (sangwook) #61259
• [7697ce0310] - fs: remove duplicate fd validation in sync functions (Mert Can Altin) #61361
• [8abd54f597] - gyp: aix: change gcc version detection so CXX="ccache g++" works (Stewart X Addison) #61464
• [24033ee7ea] - http: fix rawHeaders exceeding maxHeadersCount limit (Max Harari) #61285
• [cf56327939] - http2: validate initialWindowSize per HTTP/2 spec (Matteo Collina) #61402
• [696935eeeb] - inspector: initial support storage inspection (Ryuhei Shima) #61139
• [3d5e718e38] - lib: fix typo in util.js comment (Taejin Kim) #61365
• [f55a5fea00] - lib: fix TypeScript support check in jitless mode (sangwook) #61382
• [b3fbc3c375] - meta: do not fast-track npm updates (Antoine du Hamel) #61475
• [2423ecdaef] - meta: fix typos in issue template config (Daijiro Wachi) #61399
• [e2df85a33a] - meta: label v8 module PRs (René) #61325
• [bc9e5f7d4d] - node-api: fix node_api_create_object_with_properties name (Vladimir Morozov) #61319
• [4f30c21c59] - node-api: use Node-API in comments (Vladimir Morozov) #61320
• [62d71eb28d] - quic: copy options.certs buffer instead of detaching (Chengzhong Wu) #61403
• [4bbbe75ba1] - quic: move quic behind compile time flag (Matteo Collina) #61444
• [b351910af1] - (SEMVER-MINOR) sea: add --build-sea to generate SEA directly with Node.js binary (Joyee Cheung) #61167
• [957292e233] - (SEMVER-MINOR) sea: split sea binary manipulation code (Joyee Cheung) #61167
• [f289817ff8] - (SEMVER-MINOR) sqlite: enable defensive mode by default (Bart Louwers) #61266
• [6442229880] - sqlite: add some tests (Guilherme Araújo) #61410
• [069f3603e2] - (SEMVER-MINOR) sqlite: add sqlite prepare options args (Guilherme Araújo) #61311
• [df02d00d61] - src: improve StringBytes::Encode perf on UTF8 (Сковорода Никита Андреевич) #61131
• [e35814ba80] - src: add missing override specifier to Clean() (Tobias Nießen) #61429
• [803ff7d3de] - src: cache context lookup in vectored io loops (Mert Can Altin) #61387
• [58abe99cbf] - src: cache missing package.json files in the C++ package config cache (Michael Smith) #60425
• [2a542094e4] - src: use starts_with instead of rfind/find (Tobias Nießen) #61426
• [77cacf6d9d] - src: use C++ nullptr in sqlite (Tobias Nießen) #61416
• [344cc629d4] - src: use C++ nullptr in webstorage (Tobias Nießen) #61407
• [9f25cad26c] - src: fix pointer alignment (jhofstee) #61336
• [5a984b9a09] - src: use node- prefix on thread names (Stewart X Addison) #61307
• [d4cf423a65] - stream: export namespace object from internal end-of-stream module (René) #61455
• [7d8232e34c] - test: add some validation for JSON doc output (Antoine du Hamel) #61413
• [75c06bc2a8] - (SEMVER-MINOR) test: migrate to --build-sea in existing SEA tests (Joyee Cheung) #61167
• [cabd58f1cb] - (SEMVER-MINOR) test: use fixture directories for sea tests (Joyee Cheung) #61167
• [bcffca8911] - test: aix: mark test_threadsafe_function/test flaky on AIX (Stewart X Addison) #61452
• [29399501c1] - test: add implicit test for fs dispose handling with using (Ilyas Shabi) #61140
• [3bb481571a] - test: reveal wpt evaluation errors in status files (Chengzhong Wu) #61358
• [a132be7f71] - test: check new WebCryptoAPI enum values (Filip Skokan) #61406
• [72f1463735] - test: split test-esm-loader-hooks (Joyee Cheung) #61374
• [39105e4c5f] - test: aix: mark test-emit-on-destroyed as flaky (Stewart X Addison) #61381
• [3f17acfb1c] - test: add webidl web-platform tests (Yagiz Nizipli) #61316
• [89983cf747] - test: update url web-platform tests (Yagiz Nizipli) #61315
• [73c0a242d7] - test: forbid use of named imports for fixtures (Antoine du Hamel) #61228
• [a49d54308e] - test: enforce better never-settling-promise detection (Antoine du Hamel) #60976
• [335cb0b5cc] - test: ensure assertions are reached on all tests (Antoine du Hamel) #60845
• [5ee02c789a] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60763
• [141fb82ffb] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60760
• [edf90ce457] - test: use RegExp.escape to improve test reliability (Antoine du Hamel) #60803
• [f5f9b2dcf6] - test: ensure assertions are reached on more tests (Antoine du Hamel) #60728
• [ec1cbbe0b6] - test_runner: fix memory leaks in runner (Abhishek Kv. Savani) #60860
• [399ac68427] - test_runner: fix coverage report when a directory is named file (Heath Dutton🕴️) #61169
• [6e1beda333] - test_runner: print info when test restarts (Xavier Stouder) #61160
• [f5803ccb86] - test_runner: fix rerun ambiguous test failures (Moshe Atlow) #61392
• [a5a4c3eb44] - test_runner: nix dead reporter code (Vas Sudanagunta) #59700
• [ff1fcabfc9] - (SEMVER-MINOR) test_runner: support expecting a test-case to fail (Jacob Smith) #60669
• [ade4fc2338] - tools: copyedit Nix files (Antoine du Hamel) #61447
• [7c2242beb9] - tools: validate release commit diff as part of lint-release-proposal (Antoine du Hamel) #61440
• [ca4ebed258] - tools: use ad-hoc flag to lint Nix files (Antoine du Hamel) #61405
• [05ce2c87f3] - tools: fix vcbuild lint-js-build (Vladimir Morozov) #61318
• [41adb54a37] - tools: enforce trailing commas in test/es-module (Antoine du Hamel) #60891
• [eebd732a52] - tools: enforce trailing commas in test/sequential (Antoine du Hamel) #60892
• [8b73739e03] - typings: add typing for string_decoder (Taejin Kim) #61368
• [e88dd012ad] - v8: changing total_allocated_bytes to avoid ABI changes (Caio Lima) #60800
• [c75ad3d87d] - v8: add GCProfiler support for erm (Ilyas Shabi) #61191
• [611c179663] - zlib: validate write_result array length (Ryuhei Shima) #61342

