higress-group/higress
 Watch   
 Star   
 Fork   
7 days ago
higress

v2.2.3

Higress

📋 Overview of This Release

This release includes 48 updates, covering AI Gateway enhancements, multi-provider LLM protocol compatibility, gateway stability, Gateway API and Helm improvements, test coverage, and release maintenance.

Distribution of Updates

  • New Features: 11 items
  • Bug Fixes: 28 items
  • Documentation Updates: 1 item
  • Testing Improvements: 5 items
  • Release and Dependency Maintenance: 3 items

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #3849
    Contributor: @GHX5T-SOL
    Change Log: Key Auth now supports multiple credentials for a single service.
    Feature Value: Simplifies migration and multi-client access scenarios where more than one key must be managed for the same service.

  • Related PR: #3838
    Contributor: @Betula-L
    Change Log: jwt-auth now supports remote JWKS.
    Feature Value: Makes centralized key management and key rotation easier for JWT-based authentication.

  • Related PR: #3894
    Contributor: @JianweiWang
    Change Log: ai-security-guard adds structured x_higress deny responses, error-path metrics, and AI logging.
    Feature Value: Improves observability and policy feedback for AI content safety enforcement.

  • Related PR: #3898
    Contributor: @zat366
    Change Log: ai-load-balancer adds a cluster_hash load balancing policy based on FNV-1a consistent hashing.
    Feature Value: Provides more stable routing across model backend clusters.

  • Related PR: #3895
    Contributor: @JianweiWang
    Change Log: ai-security-guard adds Embedding API content detection support.
    Feature Value: Extends AI content safety checks beyond chat/completion-style requests.

  • Related PR: #3916
    Contributor: @ponypony0123
    Change Log: model-router adds keepOriginalModelName to preserve the full original model name.
    Feature Value: Helps users keep downstream model identity semantics intact while still applying model routing rules.

  • Related PR: #3979
    Contributor: @EndlessSeeker
    Change Log: Helm now supports skipping IngressClass creation.
    Feature Value: Better supports clusters where IngressClass resources are pre-managed or controlled by platform teams.

  • Related PR: #3981
    Contributor: @EndlessSeeker
    Change Log: GatewayClass isolation is now configurable.
    Feature Value: Gives operators more control over resource boundaries in multi-GatewayClass environments.

  • Related PR: #3943
    Contributor: @zijiren233
    Change Log: Enhanced SSL passthrough support.
    Feature Value: Improves Higress support for TLS passthrough scenarios.

  • Related PR: #3989
    Contributor: @Rand01ph
    Change Log: AI Proxy adds vLLM passthrough support for Anthropic Messages and newer OpenAI endpoints.
    Feature Value: Improves compatibility for users running vLLM behind Higress as an AI gateway.

  • Related PR: #4000
    Contributor: @ponypony0123
    Change Log: Added the ai-context-limit WASM plugin for context window limit enforcement.
    Feature Value: Helps reduce failures and cost risks caused by requests that exceed model context limits.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3864
    Contributor: @Jing-ze
    Change Log: ai-proxy re-anchors X-HI-ORIGINAL-AUTH on the first hop to fix cascaded-gateway 401 responses.
    Feature Value: Restores correct authentication behavior in cascaded gateway deployments.

  • Related PR: #3839
    Contributor: @zat366
    Change Log: ai-proxy uses HasSuffix instead of Contains in Claude API name detection.
    Feature Value: Avoids sub-path misidentification and improves Claude-compatible routing accuracy.

  • Related PR: #3870
    Contributor: @CH3CHO
    Change Log: Fixed descriptions for basePath-related fields in the ai-proxy plugin.
    Feature Value: Makes plugin configuration documentation clearer and less error-prone.

  • Related PR: #3869
    Contributor: @CH3CHO
    Change Log: Fixed test cases in registry/nacos/mcpserver/watcher_test.go.
    Feature Value: Improves reliability of registry and MCP server watcher tests.

  • Related PR: #3860
    Contributor: @Jing-ze
    Change Log: ai-proxy now routes Anthropic Messages natively to Vertex :rawPredict.
    Feature Value: Improves Vertex AI compatibility for Anthropic Messages requests.

  • Related PR: #3851
    Contributor: @JianweiWang
    Change Log: ai-statistics skips empty streaming model values.
    Feature Value: Prevents inaccurate or noisy model statistics for streaming requests.

  • Related PR: #3904
    Contributor: @Jing-ze
    Change Log: ai-proxy strips anthropic-beta and anthropic-version headers in Vertex passthrough mode.
    Feature Value: Avoids incompatible headers when routing Anthropic-style requests through Vertex.

  • Related PR: #3914
    Contributor: @Jing-ze
    Change Log: Bumped oauth2-proxy to fix a nil panic in the OIDC verifier callback.
    Feature Value: Improves OIDC authentication stability.

  • Related PR: #3923
    Contributor: @johnlanni
    Change Log: Removed request-count rebuild triggers in WASM.
    Feature Value: Reduces unnecessary rebuild behavior.

  • Related PR: #3922
    Contributor: @johnlanni
    Change Log: Rebuilds the MCP filter under high memory usage.
    Feature Value: Improves runtime stability under memory pressure.

  • Related PR: #3928
    Contributor: @Jing-ze
    Change Log: Fixed Set-Cookie header corruption during OIDC session refresh.
    Feature Value: Prevents broken sessions during OIDC refresh flows.

  • Related PR: #3964
    Contributor: @EndlessSeeker
    Change Log: Merges InferencePool route configs correctly during HTTPRoute merging.
    Feature Value: Fixes route config loss in Gateway API inference routing scenarios.

  • Related PR: #3971
    Contributor: @EndlessSeeker
    Change Log: Helm disables alpha Gateway API watches by default.
    Feature Value: Reduces default install risk from alpha API watchers.

  • Related PR: #3980
    Contributor: @EndlessSeeker
    Change Log: Sets Gateway status address type by value.
    Feature Value: Fixes Gateway status address reporting.

  • Related PR: #3956
    Contributor: @XinhhD
    Change Log: ai-proxy cleans client Authorization headers for API-key providers.
    Feature Value: Prevents client credentials from leaking into upstream API-key provider requests.

  • Related PR: #3973
    Contributor: @XinhhD
    Change Log: ai-proxy preserves Vertex thoughtSignature values in OpenAI tool calls.
    Feature Value: Improves Vertex tool-call compatibility.

  • Related PR: #3985
    Contributor: @XinhhD
    Change Log: ai-proxy includes tool call type in Claude stream deltas.
    Feature Value: Improves Claude stream compatibility for tool calls.

  • Related PR: #3924
    Contributor: @geekspeng
    Change Log: Helm moves imagePullPolicy from PodSpec to the gateway container level.
    Feature Value: Aligns rendered gateway manifests with Kubernetes container-level image pull policy semantics.

  • Related PR: #3905
    Contributor: @philo-x
    Change Log: Fixed golang-filter architecture mismatch during local gateway builds on arm64 macOS.
    Feature Value: Improves local build reliability on Apple Silicon machines.

  • Related PR: #3998
    Contributor: @yyyCode
    Change Log: Helm uses Chart.Version as the default plugin-server image tag.
    Feature Value: Keeps plugin-server image tag defaults aligned with chart versions.

  • Related PR: #3994
    Contributor: @EndlessSeeker
    Change Log: Preserves Ingress LoadBalancer hostnames.
    Feature Value: Avoids losing hostname-based load balancer addresses in Ingress status.

  • Related PR: #4002
    Contributor: @geekspeng
    Change Log: Helm applies imagePullPolicy to the controller container and promtail sidecar.
    Feature Value: Ensures rendered manifests apply image pull behavior consistently across containers.

  • Related PR: #3988
    Contributor: @enkilee
    Change Log: Fixed several typos.
    Feature Value: Improves repository documentation and code readability.

  • Related PR: #3962
    Contributor: @CH3CHO
    Change Log: ai-cache handles SSE first chunks that only contain a role, fixing #3953.
    Feature Value: Improves AI cache compatibility with streaming responses.

  • Related PR: #3990
    Contributor: @XinhhD
    Change Log: ai-proxy adds IDs for Vertex tool calls.
    Feature Value: Improves downstream tool-call correlation and compatibility.

  • Related PR: #4013
    Contributor: @EndlessSeeker
    Change Log: OIDC now fails closed when the verifier is unavailable.
    Feature Value: Avoids unsafe authentication behavior during verifier failures.

  • Related PR: #4012
    Contributor: @EndlessSeeker
    Change Log: Hardened cluster key rate-limit cookie parsing.
    Feature Value: Improves robustness for cluster-level rate-limit cookie handling.

  • Related PR: #4016
    Contributor: @EndlessSeeker
    Change Log: Reverted "Skip TLS certificate verification for HTTPS upstreams".
    Feature Value: Restores safer TLS verification behavior for HTTPS upstreams.

📚 Documentation Updates (Documentation)

  • Related PR: #3890
    Contributor: @FAUST-BENCHOU
    Change Log: Added the missing Chinese README for extensions.
    Feature Value: Improves documentation coverage for Chinese users.

🧪 Testing Improvements (Testing)

  • Related PR: #3871
    Contributor: @Jing-ze
    Change Log: Expanded unit test coverage for the wasm-go/mcp mcp-server framework.
    Feature Value: Improves confidence in MCP server framework behavior.

  • Related PR: #3873
    Contributor: @Jing-ze
    Change Log: Added end-to-end transformer coverage and fixed silent error wrapping.
    Feature Value: Improves transformer reliability and error visibility.