The search query object passed in the body of POST /indexes/{:indexUid}/search now accepts an optional boolean useNetwork. When present and set to true, the search is executed "as-if" it was a remote federated search over all remotes in the network.

That is, the following:

// POST /indexes/movies/search
{
  "q": "Batman dark knight returns 1",
  "filter": "genres IN [Action, Adventure]",
  "facets": ["genres"],
  "useNetwork": true, // ✨ NEW
  "limit": 5
}

Is executed by Meilisearch as if it was the following, assuming a network of 3 Meilisearch instances with names "0", "1" and "2":

// POST /multi-search
{
    "federation": {
        "limit": 5,
        "facetsByIndex": {
            "movies": [
                "genres"
            ]
        },
        "merge": {}
    },
    "queries": [
        {
            "indexUid": "movies",
            "federationOptions": {
                "remote": "0"
            },
            "q": "Batman dark knight returns 1",
            "filter": "genres IN [Action, Adventure]"
        },
        {
            "indexUid": "movies",
            "federationOptions": {
                "remote": "1"
            },
            "q": "Batman dark knight returns 1",
            "filter": "genres IN [Action, Adventure]"
        },
        {
            "indexUid": "movies",
            "federationOptions": {
                "remote": "2"
            },
            "q": "Batman dark knight returns 1",
            "filter": "genres IN [Action, Adventure]"
        }
    ]
}

Resulting in:

{
  "hits": [
    {
      "id": 123025,
      "title": "Batman: The Dark Knight Returns, Part 1",
      "overview": "Batman has not been seen for ten years. A new breed of criminal ravages Gotham City, forcing 55-year-old Bruce Wayne back into the cape and cowl. But, does he still have what it takes to fight crime in a new era?",
      "genres": [
        "Action",
        "Animation",
        "Mystery"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/kkjTbwV1Xnj8wBL52PjOcXzTbnb.jpg",
      "release_date": 1345507200,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 2,
        "weightedRankingScore": 0.9894586894586894,
        "remote": "2"
      }
    },
    {
      "id": 142061,
      "title": "Batman: The Dark Knight Returns, Part 2",
      "overview": "Batman has stopped the reign of terror that The Mutants had cast upon his city.  Now an old foe wants a reunion and the government wants The Man of Steel to put a stop to Batman.",
      "genres": [
        "Action",
        "Animation",
        "Mystery"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/arEZYd6uMOFTILne9Ux0A8qctMe.jpg",
      "release_date": 1357171200,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 0.9894558963186414,
        "remote": "1"
      }
    },
    {
      "id": 16234,
      "title": "Batman Beyond: Return of the Joker",
      "overview": "The Joker is back with a vengeance, and Gotham's newest Dark Knight needs answers as he stands alone to face Gotham's most infamous Clown Prince of Crime.",
      "genres": [
        "Animation",
        "Family",
        "Action",
        "Science Fiction"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/7RlBs0An83fqAuKfwH5gKMcqgMc.jpg",
      "release_date": 976579200,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 0.9427964918160996,
        "remote": "1"
      }
    },
    {
      "id": 155,
      "title": "The Dark Knight",
      "overview": "Batman raises the stakes in his war on crime. With the help of Lt. Jim Gordon and District Attorney Harvey Dent, Batman sets out to dismantle the remaining criminal organizations that plague the streets. The partnership proves to be effective, but they soon find themselves prey to a reign of chaos unleashed by a rising criminal mastermind known to the terrified citizens of Gotham as the Joker.",
      "genres": [
        "Drama",
        "Action",
        "Crime",
        "Thriller"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/qJ2tW6WMUDux911r6m7haRef0WH.jpg",
      "release_date": 1216166400,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 0.5784178187403994,
        "remote": "1"
      }
    },
    {
      "id": 49026,
      "title": "The Dark Knight Rises",
      "overview": "Following the death of District Attorney Harvey Dent, Batman assumes responsibility for Dent's crimes to protect the late attorney's reputation and is subsequently hunted by the Gotham City Police Department. Eight years later, Batman encounters the mysterious Selina Kyle and the villainous Bane, a new terrorist leader who overwhelms Gotham's finest. The Dark Knight resurfaces to protect a city that has branded him an enemy.",
      "genres": [
        "Action",
        "Crime",
        "Drama",
        "Thriller"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/vzvKcPQ4o7TjWeGIn0aGC9FeVNu.jpg",
      "release_date": 1342396800,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 2,
        "weightedRankingScore": 0.5772657450076805,
        "remote": "2"
      }
    }
  ],
  "query": "Batman dark knight returns 1",
  "processingTimeMs": 173,
  "limit": 5,
  "offset": 0,
  "estimatedTotalHits": 47,
  "facetDistribution": {
    "genres": {
      "Action": 46,
      "Adventure": 15,
      "Animation": 34,
      "Comedy": 3,
      "Crime": 14,
      "Drama": 6,
      "Family": 15,
      "Fantasy": 8,
      "Horror": 1,
      "Mystery": 4,
      "Romance": 1,
      "Science Fiction": 14,
      "TV Movie": 4,
      "Thriller": 4,
      "Western": 1
    }
  },
  "facetStats": {},
  "requestUid": "019bbcf4-a609-7701-8d82-d370611adfb3",
  "remoteErrors": {}
}

useNetwork requires the network experimental feature to be enabled.