  • Related PR: #3875
    Contributor: @Jing-ze
    Change Log: Covered the hmac-auth-apisix algorithm matrix, clock skew, and authentication edge cases.
    Feature Value: Strengthens authentication plugin reliability.

  • Related PR: #3878
    Contributor: @Jing-ze
    Change Log: Covered traffic-tag operators, weight CDF boundaries, and parser rejection paths.
    Feature Value: Improves confidence in traffic tagging behavior under edge conditions.

  • Related PR: #3879
    Contributor: @Jing-ze
    Change Log: Increased unit test coverage to at least 90% across 9 WASM plugins.
    Feature Value: Improves plugin quality and regression protection.

🔧 Release and Dependency Maintenance

  • Related PR: #3987
    Contributor: @johnlanni
    Change Log: Updated the Envoy submodule.
    Feature Value: Keeps the gateway data-plane dependency aligned with the release baseline.

  • Related PR: #4017
    Contributor: @johnlanni
    Change Log: Updated the Envoy submodule.
    Feature Value: Pulls in the latest Envoy dependency updates for the release.

  • Related PR: #4019
    Contributor: @EndlessSeeker
    Change Log: Released v2.2.3.
    Feature Value: Updates release metadata and versioned dependencies for Higress v2.2.3.


📊 Release Statistics

  • 🚀 New Features: 11 items
  • 🐛 Bug Fixes: 28 items
  • 📚 Documentation Updates: 1 item
  • 🧪 Testing Improvements: 5 items
  • 🔧 Release and Dependency Maintenance: 3 items

Total: 48 changes

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 8 updates, covering MCP configuration fixes, LLM provider usability improvements, route and service stability, YAML cleanup, and workflow maintenance.

Distribution of Updates

  • New Features: 1 item
  • Bug Fixes: 7 items

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #722
    Contributor: @CH3CHO
    Change Log: Added support for collapsing token lists for LLM providers.
    Feature Value: Improves readability and usability when configuring providers with many tokens.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #724
    Contributor: @JayLi52
    Change Log: Fixed parsing when MCP service names contain colons.
    Feature Value: Prevents MCP service configuration failures caused by service-name parsing.

  • Related PR: #733
    Contributor: @CH3CHO
    Change Log: Fixed stale state in ServiceWeightTable.
    Feature Value: Keeps service weight display and edits aligned with the current state.

  • Related PR: #729
    Contributor: @CH3CHO
    Change Log: Fixed a possible NPE in SystemServiceImpl.
    Feature Value: Improves backend stability for system service operations.

  • Related PR: #730
    Contributor: @CH3CHO
    Change Log: Trims trailing whitespace in higress-config YAML data before submission.
    Feature Value: Avoids configuration noise and accidental YAML formatting issues.

  • Related PR: #734
    Contributor: @CH3CHO
    Change Log: Improved SSE transport path concatenation in DirectRoutingDetailStrategy.
    Feature Value: Prevents incorrect direct-routing paths for SSE transport.

  • Related PR: #735
    Contributor: @JayLi52
    Change Log: Preserves same-name routes when deleting MCP servers.
    Feature Value: Avoids deleting unrelated routes that share a name with the MCP server.

  • Related PR: #737
    Contributor: @CH3CHO
    Change Log: Fixed deploy-to-OSS workflow failures caused by Node.js 20 deprecation.
    Feature Value: Restores release and deployment automation reliability.


📊 Release Statistics

  • 🚀 New Features: 1 item
  • 🐛 Bug Fixes: 7 items

Total: 8 changes

Thanks to all contributors for their hard work! 🎉

New Contributors

Full Changelog:

Contributors

@GHX5T-SOL @Betula-L @JianweiWang @zat366 @ponypony0123 @EndlessSeeker @zijiren233 @Rand01ph @Jing-ze @CH3CHO @johnlanni @XinhhD @geekspeng @philo-x @yyyCode @enkilee @FAUST-BENCHOU @JayLi52

2026-05-22 11:17:56
higress

v2.2.2

Higress

📋 Overview of This Release

This release includes 37 updates, covering feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

  • New Features: 13 items
  • Bug Fixes: 18 items
  • Documentation Updates: 5 items
  • Testing Improvements: 1 item

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #3827
    Contributor: @rinfx
    Change Log: Added the modelToHeader configuration option, with default value x-higress-llm-model-final; synchronously updates this header after parsing the newModel from the request body to ensure downstream logic such as rate limiting and metering aligns with the model mapping result; calls DisableReroute when reading the body to prevent routing conflicts.
    Feature Value: Enhances model routing consistency and reliability, enabling fallback, model-based rate limiting, and metering features to accurately reflect the actual matched model; users gain more stable and precise model dispatching capabilities without modifying business logic, reducing the risk of policy deviation caused by header synchronization issues.

  • Related PR: #3823
    Contributor: @johnlanni
    Change Log: Introduced an nginx-rewrite-compatible WASM plugin that implements compatible parsing of Nginx rewrite + set semantics, securely executes rewriting logic within a WASM sandbox to avoid the CVE-2026-42945 heap overflow vulnerability, and supports path matching, variable capture, and substitution.
    Feature Value: Enables Higress users to smoothly migrate existing Nginx rewrite rules while ensuring compatibility and eliminating critical security risks, lowering the refactoring cost and operational risk for legacy services transitioning from Nginx to Higress.

  • Related PR: #3820
    Contributor: @wydream
    Change Log: Refactored the /v1/messages request handling for the Bedrock Provider: replaced the original two-layer protocol conversion chain (OpenAI → Converse) with direct connectivity to the native Bedrock Mantle Anthropic Messages API; added support for the Mantle endpoint, restructured request routing logic, and extended capability declarations.
    Feature Value: Delivers lower latency, higher compatibility, and native Anthropic feature support (e.g., tool use, beta headers) for /v1/messages calls; avoids semantic loss and performance overhead associated with protocol translation, significantly improving the Bedrock integration experience and stability.

  • Related PR: #3766
    Contributor: @rinfx
    Change Log: Added support for cached token usage (CacheReadInputTokens) in the streaming response transformation logic from OpenAI to Claude; modified core transformer code and added corresponding unit test cases to ensure the Claude compatibility layer accurately conveys cached token count information.
    Feature Value: Enables AI agents to correctly report input token savings resulting from cache hits when invoking Claude models, helping users precisely monitor and optimize API costs; simultaneously improves transparency and billing consistency across multi-model metering, enhancing enterprise-grade usage analytics capabilities.

  • Related PR: #3748
    Contributor: @zat366
    Change Log: Added the enable_path_suffixes configuration option to the QuotaConfig struct to support custom path suffix matching; updated configuration parsing logic to handle default values; modified the getOperationMode function to accommodate the new path suffix logic; enhanced test coverage for the new configuration and its impact on operation modes.
    Feature Value: Allows users to flexibly define API path suffix matching rules per business requirements, increasing quota control precision and adaptability; administrators can manage quota policies for different AI service paths with finer granularity, enhancing plugin applicability and maintainability across diverse scenarios.

  • Related PR: #3742
    Contributor: @wydream
    Change Log: Added KlingAI provider support, featuring official AK/SK JWT authentication and third-party gateway static Bearer token authentication modes, covering both OpenAI-compatible and native Kling protocols, and enabling full interface capabilities including text-to-video and image-to-video generation.
    Feature Value: Users can directly invoke KlingAI video generation capabilities via the AI proxy service without implementing JWT signing or adapting to various gateways—significantly lowering the integration barrier and expanding platform support for AIGC video-generation models.

  • Related PR: #3739
    Contributor: @johnlanni
    Change Log: Added the replace configuration option to the ai-prompt-decorator plugin, supporting ordered, role-conditioned text replacement in the content field of the final assembled messages, using either literal strings or RE2 regular expressions, enhancing dynamic request content rewriting capabilities.
    Feature Value: Enables users to flexibly implement text processing needs—including sensitive word filtering, brand term normalization, and placeholder desensitization—without modifying business logic, improving the AI gateway’s adaptability in compliance, security, and multi-tenant scenarios.

  • Related PR: #3738
    Contributor: @JianweiWang
    Change Log: Added configurable fallback JSON paths for response content extraction (responseContentFallbackJsonPaths and responseStreamContentFallbackJsonPaths) to the ai-security-guard plugin, supporting non-OpenAI formats such as Anthropic Claude; when the primary path yields an empty result, fallback paths are attempted sequentially, automatically skipping any fallback path identical to the primary one.
    Feature Value: Enhances plugin compatibility and robustness, allowing users to perform content safety checks against diverse LLMs (e.g., Claude) without code changes—reducing multi-model adaptation effort and ensuring stable, accurate response content extraction.

  • Related PR: #3734
    Contributor: @CH3CHO
    Change Log: Added existence check for the patch command in the build-envoy.sh script; triggers early failure if missing; also optimized error handling during build-envoy.patch application to prevent silent Bazel dependency errors caused by unexecuted patches.
    Feature Value: Significantly improves observability and robustness of the Envoy build process; users receive immediate, clear error messages if the patch command is absent, drastically lowering debugging effort and environment configuration troubleshooting costs.

  • Related PR: #3724
    Contributor: @wydream
    Change Log: Added Qwen rerank and conversations API path support to the AI Proxy plugin, extending path mapping rules, API name constants, and Qwen-specific routing logic; supplemented comprehensive regression test cases covering path recognition and provider routing functionality.
    Feature Value: Users can invoke Qwen’s reranking and conversational capabilities via standard-compatibility interfaces, improving unified multi-model service access experiences; broadens AI Proxy support for domestic large language models (Qwen), lowering business integration barriers and boosting routing accuracy.

  • Related PR: #3700
    Contributor: @wydream
    Change Log: Added the cooldownDuration configuration option to the ai-proxy failover mechanism, enabling automatically restored API keys after a specified millisecond cooldown period—eliminating dependency on real requests for health checking and reducing token consumption and configuration complexity.
    Feature Value: Empowers users to manage API key availability more flexibly, mitigating long-term unavailability risks due to rate limiting, saving invocation costs, and simplifying failover configuration to enhance system stability and operational efficiency.

  • Related PR: #3694
    Contributor: @CH3CHO
    Change Log: Added configurable forwarding capability for attributes in external authorization requests, supporting transparent transmission of key contextual fields such as route_name and cluster_name; implemented via extension of the AuthorizationRequest struct with an AllowedProperties field, alongside updates to configuration parsing logic and SDK dependencies.
    Feature Value: Enables users to access richer Envoy gateway context information in external authorization services, improving the precision and flexibility of authorization policies and facilitating fine-grained access control based on dimensions like route and cluster—lowering customization development costs.

  • Related PR: #3690
    Contributor: @JianweiWang
    Change Log: Added support for sensitive data masking, enabling desensitization and replacement of sensitive fields in API responses via the riskAction configuration (block/mask); introduced new dimension types—customLabel, maliciousFile, and waterMark—and added dimension-level action configuration to improve risk mitigation flexibility.
    Feature Value: Allows dynamic desensitization of sensitive information without service interruption, strengthening AI application compliance capabilities; multi-dimensional, fine-grained risk control strategies enable more precise content security governance—reducing false positives and satisfying regulatory requirements across diverse business scenarios.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3829
    Contributor: @CH3CHO
    Change Log: Fixed a typo in the JSON/YAML tag for the apiTokens field in the ProviderConfig struct within the ai-proxy plugin, correcting it to the proper format to ensure correct configuration parsing and serialization.
    Feature Value: Prevents configuration parsing failures or incorrect loading of API tokens caused by erroneous field tags, enhancing the stability and reliability of the AI proxy service and enabling users to seamlessly configure and utilize authentication credentials for various AI providers.

  • Related PR: #3801
    Contributor: @CH3CHO
    Change Log: Fixed logging issues during EnvoyFilter construction regarding unsupported upstream protocols, by adding missing formatting parameters to ensure warning logs correctly display the protocol type and context.
    Feature Value: Improves debugging and operational observability, enabling users to accurately identify unsupported protocols and their locations upon misconfiguration—reducing troubleshooting time and enhancing Ingress gateway configuration robustness and maintainability.

  • Related PR: #3799
    Contributor: @Betula-L
    Change Log: Fixed an issue where empty input objects (input:{}) in Claude tool calls were unexpectedly omitted during internal bridge conversion to Bedrock Converse format; addressed via adjustments to struct field JSON tags and expanded test coverage to ensure empty maps are preserved correctly.
    Feature Value: Ensures Claude messages using parameterless tools are accurately relayed to the underlying Bedrock service, preventing tool call failures or abnormal behavior caused by missing inputs—improving AI proxy compatibility and reliability in multi-model adaptation scenarios.

  • Related PR: #3788
    Contributor: @Betula-L
    Change Log: Fixed structural data loss in Bedrock Claude inference blocks during ai-proxy protocol bridging by refactoring the convertEventFromBedrockToOpenAI logic and introducing redactedBlockIndexes state management—ensuring reasoningContent remains within native Anthropic message blocks rather than being merged into plain text.
    Feature Value: Users invoking Bedrock Claude models will correctly receive structured reasoning blocks (e.g., <think>...</think>), avoiding accidental exposure of reasoning processes to end users—enhancing response semantic integrity and compatibility, and guaranteeing Anthropic Messages API specification–compliant interactions.

  • Related PR: #3786
    Contributor: @Betula-L
    Change Log: Fixed incorrect mapping between contentBlockIndex in Bedrock Claude streaming responses and tool_calls[].index in OpenAI format, properly handling index misalignment for parallel tool calls and refining tool_choice parameter conversion logic to preserve semantic consistency and ordering fidelity in streaming tool calls within ai-proxy.
    Feature Value: Users performing parallel multi-tool calls with Bedrock Claude models will receive accurate, predictable streaming tool_calls indices and correctly triggered tool_choice behaviors—preventing tool execution disorder or loss and significantly enhancing production-environment compatibility and reliability.

  • Related PR: #3779
    Contributor: @CH3CHO
    Change Log: Fixed an issue where certain controller logs continued outputting as plaintext despite enabling the --log_as_json flag; resolved by uniformly replacing log package imports with istio.io/istio/pkg/log, ensuring all components use the same JSON logging implementation.
    Feature Value: Improves log format consistency and observability, facilitating centralized collection, parsing, and analysis of Higress controller logs in environments like Kubernetes—reducing operational troubleshooting cost and strengthening production log standardization.

  • Related PR: #3777
    Contributor: @wydream
    Change Log: Fixed API key injection issues for Vertex AI Express Mode’s raw REST endpoints in the ai-proxy plugin, expanding regex patterns to match Express Mode URLs lacking /projects/{project}/locations/{location} path segments and adding test cases validating request header processing logic.
    Feature Value: Enables users to correctly invoke simplified Vertex AI Express Mode REST interfaces (e.g., streamGenerateContent) without manually constructing complex paths, enhancing proxy compatibility and usability—and avoiding 401 authentication failures caused by missing key injection.

  • Related PR: #3770
    Contributor: @CH3CHO
    Change Log: Fixed inability to skip TLS certificate verification for HTTPS upstream connections by adding configuration support for certificate verification bypass in upstreamtls.go, and supplementing protobuf and google.golang.org dependencies in test files to support unit testing of the new capability.
    Feature Value: Enables Higress to support HTTPS upstream services using self-signed certificates, resolving connection failures arising from untrusted certificates in enterprise internal or testing environments—improving deployment flexibility and compatibility.

  • Related PR: #3765
    Contributor: @wydream
    Change Log: Fixed ai-proxy support for Azure OpenAI v1 service URLs by adding recognition and routing logic for /openai/v1 and subpaths, accommodating the new URL format without api-version parameters, while retaining api-version validation logic for legacy deployment URLs.
    Feature Value: Enables users to seamlessly integrate with Azure OpenAI’s latest v1 REST API standard without manually appending api-version, enhancing configuration flexibility and service compatibility—reducing request failure rates due to URL format changes and strengthening proxy stability and usability.

  • Related PR: #3757
    Contributor: @srpatcha
    Change Log: Added nil checks, safe type assertions, and panic protection mechanisms to fix multiple potential nil pointer dereferences and type assertion failures; additionally optimized regex compilation logic in WASM plugins to prevent runtime panics.
    Feature Value: Significantly improves gateway stability and robustness, preventing service crashes due to anomalous inputs or misconfigurations; users benefit from a more reliable API gateway experience, lowering online failure rates and operational overhead.

  • Related PR: #3756
    Contributor: @wydream
    Change Log: Fixed loss of thinking/redacted_thinking content blocks during /v1/messages to OpenAI chat/completions request transformation for Claude, enhanced transmission of tool-call reasoning context, and introduced preserve_thinking and promote_thinking_on_empty configuration options for provider-level compatibility control.
    Feature Value: Ensures AI proxies backed by Claude correctly convey complete chain-of-thought information to models supporting reasoning_content (e.g., Qwen), while avoiding compatibility breakage for strict-standard providers like OpenAI/Azure—improving functional consistency and reliability in multi-model routing scenarios.

  • Related PR: #3733
    Contributor: @wydream
    Change Log: Fixed compatibility issues with non-standard upstream responses in Claude streaming transformations: correctly handles empty-string finish_reason, prevents duplicate triggering of message_stop due to usage, and avoids processing redundant chunks after message_stop to prevent event reordering.
    Feature Value: Enhances AI proxy stability and reliability in multi-vendor compatibility scenarios, preventing streaming response interruptions or disorder—ensuring users receive complete, chronologically ordered Claude-style SSE streams and improving the overall LLM invocation experience.

  • Related PR: #3731
    Contributor: @JianweiWang
    Change Log: Removed the mandatory fallback interception logic for Suggestion=block in the AI Security Guard, replacing it with unified risk-dimension–based threshold evaluation; modified core assessment logic in config.go and updated multiple test cases to accurately cover threshold-driven RiskBlock decision paths.
    Feature Value: Improves risk interception accuracy and configurability, preventing unintended blocking caused by misconfigured Suggestion=block; users now exert precise control over interception behavior via thresholds—enhancing policy transparency, debuggability, and reducing false positive rates.

  • Related PR: #3722
    Contributor: @wydream
    Change Log: Migrated Qwen-compatible response endpoint path from the deprecated legacy URL /api/v2/apps/protocols/compatible-mode/v1/responses to the new official path /compatible-mode/v1/responses, updating path constants and assertions in provider/qwen.go and test files to ensure continued valid interface invocation by the AI proxy.
    Feature Value: Prevents service disruption caused by Qwen (DashScope) deprecation of the legacy API path, safeguarding stability and continuity of Qwen model invocation via ai-proxy—enabling seamless transition to the new interface without client-side code changes.