Passing useNetwork=true as a query parameter to GET /indexes/{:indexUid}/search has the same effect as passing useNetwork: true as a field parameter to POST /indexes/{:indexUid}/search

• useNetwork can also be passed as a field of the individual queries inside of a multi-search request.
• When used on a query in a non-federated search request, it has the same effect as on POST /indexes/{:indexUid}/search for that query
• When used on a query in a federated search request, the request is executed "as-if" one query per remote of the network had been performed.

Federated search example:

{
    "federation": {
        "limit": 5
    },
    "queries": [
        {
            "q": "Batman returns",
            "indexUid": "mieli",
            "useNetwork": true
        },
        {
            "q": "Superman returns",
            "indexUid": "mieli",
            "useNetwork": true
        }
    ]
}

{
  "hits": [
    {
      "id": 364,
      "title": "Batman Returns",
      "overview": "While Batman deals with a deformed man calling himself the Penguin, an employee of a corrupt businessman transforms into the Catwoman.",
      "genres": [
        "Action",
        "Fantasy"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/jKBjeXM7iBBV9UkUcOXx3m7FSHY.jpg",
      "release_date": 708912000,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 0,
        "weightedRankingScore": 1.0,
        "remote": "1"
      }
    },
    {
      "id": 1452,
      "title": "Superman Returns",
      "overview": "Superman returns to discover his 5-year absence has allowed Lex Luthor to walk free, and that those he was closest to felt abandoned and have moved on. Luthor plots his ultimate revenge that could see millions killed and change the face of the planet forever, as well as ridding himself of the Man of Steel.",
      "genres": [
        "Science Fiction",
        "Action",
        "Adventure"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/qIegbn6DSUYmggfwxOBNOVS35q.jpg",
      "release_date": 1151452800,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 1.0,
        "remote": "0"
      }
    },
    {
      "id": 324249,
      "title": "Requiem for Krypton: Making 'Superman Returns'",
      "overview": "A detailed behind-the-scenes documentary on the making of Superman Returns.",
      "genres": [
        "Documentary"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/eC1XKswKSoyDyJXXZszLTuwUHli.jpg",
      "release_date": 1164672000,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 0.9907407407407408,
        "remote": "1"
      }
    },
    {
      "id": 294294,
      "title": "Saltwater",
      "overview": "This American Indie drama follows several endearing characters as they wade through life seeking happiness, peace and ultimately, love. Will (Ronnie Kerr, Vampire Boys 2, Shut Up and Kiss Me) leaves the Navy after many years, soon reunites old friends and begins to start his new civilian life. His friend Rich (Bruce L Hart) tries to set him up with ruggedly handsome Josh (Ian Roberts-a former Australian professional rugby player, actor and model-Cedar Boys, Superman Returns, Little Fish). While there is immense chemistry between the two, timing and certain ideals never seem to align. When a shocking tragedy happens the two are paired up to pick up the pieces and sort through the after effects. Saltwater is a story about men of all ages, finding love, losing friends, navigating their way through life and knowing it's the journey rather then the destination that's important.",
      "genres": [
        "Romance",
        "Drama"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/bDnLdYqpH9abHo4ASMPKiInx8dm.jpg",
      "release_date": 1342310400,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 1,
        "weightedRankingScore": 0.966931216931217,
        "remote": "1"
      }
    },
    {
      "id": 142061,
      "title": "Batman: The Dark Knight Returns, Part 2",
      "overview": "Batman has stopped the reign of terror that The Mutants had cast upon his city.  Now an old foe wants a reunion and the government wants The Man of Steel to put a stop to Batman.",
      "genres": [
        "Action",
        "Animation",
        "Mystery"
      ],
      "poster": "https://image.tmdb.org/t/p/w500/arEZYd6uMOFTILne9Ux0A8qctMe.jpg",
      "release_date": 1357171200,
      "_federation": {
        "indexUid": "mieli",
        "queriesPosition": 0,
        "weightedRankingScore": 0.8697089947089947,
        "remote": "1"
      }
    }
  ],
  "processingTimeMs": 247,
  "limit": 5,
  "offset": 0,
  "estimatedTotalHits": 97,
  "requestUid": "019bbd3a-5106-70e0-94fc-f58b2f0c28c8",
  "remoteErrors": {}
}

• Facet search referencing useNetwork are not supported
• The chat route cannot use useNetwork at the moment: doing so is not trivial implementation-wise, because chat route expects to be able to open the index (to fetch chat configs), but federated search only opens the indexes once during a short critical section.

By @dureuill in https://github.com/meilisearch/meilisearch/pull/6101

Pass federation.page and federation.hitsPerPage with the same meaning as in a regular search request to use exhaustive pagination in the federated search

By @dureuill in https://github.com/meilisearch/meilisearch/pull/6101

The settings indexer is more efficient when users are removing searchable attributes from the searchable fields.

By @VedantMadane in https://github.com/meilisearch/meilisearch/pull/6109

Solves a low-severity timing attack vulnerability on key comparison by using constant-time comparison

By @curquiza in https://github.com/meilisearch/meilisearch/pull/6077

• Remove openssl from deps by @dureuill in https://github.com/meilisearch/meilisearch/pull/6117
• Fix geo-types version to avoid multiple rstar deps by @dureuill in https://github.com/meilisearch/meilisearch/pull/6118

❤️ Thanks again @VedantMadane for the contribution to this release!