  • Related PR: #3695
    Contributor: @wydream
    Change Log: Fixed missing API Key authentication in Vertex Raw Express Mode by appending the API Key to the URL query string in OnRequestBody and cleaning the Authorization header; also resolved global authentication header leakage and URL construction logic defects in Express Mode.
    Feature Value: Enables Vertex Raw Express Mode to authenticate correctly against Google Vertex AI services via API Key—preventing 401 errors; improves proxy stability and compatibility, ensuring users can reliably invoke large language model APIs in this mode.

  • Related PR: #3682
    Contributor: @CH3CHO
    Change Log: Fixed absence of TARGET_ARCH validity checking in the golang-filter during build-gateway-local, by introducing a VALID_ARCHS whitelist and error-checking logic in Makefile.core.mk—supporting only amd64 and arm64, preventing build failures or erroneous binaries from invalid architecture parameters.
    Feature Value: Enhances robustness and maintainability of multi-architecture builds, preventing silent build errors or runtime anomalies due to invalid TARGET_ARCH values (e.g., x86, ppc64le); guarantees correct compilation and deployment of the Higress gateway across diverse CPU architectures.

  • Related PR: #3576
    Contributor: @Jing-ze
    Change Log: Fixed stale ROUTE_NAME attribute returning outdated route names post-reroute in WASM contexts, by correcting the StreamInfoImpl::getRouteName() invocation logic in Envoy 1.36 to ensure fresh route names are retrieved after clearRouteCache.
    Feature Value: Ensures WASM plugins correctly match rules following rerouting, preventing matchRule failures due to stale route names—improving routing policy execution accuracy and stability, which is critical for user features relying on dynamic route matching.

  • Related PR: #3425
    Contributor: @CH3CHO
    Change Log: Added a default value (higress-registry.cn-hangzhou.cr.aliyuncs.com/higress) to the HUB argument in Dockerfile.higress, eliminating build-time warnings when HUB is not explicitly provided, while preserving backward compatibility: explicitly passed values retain precedence.
    Feature Value: Removes redundant warnings during Docker builds, improving CI/CD pipeline readability and stability; users can complete local builds without specifying the HUB parameter—lowering entry barriers and maintenance costs.

📚 Documentation Updates (Documentation)

  • Related PR: #3830
    Contributor: @EndlessSeeker
    Change Log: Added OpenSSF Best Practices badges to README files in English, Chinese, and Japanese versions, embedded via Markdown image links pointing to the project’s assessment page on the OpenSSF Best Practices platform—enhancing project compliance and credibility visibility.
    Feature Value: Strengthens project transparency and trustworthiness, enabling users to quickly assess Higress’ adherence to open-source best practices in security and maintainability—boosting community and enterprise user confidence and adoption willingness.

  • Related PR: #3764
    Contributor: @EndlessSeeker
    Change Log: Updated SECURITY.md, CONTRIBUTING series documentation, and added GOVERNANCE.md, formalizing vulnerability reporting procedures, defining security response SLAs and teams, and clarifying CNCF governance models—meeting CNCF Sandbox and OpenSSF Best Practices certification requirements.
    Feature Value: Elevates project security compliance and transparency, providing users with standardized channels and response commitments for security issues—strengthening enterprise user trust; simultaneously enhances multilingual contribution guidelines, lowering global developer participation barriers and promoting healthy, sustainable community growth.

  • Related PR: #3754
    Contributor: @johnlanni
    Change Log: Added a top-level MAINTAINERS.md file listing current Higress project maintainers, including maintainer responsibility descriptions and CNCF Sandbox compliance statements—providing essential governance documentation required for CNCF sandbox onboarding.
    Feature Value: Enhances project transparency and community governance standardization, assisting external contributors in identifying core maintenance teams, accelerating CNCF sandbox certification, and laying foundations for future maintainer transitions and permission management—bolstering user confidence in the project’s long-term stability.

  • Related PR: #3730
    Contributor: @CH3CHO
    Change Log: Updated English and Chinese README files to align with the latest configuration parsing logic, correcting contradictory defaults, inaccurate path descriptions, and unclear string concatenation formats, and removing outdated build instructions (e.g., tinygo requirements).
    Feature Value: Improves documentation accuracy and consistency, preventing plugin activation failures stemming from obsolete or erroneous configuration examples; synchronized bilingual documentation lowers comprehension barriers for multilingual users—enhancing AI caching plugin usability and reliability.

  • Related PR: #3696
    Contributor: @github-actions[bot]
    Change Log: Added bilingual release notes files for version 2.2.1 (README.md and README_ZH.md), automatically summarizing 65 updates spanning new features, bug fixes, refactorings, optimizations, and documentation improvements—with categorical statistics.
    Feature Value: Provides users with a well-structured, multilingual overview of version changes, accelerating understanding of upgrade benefits and impact scope—enhancing transparency and maintainability and lowering upgrade decision-making costs.

🧪 Testing Improvements (Testing)

  • Related PR: #3790
    Contributor: @Jing-ze
    Change Log: Expanded integration test coverage for the AI Proxy WASM plugin, including boundary cases for configuration parsing, streaming response body handling, failover verification, and utility function testing; added export_test.go to expose internal functions for testing purposes—significantly improving WASM environment test completeness.
    Feature Value: Strengthens stability and compatibility assurance for the AI Proxy plugin across diverse WASM runtimes and AI service providers, lowering risks of service interruption arising from configuration anomalies or network failures—enhancing reliability and maintainability for production deployments.

📊 Release Statistics

  • 🚀 New Features: 13 items
  • 🐛 Bug Fixes: 18 items
  • 📚 Documentation Updates: 5 items
  • 🧪 Testing Improvements: 1 item

Total: 37 changes

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

  • New Features: 7 items
  • Bug Fixes: 9 items
  • Documentation Updates: 2 items

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: Enhanced MCP Server interaction capabilities: added support for automatic Host header rewriting for DNS backends; improved transport protocol selection and full-path configuration in direct routing scenarios; enhanced parsing of special characters (e.g., @) in DSNs for DB-to-MCP Server scenarios.
    Feature Value: Improves flexibility and compatibility of MCP Server integration, enabling users to connect more easily to backend services deployed in diverse environments, reducing configuration complexity, and preventing connectivity issues caused by path prefix misinterpretation or DSN parsing failures.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: Added plugin visibility functionality to the AI Route Management page: supports expanding rows to view enabled plugins and displays an 'Enabled' badge on the configuration page; extended PluginList component logic to support AI_ROUTE-type queries, and enhanced cleanup of i18n language-change listeners in route.tsx.
    Feature Value: Users can now intuitively view plugins enabled for AI routes, aligning the experience with that of conventional route management—improving maintainability and observability of AI route configurations; unified UI interactions reduce learning overhead and enhance completeness of platform support for AI use cases.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: Introduced support for regex-based path rewriting via the higress.io/rewrite-target annotation, extended Kubernetes annotation constants, route transformation logic, and front-end/back-end internationalized copy, thereby increasing routing match flexibility.
    Feature Value: Enables precise control over path rewriting behavior using regular expressions, meeting complex routing requirements such as dynamic path parameter extraction and mapping—significantly enhancing the expressiveness of gateway configuration and its adaptability to business needs.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: Added the constant STATIC_SERVICE_PORT = 80 to the static service source form component and explicitly displays this fixed port in the UI, making users clearly aware that static services default to port 80—improving configuration transparency and predictability.
    Feature Value: Users configuring static service sources can immediately see that the default port is 80, avoiding configuration errors or debugging difficulties caused by port misconceptions—lowering entry barriers and improving deployment efficiency and consistency of user experience.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: Added a search function to the upstream service selection component in AI route configuration; extended the Select component logic in index.tsx to enable real-time searching and filtering across large numbers of upstream services—improving configuration efficiency and accuracy.
    Feature Value: Users can quickly locate target upstream services when configuring AI routes instead of manually scrolling through long lists—significantly reducing configuration error rates, especially in complex AI gateway scenarios with dozens or more services—enhancing both operational and development efficiency.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: Added support for Tongyi Qwen large language model (LLM) services, including custom service endpoint configuration, Internet search toggle, and file ID upload; implemented QwenLlmProviderHandler on the backend and added multilingual support and provider form adaptation on the frontend.
    Feature Value: Enables flexible integration with self-hosted or cloud-based Qwen services, supporting search augmentation and file context injection—improving compatibility and extensibility of the AI gateway for domestic LLMs and lowering enterprise private-deployment barriers.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: Introduced the VPort virtual port attribute, extending MCP Bridge registry configuration capabilities; added the vport field and corresponding CRD model to ServiceSource, enabling uniform specification of default backend ports for service instances—resolving routing failures caused by inconsistent actual port numbers across instances registered in Eureka/Nacos registries.
    Feature Value: Allows users to explicitly declare a virtual port during service discovery configuration, ensuring routing rules remain resilient to backend port changes—preventing traffic disruptions due to dynamic instance port changes, thus improving microservice governance stability and operational predictability.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: Fixed a spelling error in the sortWasmPluginMatchRules logic—corrected variable names or logical typos causing potential behavioral anomalies during matching rule sorting—ensuring WASM plugin matching rules are sorted by priority as intended.
    Feature Value: Prevents incorrect rule ordering caused by typographical errors, guaranteeing that WASM plugins take effect in Kubernetes strictly according to user-specified priorities—enhancing reliability and consistency of plugin routing and policy enforcement.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: Fixed duplicate version information storage when converting AiRoute to ConfigMap: removed the version field from the data JSON payload, retaining it exclusively in the ConfigMap metadata—to eliminate data redundancy and potential inconsistency.
    Feature Value: Improves accuracy and consistency of configuration management, preventing parsing errors or deployment anomalies caused by duplicated version fields—enhancing system stability and maintainability, delivering direct benefits to users managing route configurations via Kubernetes ConfigMap.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: Refactored API authentication logic in SystemController, introducing an AllowAnonymous annotation mechanism to uniformly handle unauthenticated endpoints—replacing hard-coded whitelisting checks—thereby improving maintainability and security of authentication logic.
    Feature Value: Resolves potential security vulnerabilities in the system controller that could allow unauthorized access to sensitive API endpoints—enhancing overall platform security, safeguarding user data and system resources from illicit calls, and strengthening compliance and trustworthiness in enterprise production environments.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: Fixed missing unique key props in front-end list rendering (triggering React warnings), resolved Content Security Policy (CSP) blocking of external image loading, and corrected a type definition error for the Consumer.name field (erroneously typed as boolean instead of string)—improving component robustness and type safety.
    Feature Value: Eliminates console warnings and image-loading failures, improving developer experience and debugging efficiency; corrects interface type definitions to prevent runtime type errors—enhancing application stability and developer collaboration reliability, delivering smoother, warning-free UI interactions for end users.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: Fixed a type definition error for the type field (indicating service source) in the ServiceSource class and added validation logic for dictionary values—ensuring incoming registry types belong exclusively to a predefined valid set—to prevent illegal values from triggering runtime exceptions.
    Feature Value: Enhances robustness and security of service source configuration, preventing service registration failure or system exceptions due to invalid type field values—ensuring stable, predictable behavior when configuring various service registries.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: Fixed missing Content Security Policy (CSP) configuration on the front end—added a meta tag in document.tsx to declare the security policy—mitigating risks such as XSS attacks and strengthening security controls over page resource loading and script execution.
    Feature Value: Enhances front-end application security posture, effectively mitigating common web threats like cross-site scripting (XSS)—safeguarding user data and interactions, fulfilling enterprise-level security compliance requirements, and reinforcing end-user trust.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: Added logic in DashboardServiceImpl to ignore hop-to-hop HTTP headers (e.g., Transfer-Encoding: chunked) per RFC 2616 Section 13.5.1—preventing reverse proxy forwarding anomalies caused by illegal pass-through of hop-to-hop headers, which previously broke Grafana dashboard rendering.
    Feature Value: Resolves Grafana console page loading failures caused by reverse proxies forwarding hop-to-hop headers like Transfer-Encoding: chunked—improving console stability and user experience and ensuring reliable availability of monitoring integration features.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: Fixed a type error in the Consumer interface where the name field was incorrectly declared as boolean; corrected it to string to ensure alignment between front-end data structures and actual back-end response payloads—avoiding runtime errors or TypeScript compilation warnings caused by type mismatches.
    Feature Value: Enhances type safety and front-end/back-end data consistency—preventing UI rendering anomalies or flawed logic decisions due to field-type mismatches—boosting application stability, reducing developer debugging effort, and improving overall development experience.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Corrected the front-end form validation regex for AI route names to support periods (.) while restricting characters to lowercase letters only; synchronized English and Chinese error message texts to ensure UI prompts precisely reflect actual validation logic.
    Feature Value: Resolves issues where users’ AI routes were erroneously rejected or inaccurately warned about names containing periods—improving form usability and user experience; strict alignment between validation rules and UI guidance reduces user cognitive load and operation failure rates.