Full Changelog: https://github.com/meilisearch/meilisearch/compare/v1.33.1...v1.34.0

Apache Seata(incubating) 2.6.0 Released.

Apache Seata(incubating) is an easy-to-use, high-performance, open source distributed transaction solution.

The version is updated as follows:

• [#7485] Add http request filter for seata-server
• [#7509] Reuse connection to merge branch transactions
• [#7492] upgrade HTTP client in common module to support HTTP/2
• [#7503] support fory serializer and fory undolog parser
• [#7551] XAUtils add support for DM Database
• [#7559] Introduce Cleanup API for TableMetaRefreshHolder Instance
• [#7669] add support for Jackson serialization and deserialization of PostgreSQL array types
• [#7664] support shentongdatabase XA mode
• [#7675] support Oracle Batch Insert
• [#7663] add Java 25 support in CI configuration files
• [#7851] add support for managing transaction groups
• [#7857] support displaying cluster information in the console
• [#7826] Support HTTP/2 response handling for the Watch API in Server Raft mode
• [#7863] Exclude namingserver and console module builds from build workflows with JDK versions less than 25
• [#7870] upgrade the namingserver and console modules to JDK 25 and SpringBoot 3.5, and add the spring-ai dependency in the console module.
• [#7872] Automatically calculate the values for JVM parameters
• [#7876] feature: add MCP custom configuration and authentication code
• [#7878] console supports creation and modification of transaction groups for Raft clusters
• [#7893] add global and branch session and lock management MCP tools

• [#7471] Fix SerialArray equals() method for multi-dimensional array comparison in Phase 2 rollback
• [#7482] Github Action workflow does not run the corresponding Kotlin test
• [#7538] unify DmdbTimestamp comparison via UTC Instant to prevent rollback failure
• [#7546] fix client spring version compatible
• [#7505] prevent Netty I/O thread blocking by async channel release via reconnectExecutor
• [#7563] Fix NPE when server-side filter is disabled and filter chain is null.
• [#7570] Fix order() behavior in GlobalTransactionalInterceptorHandler to ensure correct sorting of invocation handlers
• [#7596] Fixed the issue where deserialization failed when the xss filter obtained the default keyword
• [#7613] Fixed the SQL error in the datetime format time query in the global lock query
• [#7622] adjust the order of org.apache.seata.saga.rm.SagaResourceManage
• [#7624] fix the compatibility issue of yml configuration files
• [#7644] fix the compatibility issue of spotless when java 25
• [#7662] ensure visibility of rm and The methods in MockTest are executed in order
• [#7683] Override XABranchXid equals() and hashCode() to fix memory leak in mysql driver
• [#7643] fix DM transaction rollback not using database auto-increment primary keys
• [#7708] Use xaActive to determine whether xaResource needs to execute the end method
• [#7747] undo log table name dynamic derivation
• [#7749] fix error parsing application/x-www-form-urlencoded requests in Http2HttpHandler
• [#7761] special handling is applied to the Byte[] type to ensure the correct primary key value
• [#7771] Shentongdata xa mode should be hold the same connection
• [#7785] fix the failure test
• [#7796] fix the NPE on ConsulConfigurationTest method
• [#7839] resolve TransactionAutoConfiguration compatibility with Spring Boot 4.x
• [#7843] fix index type misjudgment in Dm/KingbaseTableMetaCache
• [#7856] fix comma missing in package.json/min-document
• [#7860] Fix the issue where delayed messages in RocketMQ transactions were silently ignored, now explicitly throwing an exception
• [#7879] fix:correct server port and naming server port
• [#7881] the vgroup_table in the SQL files of all databases should use a three-column unique constraint
• [#7891] raft split-brain causes incorrect cluster information
• [#7908] handle timestamp with time zone in postgresql primary key
• [#7938] ensure the Jakarta-related package paths are correct.

• [#7460] Remove hardcoded port configuration in core module test classes
• [#7478] optimize: remove client id metric
• [#7557] upgrade some npmjs dependencies
• [#7576] Add empty push protection for Configuration
• [#7577] remove the 4MB size limit when decompressing with zstd
• [#7578] zstd decompression is changed from jni to ZstdInputStream
• [#7591] Optimize default xssFilter config retrieval when no explicit configuration is provided
• [#7608] modify the parameter name in refreshToken method
• [#7603] upgrade Apache Tomcat dependency from 9.0.106 to 9.0.108
• [#7614] update README.md
• [#7443] Replace @LocalTCC with @SagaTransactional in the saga annotation pattern
• [#7645] simplifying the relevant transport.* configuration types
• [#7668] correct variable name typo in DeflaterUtil
• [#7673] bump @babel/runtime from ^7.26.10 to ^7.27.0
• [#7689] optimize source release
• [#7711] add fastjson support for serialization and deserialization of PostgreSQL array types
• [#7722] optimize serializer type meaning
• [#7739] optimize docker image building process
• [#7741] supports publishing image based on JDK 25
• [#7743] upgrade Apache Tomcat dependency from 9.0.108 to 9.0.109
• [#7740] enhance HttpClient to support h2c
• [#7744] upgrade Apache Tomcat dependency from 9.0.109 to 9.0.110
• [#7751] remove unused dependency
• [#7807] support mariadb 3.x
• [#7781] highlight pmd-check log
• [#7704] fix frontend security vulnerabilities
• [#7710] fix some spell errors in code and comments
• [#7721] optimize common module
• [#7768] optimize docker image building process
• [#7809] optimize README.md
• [#7813] add decode buffer limit
• [#7822] add the request and response objects in HTTP thread context
• [#7829] optimize lz4 compressor
• [#7864] automatically skip the compilation of console and namingserver modules in JDK<25
• [#7867] optimize global transaction support non-private modifier methods
• [#7868] change build_arm64-binary CI to JDK25 Version and runs on ubuntu-24.04-arm
• [#7873] upgrade jacoco plugin version from 0.8.7 to 0.8.14 in order to adapt JDK25
• [#7885] replace fury with fory
• [#7884] upgrade tomcat-embed-core version to 11.0.10
• [#7888] bump org.apache.tomcat.embed:tomcat-embed-core
• [#7889] bump org.apache.tomcat.embed:tomcat-embed-core in /console
• [#7894] optimize method and class names in the saga module
• [#7905] format content
• [#7909] add comments to the namingserver address configuration in console application file
• [#7913] remove @author info
• [#7931] pin the Spring version for namingserver and console
• [#7942] update jib-maven-plugin version and increase parallel test execution limits
• [#7935] add OkHttp and MockWebServer dependencies to resolve version conflicts