📚 Documentation Updates (Documentation)

  • Related PR: #611
    Contributor: @qshuai
    Change Log: Corrected API endpoint annotations in LlmProvidersController for newly added LLM provider methods—replaced inaccurate summary 'Add a new route' with a title accurately reflecting functionality—ensuring generated API documentation (e.g., Swagger) correctly describes actual behavior.
    Feature Value: Improves API documentation accuracy and developer experience—preventing misunderstandings by front-end or client developers caused by misleading summaries; enhances professionalism and maintainability of console API docs for users, reducing integration and debugging costs.

  • Related PR: #610
    Contributor: @heimanba
    Change Log: Updated frontend-gray plugin documentation to mark rewrite, backendVersion, and enabled fields as optional; updated the rules.name association path to grayDeployments[].name; and synchronized field descriptions and terminology in both English and Chinese READMEs and spec.yaml—ensuring configuration guidance accurately reflects the latest design for enhanced flexibility.
    Feature Value: Improves compatibility and usability of gray-scale configurations—lowering user configuration barriers; precise field descriptions and consistent terminology reduce misunderstandings and configuration errors—helping developers adopt front-end gray-scale features more efficiently and accurately.


📊 Release Statistics

  • 🚀 New Features: 7 items
  • 🐛 Bug Fixes: 9 items
  • 📚 Documentation Updates: 2 items

Total: 18 changes

Thanks to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.2.1...v2.2.2

2026-05-21 14:14:51
higress

v2.2.2

Higress

📋 Overview of This Release

This release includes 37 updates, covering feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

  • New Features: 13 items
  • Bug Fixes: 18 items
  • Documentation Updates: 5 items
  • Testing Improvements: 1 item

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #3827
    Contributor: @rinfx
    Change Log: Added the modelToHeader configuration option, with default value x-higress-llm-model-final; synchronously updates this header after parsing the newModel from the request body to ensure downstream logic such as rate limiting and metering aligns with the model mapping result; calls DisableReroute when reading the body to prevent routing conflicts.
    Feature Value: Enhances model routing consistency and reliability, enabling fallback, model-based rate limiting, and metering features to accurately reflect the actual matched model; users gain more stable and precise model dispatching capabilities without modifying business logic, reducing the risk of policy deviation caused by header synchronization issues.

  • Related PR: #3823
    Contributor: @johnlanni
    Change Log: Introduced an nginx-rewrite-compatible WASM plugin that implements compatible parsing of Nginx rewrite + set semantics, securely executes rewriting logic within a WASM sandbox to avoid the CVE-2026-42945 heap overflow vulnerability, and supports path matching, variable capture, and substitution.
    Feature Value: Enables Higress users to smoothly migrate existing Nginx rewrite rules while ensuring compatibility and eliminating critical security risks, lowering the refactoring cost and operational risk for legacy services transitioning from Nginx to Higress.

  • Related PR: #3820
    Contributor: @wydream
    Change Log: Refactored the /v1/messages request handling for the Bedrock Provider: replaced the original two-layer protocol conversion chain (OpenAI → Converse) with direct connectivity to the native Bedrock Mantle Anthropic Messages API; added support for the Mantle endpoint, restructured request routing logic, and extended capability declarations.
    Feature Value: Delivers lower latency, higher compatibility, and native Anthropic feature support (e.g., tool use, beta headers) for /v1/messages calls; avoids semantic loss and performance overhead associated with protocol translation, significantly improving the Bedrock integration experience and stability.

  • Related PR: #3766
    Contributor: @rinfx
    Change Log: Added support for cached token usage (CacheReadInputTokens) in the streaming response transformation logic from OpenAI to Claude; modified core transformer code and added corresponding unit test cases to ensure the Claude compatibility layer accurately conveys cached token count information.
    Feature Value: Enables AI agents to correctly report input token savings resulting from cache hits when invoking Claude models, helping users precisely monitor and optimize API costs; simultaneously improves transparency and billing consistency across multi-model metering, enhancing enterprise-grade usage analytics capabilities.

  • Related PR: #3748
    Contributor: @zat366
    Change Log: Added the enable_path_suffixes configuration option to the QuotaConfig struct to support custom path suffix matching; updated configuration parsing logic to handle default values; modified the getOperationMode function to accommodate the new path suffix logic; enhanced test coverage for the new configuration and its impact on operation modes.
    Feature Value: Allows users to flexibly define API path suffix matching rules per business requirements, increasing quota control precision and adaptability; administrators can manage quota policies for different AI service paths with finer granularity, enhancing plugin applicability and maintainability across diverse scenarios.

  • Related PR: #3742
    Contributor: @wydream
    Change Log: Added KlingAI provider support, featuring official AK/SK JWT authentication and third-party gateway static Bearer token authentication modes, covering both OpenAI-compatible and native Kling protocols, and enabling full interface capabilities including text-to-video and image-to-video generation.
    Feature Value: Users can directly invoke KlingAI video generation capabilities via the AI proxy service without implementing JWT signing or adapting to various gateways—significantly lowering the integration barrier and expanding platform support for AIGC video-generation models.

  • Related PR: #3739
    Contributor: @johnlanni
    Change Log: Added the replace configuration option to the ai-prompt-decorator plugin, supporting ordered, role-conditioned text replacement in the content field of the final assembled messages, using either literal strings or RE2 regular expressions, enhancing dynamic request content rewriting capabilities.
    Feature Value: Enables users to flexibly implement text processing needs—including sensitive word filtering, brand term normalization, and placeholder desensitization—without modifying business logic, improving the AI gateway’s adaptability in compliance, security, and multi-tenant scenarios.

  • Related PR: #3738
    Contributor: @JianweiWang
    Change Log: Added configurable fallback JSON paths for response content extraction (responseContentFallbackJsonPaths and responseStreamContentFallbackJsonPaths) to the ai-security-guard plugin, supporting non-OpenAI formats such as Anthropic Claude; when the primary path yields an empty result, fallback paths are attempted sequentially, automatically skipping any fallback path identical to the primary one.
    Feature Value: Enhances plugin compatibility and robustness, allowing users to perform content safety checks against diverse LLMs (e.g., Claude) without code changes—reducing multi-model adaptation effort and ensuring stable, accurate response content extraction.

  • Related PR: #3734
    Contributor: @CH3CHO
    Change Log: Added existence check for the patch command in the build-envoy.sh script; triggers early failure if missing; also optimized error handling during build-envoy.patch application to prevent silent Bazel dependency errors caused by unexecuted patches.
    Feature Value: Significantly improves observability and robustness of the Envoy build process; users receive immediate, clear error messages if the patch command is absent, drastically lowering debugging effort and environment configuration troubleshooting costs.

  • Related PR: #3724
    Contributor: @wydream
    Change Log: Added Qwen rerank and conversations API path support to the AI Proxy plugin, extending path mapping rules, API name constants, and Qwen-specific routing logic; supplemented comprehensive regression test cases covering path recognition and provider routing functionality.
    Feature Value: Users can invoke Qwen’s reranking and conversational capabilities via standard-compatibility interfaces, improving unified multi-model service access experiences; broadens AI Proxy support for domestic large language models (Qwen), lowering business integration barriers and boosting routing accuracy.

  • Related PR: #3700
    Contributor: @wydream
    Change Log: Added the cooldownDuration configuration option to the ai-proxy failover mechanism, enabling automatically restored API keys after a specified millisecond cooldown period—eliminating dependency on real requests for health checking and reducing token consumption and configuration complexity.
    Feature Value: Empowers users to manage API key availability more flexibly, mitigating long-term unavailability risks due to rate limiting, saving invocation costs, and simplifying failover configuration to enhance system stability and operational efficiency.

  • Related PR: #3694
    Contributor: @CH3CHO
    Change Log: Added configurable forwarding capability for attributes in external authorization requests, supporting transparent transmission of key contextual fields such as route_name and cluster_name; implemented via extension of the AuthorizationRequest struct with an AllowedProperties field, alongside updates to configuration parsing logic and SDK dependencies.
    Feature Value: Enables users to access richer Envoy gateway context information in external authorization services, improving the precision and flexibility of authorization policies and facilitating fine-grained access control based on dimensions like route and cluster—lowering customization development costs.

  • Related PR: #3690
    Contributor: @JianweiWang
    Change Log: Added support for sensitive data masking, enabling desensitization and replacement of sensitive fields in API responses via the riskAction configuration (block/mask); introduced new dimension types—customLabel, maliciousFile, and waterMark—and added dimension-level action configuration to improve risk mitigation flexibility.
    Feature Value: Allows dynamic desensitization of sensitive information without service interruption, strengthening AI application compliance capabilities; multi-dimensional, fine-grained risk control strategies enable more precise content security governance—reducing false positives and satisfying regulatory requirements across diverse business scenarios.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3829
    Contributor: @CH3CHO
    Change Log: Fixed a typo in the JSON/YAML tag for the apiTokens field in the ProviderConfig struct within the ai-proxy plugin, correcting it to the proper format to ensure correct configuration parsing and serialization.
    Feature Value: Prevents configuration parsing failures or incorrect loading of API tokens caused by erroneous field tags, enhancing the stability and reliability of the AI proxy service and enabling users to seamlessly configure and utilize authentication credentials for various AI providers.

  • Related PR: #3801
    Contributor: @CH3CHO
    Change Log: Fixed logging issues during EnvoyFilter construction regarding unsupported upstream protocols, by adding missing formatting parameters to ensure warning logs correctly display the protocol type and context.
    Feature Value: Improves debugging and operational observability, enabling users to accurately identify unsupported protocols and their locations upon misconfiguration—reducing troubleshooting time and enhancing Ingress gateway configuration robustness and maintainability.

  • Related PR: #3799
    Contributor: @Betula-L
    Change Log: Fixed an issue where empty input objects (input:{}) in Claude tool calls were unexpectedly omitted during internal bridge conversion to Bedrock Converse format; addressed via adjustments to struct field JSON tags and expanded test coverage to ensure empty maps are preserved correctly.
    Feature Value: Ensures Claude messages using parameterless tools are accurately relayed to the underlying Bedrock service, preventing tool call failures or abnormal behavior caused by missing inputs—improving AI proxy compatibility and reliability in multi-model adaptation scenarios.

  • Related PR: #3788
    Contributor: @Betula-L
    Change Log: Fixed structural data loss in Bedrock Claude inference blocks during ai-proxy protocol bridging by refactoring the convertEventFromBedrockToOpenAI logic and introducing redactedBlockIndexes state management—ensuring reasoningContent remains within native Anthropic message blocks rather than being merged into plain text.
    Feature Value: Users invoking Bedrock Claude models will correctly receive structured reasoning blocks (e.g., <think>...</think>), avoiding accidental exposure of reasoning processes to end users—enhancing response semantic integrity and compatibility, and guaranteeing Anthropic Messages API specification–compliant interactions.

  • Related PR: #3786
    Contributor: @Betula-L
    Change Log: Fixed incorrect mapping between contentBlockIndex in Bedrock Claude streaming responses and tool_calls[].index in OpenAI format, properly handling index misalignment for parallel tool calls and refining tool_choice parameter conversion logic to preserve semantic consistency and ordering fidelity in streaming tool calls within ai-proxy.
    Feature Value: Users performing parallel multi-tool calls with Bedrock Claude models will receive accurate, predictable streaming tool_calls indices and correctly triggered tool_choice behaviors—preventing tool execution disorder or loss and significantly enhancing production-environment compatibility and reliability.

  • Related PR: #3779
    Contributor: @CH3CHO
    Change Log: Fixed an issue where certain controller logs continued outputting as plaintext despite enabling the --log_as_json flag; resolved by uniformly replacing log package imports with istio.io/istio/pkg/log, ensuring all components use the same JSON logging implementation.
    Feature Value: Improves log format consistency and observability, facilitating centralized collection, parsing, and analysis of Higress controller logs in environments like Kubernetes—reducing operational troubleshooting cost and strengthening production log standardization.

  • Related PR: #3777
    Contributor: @wydream
    Change Log: Fixed API key injection issues for Vertex AI Express Mode’s raw REST endpoints in the ai-proxy plugin, expanding regex patterns to match Express Mode URLs lacking /projects/{project}/locations/{location} path segments and adding test cases validating request header processing logic.
    Feature Value: Enables users to correctly invoke simplified Vertex AI Express Mode REST interfaces (e.g., streamGenerateContent) without manually constructing complex paths, enhancing proxy compatibility and usability—and avoiding 401 authentication failures caused by missing key injection.

  • Related PR: #3770
    Contributor: @CH3CHO
    Change Log: Fixed inability to skip TLS certificate verification for HTTPS upstream connections by adding configuration support for certificate verification bypass in upstreamtls.go, and supplementing protobuf and google.golang.org dependencies in test files to support unit testing of the new capability.
    Feature Value: Enables Higress to support HTTPS upstream services using self-signed certificates, resolving connection failures arising from untrusted certificates in enterprise internal or testing environments—improving deployment flexibility and compatibility.

  • Related PR: #3765
    Contributor: @wydream
    Change Log: Fixed ai-proxy support for Azure OpenAI v1 service URLs by adding recognition and routing logic for /openai/v1 and subpaths, accommodating the new URL format without api-version parameters, while retaining api-version validation logic for legacy deployment URLs.
    Feature Value: Enables users to seamlessly integrate with Azure OpenAI’s latest v1 REST API standard without manually appending api-version, enhancing configuration flexibility and service compatibility—reducing request failure rates due to URL format changes and strengthening proxy stability and usability.

  • Related PR: #3757
    Contributor: @srpatcha
    Change Log: Added nil checks, safe type assertions, and panic protection mechanisms to fix multiple potential nil pointer dereferences and type assertion failures; additionally optimized regex compilation logic in WASM plugins to prevent runtime panics.
    Feature Value: Significantly improves gateway stability and robustness, preventing service crashes due to anomalous inputs or misconfigurations; users benefit from a more reliable API gateway experience, lowering online failure rates and operational overhead.

  • Related PR: #3756
    Contributor: @wydream
    Change Log: Fixed loss of thinking/redacted_thinking content blocks during /v1/messages to OpenAI chat/completions request transformation for Claude, enhanced transmission of tool-call reasoning context, and introduced preserve_thinking and promote_thinking_on_empty configuration options for provider-level compatibility control.
    Feature Value: Ensures AI proxies backed by Claude correctly convey complete chain-of-thought information to models supporting reasoning_content (e.g., Qwen), while avoiding compatibility breakage for strict-standard providers like OpenAI/Azure—improving functional consistency and reliability in multi-model routing scenarios.

  • Related PR: #3733
    Contributor: @wydream
    Change Log: Fixed compatibility issues with non-standard upstream responses in Claude streaming transformations: correctly handles empty-string finish_reason, prevents duplicate triggering of message_stop due to usage, and avoids processing redundant chunks after message_stop to prevent event reordering.
    Feature Value: Enhances AI proxy stability and reliability in multi-vendor compatibility scenarios, preventing streaming response interruptions or disorder—ensuring users receive complete, chronologically ordered Claude-style SSE streams and improving the overall LLM invocation experience.

  • Related PR: #3731
    Contributor: @JianweiWang
    Change Log: Removed the mandatory fallback interception logic for Suggestion=block in the AI Security Guard, replacing it with unified risk-dimension–based threshold evaluation; modified core assessment logic in config.go and updated multiple test cases to accurately cover threshold-driven RiskBlock decision paths.
    Feature Value: Improves risk interception accuracy and configurability, preventing unintended blocking caused by misconfigured Suggestion=block; users now exert precise control over interception behavior via thresholds—enhancing policy transparency, debuggability, and reducing false positive rates.