• [#7632] upgrade sha.js to version 2.4.12
• [#7633] Upgrade cipher-base to version 1.0.6
• [#7716] Update commons-lang to 3.18.0
• [#7699] Upgrade axios to version 1.12.2
• [#7845] upgrade node-forge to version 1.3.2 or later
• [#7849] upgrade min-document to version 2.19.1 or later
• [#7847] upgrade js-yaml to 3.14.2, 4.1.1 or later

• [#7635] fix JUnit test method access modifiers and annotations
• [#7541] fix jakarta UT failed in jdk17+
• [#7540] fix port of mock server
• [#7580] fix the exception caused by the disorder of test case execution order
• [#7584] deflake ConsulConfigurationTest#testInitSeataConfig with short await/retry to absorb CI timing delay
• [#7610] Enable Nacos integration tests when nacosCaseEnabled is true
• [#7672] Add unit tests for the seata-common module
• [#7679] fix old version connect timeout
• [#7638]Add unit tests for the seata-common module and remove a todo
• [#7709] add UT for dm module
• [#7725] add UT for compressor module
• [#7718] add UT for config module
• [#7723] add UT for fastjson2 to test PostgreSQL Array type
• [#7731] add UT for rm.fence
• [#7737] add UT for DefaultResourceManager and ClusterWatcherManager
• [#7757] add UT for undo module
• [#7763] add UT for RegistryNamingServerProperties and RegistryMetadataProperties
• [#7764] add some UT for server/coordinator module
• [#7777] add UT for seata-saga-statelang module
• [#7776] add UT for XA module
• [#7788] add some UT for rm-datasource module
• [#7774] add some UT for server/console module
• [#7767] add some UT for server/cluster module
• [#7750] add some UT for server module
• [#7733] add some UT for core module
• [#7728] add some UT for compatible module
• [#7727] add some UT for compatible module
• [#7803] Fix flakiness in DataCompareUtilsTest caused by non-deterministic Map key iteration order.
• [#7804] fix testXARollbackWithResourceLock() to ensure ci runs normally
• [#7779] improve unit tests for RaftRegistryServiceImpl
• [#7801] Fix non-deteriministic in JsonParserWrapTest#testToJSONString due to key order
• [#7800] fix non-deterministic in StringUtilsTest#testToStringAndCycleDependency
• [#7802] Fix non-deterministic in ConnectionContextProxyTest.
• [#7808] Deflake multiple Insert Executor tests by fixing order-dependent primary key (PK) value comparison
• [#7815] test: fix combine test to avoid failure due to ordering
• [#7819] fix brittle RPC status test
• [#7827] Fix non-deteriministic in TableMetaTest#testGetPrimaryKeyOnlyName
• [#7859] Fix flaky tests in MetadataTest caused by shared state and brittle toString assertions
• [#7858] Fix flakiness in HttpTest.convertParamOfJsonStringTest caused by non-deterministic Map iteration order
• [#7874] add unit tests for DBType and RedisKeyConstants in core module
• [#7900] add unit tests for ConnectionContext class
• [#7901] add unit tests for core module (LockStatus, MessageType, ProtocolConstants)
• [#7906] add test for Fury/Fory
• [#7907] test: fixes CI errors caused by timing issues in ZkConfigurationTest
• [#7912] test: add Antlr tests to improve test coverage
• [#7933] oscar test cases should only run on Druid 1.2.5 and higher versions

• [#7615] Refactor DataSourceProxy
• [#7617] Refactor Alibaba Dubbo and HSF
• [#7688] Reactor extensions module
• [#7719] Replace synchronized with ReentrantLock in AbstractNettyRemotingClient to support virtual threads
• [#7789] rename GROUP_UPDATE_TIME to GROUP_UPDATE_TERM in ClusterWatcherManager
• [#7698] refactor test module
• [#7818] run the HTTP filter as a chain of responsibility
• [#7904] Unify HTTP client utility to OkHttp3

• [#7462] improve TM module Javadoc with comprehensive English documentation
• [#7531] Optimize the Readme and change documents
• [#7571] Add hyperlink to CONTRIBUTING.md in pull request template
• [#7605] Add the type of registry as seata in application.yml
• [#7625] Polish Javadoc for @EnableAutoDataSourceProxy and DefaultFailureHandlerImpl
• [#7702] change "whether use" to "whether to use" for correct syntax.

Thanks to these contributors for their code commits. Please report an unintended omission.

• slievrly
• YvCeung
• xjlgod
• YongGoose
• KoKimSS
• maple525866
• funky-eyes
• keepConcentration
• sunheyi6
• WangzJi
• unifolio0
• Asuka-star
• contrueCT
• YoWuwuuuw
• yougecn
• jongmin-chung
• jihun4452
• psxjoy
• dsomehan
• LegendPei
• lokidundun
• xiaoxiangyeyu0
• jsbxyyx
• xingfudeshi
• diguage
• aias00
• NiMv1
• MaoMaoandSnail
• neronsoda

Also, we receive many valuable issues, questions and advices from our community. Thanks for you all.

Apache Seata(incubating) 2.6.0 Released.

Apache Seata(incubating) is an easy-to-use, high-performance, open source distributed transaction solution.

The version is updated as follows:

• [#7485] Add http request filter for seata-server
• [#7509] Reuse connection to merge branch transactions
• [#7492] upgrade HTTP client in common module to support HTTP/2
• [#7503] support fory serializer and fory undolog parser
• [#7551] XAUtils add support for DM Database
• [#7559] Introduce Cleanup API for TableMetaRefreshHolder Instance
• [#7669] add support for Jackson serialization and deserialization of PostgreSQL array types
• [#7664] support shentongdatabase XA mode
• [#7675] support Oracle Batch Insert
• [#7663] add Java 25 support in CI configuration files
• [#7851] add support for managing transaction groups
• [#7857] support displaying cluster information in the console
• [#7826] Support HTTP/2 response handling for the Watch API in Server Raft mode
• [#7863] Exclude namingserver and console module builds from build workflows with JDK versions less than 25
• [#7870] upgrade the namingserver and console modules to JDK 25 and SpringBoot 3.5, and add the spring-ai dependency in the console module.
• [#7872] Automatically calculate the values for JVM parameters
• [#7876] feature: add MCP custom configuration and authentication code
• [#7878] console supports creation and modification of transaction groups for Raft clusters
• [#7893] add global and branch session and lock management MCP tools

• [#7471] Fix SerialArray equals() method for multi-dimensional array comparison in Phase 2 rollback
• [#7482] Github Action workflow does not run the corresponding Kotlin test
• [#7538] unify DmdbTimestamp comparison via UTC Instant to prevent rollback failure
• [#7546] fix client spring version compatible
• [#7505] prevent Netty I/O thread blocking by async channel release via reconnectExecutor
• [#7563] Fix NPE when server-side filter is disabled and filter chain is null.
• [#7570] Fix order() behavior in GlobalTransactionalInterceptorHandler to ensure correct sorting of invocation handlers
• [#7596] Fixed the issue where deserialization failed when the xss filter obtained the default keyword
• [#7613] Fixed the SQL error in the datetime format time query in the global lock query
• [#7622] adjust the order of org.apache.seata.saga.rm.SagaResourceManage
• [#7624] fix the compatibility issue of yml configuration files
• [#7644] fix the compatibility issue of spotless when java 25
• [#7662] ensure visibility of rm and The methods in MockTest are executed in order
• [#7683] Override XABranchXid equals() and hashCode() to fix memory leak in mysql driver
• [#7643] fix DM transaction rollback not using database auto-increment primary keys
• [#7708] Use xaActive to determine whether xaResource needs to execute the end method
• [#7747] undo log table name dynamic derivation
• [#7749] fix error parsing application/x-www-form-urlencoded requests in Http2HttpHandler
• [#7761] special handling is applied to the Byte[] type to ensure the correct primary key value
• [#7771] Shentongdata xa mode should be hold the same connection
• [#7785] fix the failure test
• [#7796] fix the NPE on ConsulConfigurationTest method
• [#7839] resolve TransactionAutoConfiguration compatibility with Spring Boot 4.x
• [#7843] fix index type misjudgment in Dm/KingbaseTableMetaCache
• [#7856] fix comma missing in package.json/min-document
• [#7860] Fix the issue where delayed messages in RocketMQ transactions were silently ignored, now explicitly throwing an exception
• [#7879] fix:correct server port and naming server port
• [#7881] the vgroup_table in the SQL files of all databases should use a three-column unique constraint
• [#7891] raft split-brain causes incorrect cluster information
• [#7908] handle timestamp with time zone in postgresql primary key
• [#7938] ensure the Jakarta-related package paths are correct.

• [#7460] Remove hardcoded port configuration in core module test classes
• [#7478] optimize: remove client id metric
• [#7557] upgrade some npmjs dependencies
• [#7576] Add empty push protection for Configuration
• [#7577] remove the 4MB size limit when decompressing with zstd
• [#7578] zstd decompression is changed from jni to ZstdInputStream
• [#7591] Optimize default xssFilter config retrieval when no explicit configuration is provided
• [#7608] modify the parameter name in refreshToken method
• [#7603] upgrade Apache Tomcat dependency from 9.0.106 to 9.0.108
• [#7614] update README.md
• [#7443] Replace @LocalTCC with @SagaTransactional in the saga annotation pattern
• [#7645] simplifying the relevant transport.* configuration types
• [#7668] correct variable name typo in DeflaterUtil
• [#7673] bump @babel/runtime from ^7.26.10 to ^7.27.0
• [#7689] optimize source release
• [#7711] add fastjson support for serialization and deserialization of PostgreSQL array types
• [#7722] optimize serializer type meaning
• [#7739] optimize docker image building process
• [#7741] supports publishing image based on JDK 25
• [#7743] upgrade Apache Tomcat dependency from 9.0.108 to 9.0.109
• [#7740] enhance HttpClient to support h2c
• [#7744] upgrade Apache Tomcat dependency from 9.0.109 to 9.0.110
• [#7751] remove unused dependency
• [#7807] support mariadb 3.x
• [#7781] highlight pmd-check log
• [#7704] fix frontend security vulnerabilities
• [#7710] fix some spell errors in code and comments
• [#7721] optimize common module
• [#7768] optimize docker image building process
• [#7809] optimize README.md
• [#7813] add decode buffer limit
• [#7822] add the request and response objects in HTTP thread context
• [#7829] optimize lz4 compressor
• [#7864] automatically skip the compilation of console and namingserver modules in JDK<25
• [#7867] optimize global transaction support non-private modifier methods
• [#7868] change build_arm64-binary CI to JDK25 Version and runs on ubuntu-24.04-arm
• [#7873] upgrade jacoco plugin version from 0.8.7 to 0.8.14 in order to adapt JDK25
• [#7885] replace fury with fory
• [#7884] upgrade tomcat-embed-core version to 11.0.10
• [#7888] bump org.apache.tomcat.embed:tomcat-embed-core
• [#7889] bump org.apache.tomcat.embed:tomcat-embed-core in /console
• [#7894] optimize method and class names in the saga module
• [#7905] format content
• [#7909] add comments to the namingserver address configuration in console application file
• [#7913] remove @author info
• [#7931] pin the Spring version for namingserver and console
• [#7942] update jib-maven-plugin version and increase parallel test execution limits
• [#7935] add OkHttp and MockWebServer dependencies to resolve version conflicts