  • Related PR: #3722
    Contributor: @wydream
    Change Log: Migrated Qwen-compatible response endpoint path from the deprecated legacy URL /api/v2/apps/protocols/compatible-mode/v1/responses to the new official path /compatible-mode/v1/responses, updating path constants and assertions in provider/qwen.go and test files to ensure continued valid interface invocation by the AI proxy.
    Feature Value: Prevents service disruption caused by Qwen (DashScope) deprecation of the legacy API path, safeguarding stability and continuity of Qwen model invocation via ai-proxy—enabling seamless transition to the new interface without client-side code changes.

  • Related PR: #3695
    Contributor: @wydream
    Change Log: Fixed missing API Key authentication in Vertex Raw Express Mode by appending the API Key to the URL query string in OnRequestBody and cleaning the Authorization header; also resolved global authentication header leakage and URL construction logic defects in Express Mode.
    Feature Value: Enables Vertex Raw Express Mode to authenticate correctly against Google Vertex AI services via API Key—preventing 401 errors; improves proxy stability and compatibility, ensuring users can reliably invoke large language model APIs in this mode.

  • Related PR: #3682
    Contributor: @CH3CHO
    Change Log: Fixed absence of TARGET_ARCH validity checking in the golang-filter during build-gateway-local, by introducing a VALID_ARCHS whitelist and error-checking logic in Makefile.core.mk—supporting only amd64 and arm64, preventing build failures or erroneous binaries from invalid architecture parameters.
    Feature Value: Enhances robustness and maintainability of multi-architecture builds, preventing silent build errors or runtime anomalies due to invalid TARGET_ARCH values (e.g., x86, ppc64le); guarantees correct compilation and deployment of the Higress gateway across diverse CPU architectures.

  • Related PR: #3576
    Contributor: @Jing-ze
    Change Log: Fixed stale ROUTE_NAME attribute returning outdated route names post-reroute in WASM contexts, by correcting the StreamInfoImpl::getRouteName() invocation logic in Envoy 1.36 to ensure fresh route names are retrieved after clearRouteCache.
    Feature Value: Ensures WASM plugins correctly match rules following rerouting, preventing matchRule failures due to stale route names—improving routing policy execution accuracy and stability, which is critical for user features relying on dynamic route matching.

  • Related PR: #3425
    Contributor: @CH3CHO
    Change Log: Added a default value (higress-registry.cn-hangzhou.cr.aliyuncs.com/higress) to the HUB argument in Dockerfile.higress, eliminating build-time warnings when HUB is not explicitly provided, while preserving backward compatibility: explicitly passed values retain precedence.
    Feature Value: Removes redundant warnings during Docker builds, improving CI/CD pipeline readability and stability; users can complete local builds without specifying the HUB parameter—lowering entry barriers and maintenance costs.

📚 Documentation Updates (Documentation)

  • Related PR: #3830
    Contributor: @EndlessSeeker
    Change Log: Added OpenSSF Best Practices badges to README files in English, Chinese, and Japanese versions, embedded via Markdown image links pointing to the project’s assessment page on the OpenSSF Best Practices platform—enhancing project compliance and credibility visibility.
    Feature Value: Strengthens project transparency and trustworthiness, enabling users to quickly assess Higress’ adherence to open-source best practices in security and maintainability—boosting community and enterprise user confidence and adoption willingness.

  • Related PR: #3764
    Contributor: @EndlessSeeker
    Change Log: Updated SECURITY.md, CONTRIBUTING series documentation, and added GOVERNANCE.md, formalizing vulnerability reporting procedures, defining security response SLAs and teams, and clarifying CNCF governance models—meeting CNCF Sandbox and OpenSSF Best Practices certification requirements.
    Feature Value: Elevates project security compliance and transparency, providing users with standardized channels and response commitments for security issues—strengthening enterprise user trust; simultaneously enhances multilingual contribution guidelines, lowering global developer participation barriers and promoting healthy, sustainable community growth.

  • Related PR: #3754
    Contributor: @johnlanni
    Change Log: Added a top-level MAINTAINERS.md file listing current Higress project maintainers, including maintainer responsibility descriptions and CNCF Sandbox compliance statements—providing essential governance documentation required for CNCF sandbox onboarding.
    Feature Value: Enhances project transparency and community governance standardization, assisting external contributors in identifying core maintenance teams, accelerating CNCF sandbox certification, and laying foundations for future maintainer transitions and permission management—bolstering user confidence in the project’s long-term stability.

  • Related PR: #3730
    Contributor: @CH3CHO
    Change Log: Updated English and Chinese README files to align with the latest configuration parsing logic, correcting contradictory defaults, inaccurate path descriptions, and unclear string concatenation formats, and removing outdated build instructions (e.g., tinygo requirements).
    Feature Value: Improves documentation accuracy and consistency, preventing plugin activation failures stemming from obsolete or erroneous configuration examples; synchronized bilingual documentation lowers comprehension barriers for multilingual users—enhancing AI caching plugin usability and reliability.

  • Related PR: #3696
    Contributor: @github-actions[bot]
    Change Log: Added bilingual release notes files for version 2.2.1 (README.md and README_ZH.md), automatically summarizing 65 updates spanning new features, bug fixes, refactorings, optimizations, and documentation improvements—with categorical statistics.
    Feature Value: Provides users with a well-structured, multilingual overview of version changes, accelerating understanding of upgrade benefits and impact scope—enhancing transparency and maintainability and lowering upgrade decision-making costs.

🧪 Testing Improvements (Testing)

  • Related PR: #3790
    Contributor: @Jing-ze
    Change Log: Expanded integration test coverage for the AI Proxy WASM plugin, including boundary cases for configuration parsing, streaming response body handling, failover verification, and utility function testing; added export_test.go to expose internal functions for testing purposes—significantly improving WASM environment test completeness.
    Feature Value: Strengthens stability and compatibility assurance for the AI Proxy plugin across diverse WASM runtimes and AI service providers, lowering risks of service interruption arising from configuration anomalies or network failures—enhancing reliability and maintainability for production deployments.

📊 Release Statistics

  • 🚀 New Features: 13 items
  • 🐛 Bug Fixes: 18 items
  • 📚 Documentation Updates: 5 items
  • 🧪 Testing Improvements: 1 item

Total: 37 changes

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

  • New Features: 7 items
  • Bug Fixes: 9 items
  • Documentation Updates: 2 items