• [#7632] upgrade sha.js to version 2.4.12
• [#7633] Upgrade cipher-base to version 1.0.6
• [#7716] Update commons-lang to 3.18.0
• [#7699] Upgrade axios to version 1.12.2
• [#7845] upgrade node-forge to version 1.3.2 or later
• [#7849] upgrade min-document to version 2.19.1 or later
• [#7847] upgrade js-yaml to 3.14.2, 4.1.1 or later

• [#7635] fix JUnit test method access modifiers and annotations
• [#7541] fix jakarta UT failed in jdk17+
• [#7540] fix port of mock server
• [#7580] fix the exception caused by the disorder of test case execution order
• [#7584] deflake ConsulConfigurationTest#testInitSeataConfig with short await/retry to absorb CI timing delay
• [#7610] Enable Nacos integration tests when nacosCaseEnabled is true
• [#7672] Add unit tests for the seata-common module
• [#7679] fix old version connect timeout
• [#7638]Add unit tests for the seata-common module and remove a todo
• [#7709] add UT for dm module
• [#7725] add UT for compressor module
• [#7718] add UT for config module
• [#7723] add UT for fastjson2 to test PostgreSQL Array type
• [#7731] add UT for rm.fence
• [#7737] add UT for DefaultResourceManager and ClusterWatcherManager
• [#7757] add UT for undo module
• [#7763] add UT for RegistryNamingServerProperties and RegistryMetadataProperties
• [#7764] add some UT for server/coordinator module
• [#7777] add UT for seata-saga-statelang module
• [#7776] add UT for XA module
• [#7788] add some UT for rm-datasource module
• [#7774] add some UT for server/console module
• [#7767] add some UT for server/cluster module
• [#7750] add some UT for server module
• [#7733] add some UT for core module
• [#7728] add some UT for compatible module
• [#7727] add some UT for compatible module
• [#7803] Fix flakiness in DataCompareUtilsTest caused by non-deterministic Map key iteration order.
• [#7804] fix testXARollbackWithResourceLock() to ensure ci runs normally
• [#7779] improve unit tests for RaftRegistryServiceImpl
• [#7801] Fix non-deteriministic in JsonParserWrapTest#testToJSONString due to key order
• [#7800] fix non-deterministic in StringUtilsTest#testToStringAndCycleDependency
• [#7802] Fix non-deterministic in ConnectionContextProxyTest.
• [#7808] Deflake multiple Insert Executor tests by fixing order-dependent primary key (PK) value comparison
• [#7815] test: fix combine test to avoid failure due to ordering
• [#7819] fix brittle RPC status test
• [#7827] Fix non-deteriministic in TableMetaTest#testGetPrimaryKeyOnlyName
• [#7859] Fix flaky tests in MetadataTest caused by shared state and brittle toString assertions
• [#7858] Fix flakiness in HttpTest.convertParamOfJsonStringTest caused by non-deterministic Map iteration order
• [#7874] add unit tests for DBType and RedisKeyConstants in core module
• [#7900] add unit tests for ConnectionContext class
• [#7901] add unit tests for core module (LockStatus, MessageType, ProtocolConstants)
• [#7906] add test for Fury/Fory
• [#7907] test: fixes CI errors caused by timing issues in ZkConfigurationTest
• [#7912] test: add Antlr tests to improve test coverage
• [#7933] oscar test cases should only run on Druid 1.2.5 and higher versions

• [#7615] Refactor DataSourceProxy
• [#7617] Refactor Alibaba Dubbo and HSF
• [#7688] Reactor extensions module
• [#7719] Replace synchronized with ReentrantLock in AbstractNettyRemotingClient to support virtual threads
• [#7789] rename GROUP_UPDATE_TIME to GROUP_UPDATE_TERM in ClusterWatcherManager
• [#7698] refactor test module
• [#7818] run the HTTP filter as a chain of responsibility
• [#7904] Unify HTTP client utility to OkHttp3

• [#7462] improve TM module Javadoc with comprehensive English documentation
• [#7531] Optimize the Readme and change documents
• [#7571] Add hyperlink to CONTRIBUTING.md in pull request template
• [#7605] Add the type of registry as seata in application.yml
• [#7625] Polish Javadoc for @EnableAutoDataSourceProxy and DefaultFailureHandlerImpl
• [#7702] change "whether use" to "whether to use" for correct syntax.

Thanks to these contributors for their code commits. Please report an unintended omission.

• slievrly
• YvCeung
• xjlgod
• YongGoose
• KoKimSS
• maple525866
• funky-eyes
• keepConcentration
• sunheyi6
• WangzJi
• unifolio0
• Asuka-star
• contrueCT
• YoWuwuuuw
• yougecn
• jongmin-chung
• jihun4452
• psxjoy
• dsomehan
• LegendPei
• lokidundun
• xiaoxiangyeyu0
• jsbxyyx
• xingfudeshi
• diguage
• aias00
• NiMv1
• MaoMaoandSnail
• neronsoda

Also, we receive many valuable issues, questions and advices from our community. Thanks for you all.

• Upgrade nebula to v13, gradle to v9 and palantir-java-format to v2.83 by @gavinbunney in https://github.com/Netflix/zuul/pull/2052
• Add SNI handshake metrics by @lalernehl in https://github.com/Netflix/zuul/pull/2054
• path normalization by @tappenzeller in https://github.com/Netflix/zuul/pull/2042
• Bump release version by @lalernehl in https://github.com/Netflix/zuul/pull/2057

Full Changelog: https://github.com/Netflix/zuul/compare/v3.3.1...3.3.2

• Upgrade nebula to v13, gradle to v9 and palantir-java-format to v2.83 by @gavinbunney in https://github.com/Netflix/zuul/pull/2052
• Add SNI handshake metrics by @lalernehl in https://github.com/Netflix/zuul/pull/2054
• path normalization by @tappenzeller in https://github.com/Netflix/zuul/pull/2042
• Bump release version by @lalernehl in https://github.com/Netflix/zuul/pull/2057

Full Changelog: https://github.com/Netflix/zuul/compare/v3.3.1...v3.3.2

Download the artifacts and read the release notes here - https://docs.yugabyte.com/stable/releases/ybdb-releases/v2025.2/#v2025.2.0.1

This is the first Release Candidate of Redis 8.6 in Redis Open Source.

Release Candidates are feature-complete pre-releases. Pre-releases are not suitable for production use.

• Alpine and Debian Docker images - https://hub.docker.com/_/redis
• Install using snap - see https://github.com/redis/redis-snap
• Install using brew - see https://github.com/redis/homebrew-redis
• Install using RPM - see https://github.com/redis/redis-rpm
• Install using Debian APT - see https://github.com/redis/redis-debian

• Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat)
• Rocky Linux 8.10, 9.5, 10.1
• AlmaLinux 8.10, 9.5, 10.1
• Debian 12 (Bookworm), Debian 13 (Trixie)
• 14 (Sonoma), 15 (Sequoia)

• #14615 Streams: XADD idempotency (at-most-once guarantee) with new IDMPAUTO and IDMP arguments
• #14624 New eviction policies - least recently modified: volatile-lrm and allkeys-lrm
• #14680 Hot keys detection and reporting; new command: HOTKEYS
• #14610 TLS certificate-based automatic client authentication
• RedisTimeSeries/RedisTimeSeries#1853 Time series: support NaN values; new aggregators: COUNTNAN and COUNTALL

• #14645 Hide Personally Identifiable Information from ACL log
• #14659 ACL: Key-pattern bypass in MSETEX
• RedisTimeSeries/RedisTimeSeries#1837, RedisJSON/RedisJSON#1474 Hide Personally Identifiable Information from server log
• RedisBloom/RedisBloom#950 Out-of-bounds read when loading an invalid RDB file (MOD-12802)

• #14545 ACL: AOF loading fails if ACL rules are changed and don't allow some commands in MULTI-EXEC
• #14637 Atomic slot migration: wrong adjacent slot range behavior
• #14567 Atomic slot migration: support delay trimming slots after finishing migrating slots
• #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete entries for DELREF/ACKED strategies
• #14552 Streams: Incorrect behavior when using XDELEX...ACKEDafterXGROUP DESTROY`
• #14537 SCAN: restore original filter order (revert change introduced in 8.2)
• #14581 Rare server hang at shutdown
• #14597 Panic when cluster node is uninitialized
• #14583 FLUSHALL ASYNC on a writable replica may block the main thread for an extended period
• #14504 Cluster: fix race condition in broadcast configuration
• #14416 Fixed argument position handling in Redis APIs
• RedisTimeSeries/RedisTimeSeries#1784, RedisTimeSeries/RedisTimeSeries#1839, RedisBloom/RedisBloom#952, RedisJSON/RedisJSON#1477 Atomic slot migration support
• RedisBloom/RedisBloom#946 MEMORY USAGE: fix reported value (MOD-12799)
• RedisJSON/RedisJSON#1473 Adding escapes to already-escaped characters (MOD-8137)
• RedisJSON/RedisJSON#1475 JSON.CLEAR does not error if more than one path is specified (MOD-13109)

• #14608 Reply copy-avoidance path to reduce memory copies for bulk string replies
• #14595 Hash: unify field name and value into a single struct
• #14701 Sorted set: unify score and value into a single struct
• #14662 Optimize listpack iterator on hash fields
• #14699 Optimize set commands with expiration
• #14700 Optimize prefetching
• #14715 Optimize prefetch sizing logic
• #14636 Optimize ZRANK
• #14676 Utilize hardware clock by default on ARM AArch64
• #14575 Disable RDB compression when diskless replication is used

• #14445
  • RM_CreateKeyMetaClass - define a new key-metadata class
  • RM_ReleaseKeyMetaClass - release a key-metadata class
  • RM_SetKeyMeta - attach or update a metadata value for a key under a specific metadata-key class
  • RM_GetKeyMeta - get a metadata value for a key under a specific metadata-key class

• #14624 maxmemory-policy: new eviction policies: volatile-lrm, allkeys-lrm
• #14615 stream-idmp-duration, stream-idmp-maxsize - defaults for streams idempotent production
• #14610 tls-auth-clients-user TLS certificate-based automatic client authentication
• #14596 flushdb option for repl-diskless-load: always flush the entire dataset before diskless load

• #14610 acl_access_denied_tls_cert - failed TLS certificate–based authentication attempts

• Redis Query Engine: In case of load rebalancing operations (such as Atomic Slot Migration) taking place during the lifetime of a cursor, there is a chance that some results may be missing.