📝 Full Change Log

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: Enhanced MCP Server interaction capabilities: added support for automatic Host header rewriting for DNS backends; improved transport protocol selection and full-path configuration in direct routing scenarios; enhanced parsing of special characters (e.g., @) in DSNs for DB-to-MCP Server scenarios.
    Feature Value: Improves flexibility and compatibility of MCP Server integration, enabling users to connect more easily to backend services deployed in diverse environments, reducing configuration complexity, and preventing connectivity issues caused by path prefix misinterpretation or DSN parsing failures.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: Added plugin visibility functionality to the AI Route Management page: supports expanding rows to view enabled plugins and displays an 'Enabled' badge on the configuration page; extended PluginList component logic to support AI_ROUTE-type queries, and enhanced cleanup of i18n language-change listeners in route.tsx.
    Feature Value: Users can now intuitively view plugins enabled for AI routes, aligning the experience with that of conventional route management—improving maintainability and observability of AI route configurations; unified UI interactions reduce learning overhead and enhance completeness of platform support for AI use cases.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: Introduced support for regex-based path rewriting via the higress.io/rewrite-target annotation, extended Kubernetes annotation constants, route transformation logic, and front-end/back-end internationalized copy, thereby increasing routing match flexibility.
    Feature Value: Enables precise control over path rewriting behavior using regular expressions, meeting complex routing requirements such as dynamic path parameter extraction and mapping—significantly enhancing the expressiveness of gateway configuration and its adaptability to business needs.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: Added the constant STATIC_SERVICE_PORT = 80 to the static service source form component and explicitly displays this fixed port in the UI, making users clearly aware that static services default to port 80—improving configuration transparency and predictability.
    Feature Value: Users configuring static service sources can immediately see that the default port is 80, avoiding configuration errors or debugging difficulties caused by port misconceptions—lowering entry barriers and improving deployment efficiency and consistency of user experience.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: Added a search function to the upstream service selection component in AI route configuration; extended the Select component logic in index.tsx to enable real-time searching and filtering across large numbers of upstream services—improving configuration efficiency and accuracy.
    Feature Value: Users can quickly locate target upstream services when configuring AI routes instead of manually scrolling through long lists—significantly reducing configuration error rates, especially in complex AI gateway scenarios with dozens or more services—enhancing both operational and development efficiency.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: Added support for Tongyi Qwen large language model (LLM) services, including custom service endpoint configuration, Internet search toggle, and file ID upload; implemented QwenLlmProviderHandler on the backend and added multilingual support and provider form adaptation on the frontend.
    Feature Value: Enables flexible integration with self-hosted or cloud-based Qwen services, supporting search augmentation and file context injection—improving compatibility and extensibility of the AI gateway for domestic LLMs and lowering enterprise private-deployment barriers.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: Introduced the VPort virtual port attribute, extending MCP Bridge registry configuration capabilities; added the vport field and corresponding CRD model to ServiceSource, enabling uniform specification of default backend ports for service instances—resolving routing failures caused by inconsistent actual port numbers across instances registered in Eureka/Nacos registries.
    Feature Value: Allows users to explicitly declare a virtual port during service discovery configuration, ensuring routing rules remain resilient to backend port changes—preventing traffic disruptions due to dynamic instance port changes, thus improving microservice governance stability and operational predictability.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: Fixed a spelling error in the sortWasmPluginMatchRules logic—corrected variable names or logical typos causing potential behavioral anomalies during matching rule sorting—ensuring WASM plugin matching rules are sorted by priority as intended.
    Feature Value: Prevents incorrect rule ordering caused by typographical errors, guaranteeing that WASM plugins take effect in Kubernetes strictly according to user-specified priorities—enhancing reliability and consistency of plugin routing and policy enforcement.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: Fixed duplicate version information storage when converting AiRoute to ConfigMap: removed the version field from the data JSON payload, retaining it exclusively in the ConfigMap metadata—to eliminate data redundancy and potential inconsistency.
    Feature Value: Improves accuracy and consistency of configuration management, preventing parsing errors or deployment anomalies caused by duplicated version fields—enhancing system stability and maintainability, delivering direct benefits to users managing route configurations via Kubernetes ConfigMap.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: Refactored API authentication logic in SystemController, introducing an AllowAnonymous annotation mechanism to uniformly handle unauthenticated endpoints—replacing hard-coded whitelisting checks—thereby improving maintainability and security of authentication logic.
    Feature Value: Resolves potential security vulnerabilities in the system controller that could allow unauthorized access to sensitive API endpoints—enhancing overall platform security, safeguarding user data and system resources from illicit calls, and strengthening compliance and trustworthiness in enterprise production environments.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: Fixed missing unique key props in front-end list rendering (triggering React warnings), resolved Content Security Policy (CSP) blocking of external image loading, and corrected a type definition error for the Consumer.name field (erroneously typed as boolean instead of string)—improving component robustness and type safety.
    Feature Value: Eliminates console warnings and image-loading failures, improving developer experience and debugging efficiency; corrects interface type definitions to prevent runtime type errors—enhancing application stability and developer collaboration reliability, delivering smoother, warning-free UI interactions for end users.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: Fixed a type definition error for the type field (indicating service source) in the ServiceSource class and added validation logic for dictionary values—ensuring incoming registry types belong exclusively to a predefined valid set—to prevent illegal values from triggering runtime exceptions.
    Feature Value: Enhances robustness and security of service source configuration, preventing service registration failure or system exceptions due to invalid type field values—ensuring stable, predictable behavior when configuring various service registries.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: Fixed missing Content Security Policy (CSP) configuration on the front end—added a meta tag in document.tsx to declare the security policy—mitigating risks such as XSS attacks and strengthening security controls over page resource loading and script execution.
    Feature Value: Enhances front-end application security posture, effectively mitigating common web threats like cross-site scripting (XSS)—safeguarding user data and interactions, fulfilling enterprise-level security compliance requirements, and reinforcing end-user trust.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: Added logic in DashboardServiceImpl to ignore hop-to-hop HTTP headers (e.g., Transfer-Encoding: chunked) per RFC 2616 Section 13.5.1—preventing reverse proxy forwarding anomalies caused by illegal pass-through of hop-to-hop headers, which previously broke Grafana dashboard rendering.
    Feature Value: Resolves Grafana console page loading failures caused by reverse proxies forwarding hop-to-hop headers like Transfer-Encoding: chunked—improving console stability and user experience and ensuring reliable availability of monitoring integration features.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: Fixed a type error in the Consumer interface where the name field was incorrectly declared as boolean; corrected it to string to ensure alignment between front-end data structures and actual back-end response payloads—avoiding runtime errors or TypeScript compilation warnings caused by type mismatches.
    Feature Value: Enhances type safety and front-end/back-end data consistency—preventing UI rendering anomalies or flawed logic decisions due to field-type mismatches—boosting application stability, reducing developer debugging effort, and improving overall development experience.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Corrected the front-end form validation regex for AI route names to support periods (.) while restricting characters to lowercase letters only; synchronized English and Chinese error message texts to ensure UI prompts precisely reflect actual validation logic.
    Feature Value: Resolves issues where users’ AI routes were erroneously rejected or inaccurately warned about names containing periods—improving form usability and user experience; strict alignment between validation rules and UI guidance reduces user cognitive load and operation failure rates.

📚 Documentation Updates (Documentation)

  • Related PR: #611
    Contributor: @qshuai
    Change Log: Corrected API endpoint annotations in LlmProvidersController for newly added LLM provider methods—replaced inaccurate summary 'Add a new route' with a title accurately reflecting functionality—ensuring generated API documentation (e.g., Swagger) correctly describes actual behavior.
    Feature Value: Improves API documentation accuracy and developer experience—preventing misunderstandings by front-end or client developers caused by misleading summaries; enhances professionalism and maintainability of console API docs for users, reducing integration and debugging costs.

  • Related PR: #610
    Contributor: @heimanba
    Change Log: Updated frontend-gray plugin documentation to mark rewrite, backendVersion, and enabled fields as optional; updated the rules.name association path to grayDeployments[].name; and synchronized field descriptions and terminology in both English and Chinese READMEs and spec.yaml—ensuring configuration guidance accurately reflects the latest design for enhanced flexibility.
    Feature Value: Improves compatibility and usability of gray-scale configurations—lowering user configuration barriers; precise field descriptions and consistent terminology reduce misunderstandings and configuration errors—helping developers adopt front-end gray-scale features more efficiently and accurately.


📊 Release Statistics

  • 🚀 New Features: 7 items
  • 🐛 Bug Fixes: 9 items
  • 📚 Documentation Updates: 2 items

Total: 18 changes

Thanks to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.2.1...v2.2.2

2026-04-09 20:11:46
higress

v2.2.1

Higress

📋 Release Overview

This release includes 65 updates, covering feature enhancements, bug fixes, and performance optimizations.

Distribution of Updates

  • New Features: 29
  • Bug Fixes: 26
  • Refactoring & Optimizations: 3
  • Documentation Updates: 7

📝 Full Changelog

🚀 New Features (Features)

  • Related PR: #3689
    Contributor: @rinfx
    Change Log: Introduces a new modelToHeader configuration option for the model-mapper plugin, enabling users to customize the HTTP request header name into which the mapped model is written. The default value is x-higress-llm-model. Additionally, refactors the header update logic to support dynamic configuration and backward compatibility.
    Feature Value: Allows users to flexibly specify the request header field name used to propagate LLM model identifiers—meeting diverse backend service integration requirements. Prevents hard-coding–induced compatibility issues and enhances the plugin’s adaptability and governance flexibility in multi-cloud and hybrid deployment scenarios.

  • Related PR: #3686
    Contributor: @rinfx
    Change Log: Adds a new providerBasePath configuration option, allowing definition of a base path prefix in ProviderConfig. This prefix is automatically injected into all provider request paths during path rewriting. Also optimizes providerDomain handling logic to improve flexibility and reliability when combining domains and paths.
    Feature Value: Enables unified API path prefix management via providerBasePath, facilitating gateway-level route aggregation, multi-tenancy isolation, and reverse proxy path rewriting. Significantly enhances the AI proxy plugin’s adaptability to complex deployment scenarios such as nested routing and SaaS multi-instance deployments.

  • Related PR: #3651
    Contributor: @wydream
    Change Log: Refactors multipart image request handling logic for the Azure Provider, fixing JSON model mapping errors and inconsistent model mapping in domain-only scenarios. Optimizes memory usage and eliminates redundant reads for large images or high-concurrency workloads, and adds comprehensive test coverage.
    Feature Value: Improves stability and performance of Azure image editing/variation APIs, ensuring correct parsing of multipart requests during large image uploads and high-concurrency scenarios—preventing request interruptions due to model mapping failures and increasing user call success rates and response efficiency.

  • Related PR: #3649
    Contributor: @wydream
    Change Log: Implements mapping from OpenAI response_format to Vertex generationConfig for the Vertex Provider in ai-proxy, with focused support for structured output in gemini-2.5+. For gemini-2.0-*, adopts a safe-ignore strategy and adds extensive test cases validating structured output logic.
    Feature Value: Enables stable use of OpenAI-standard JSON Schema response formats on Vertex backends (especially gemini-2.5+), improving model output controllability and downstream system integration efficiency. Ensures compatibility with legacy models for seamless service upgrades and reduces migration costs.

  • Related PR: #3642
    Contributor: @JianweiWang
    Change Log: Replaces the original plain-text denyMessage in the AI Security Guard plugin with a structured DenyResponseBody, introducing a response schema containing blockedDetails, requestId, and guardCode. Adds JSON serialization support and corresponding construction/parsing helper functions within the config package.
    Feature Value: Delivers richer, standardized denial-response metadata—enabling clients to precisely identify interception reasons, trace request chains, and integrate with risk control systems. Significantly improves troubleshooting efficiency and collaborative security incident analysis capabilities.

  • Related PR: #3638
    Contributor: @rinfx
    Change Log: Adds a universal providerDomain configuration field and resolveDomain DNS resolution logic to the ai-proxy plugin, supporting custom domain configuration for Gemini and Claude providers. Integrates this capability into CreateProvider and TransformRequestHeaders, and supplements full unit test coverage.
    Feature Value: Allows users to flexibly connect Gemini and Claude services across different network environments via custom domains—improving deployment flexibility and network adaptability. Particularly beneficial for enterprise intranets, proxy relays, or compliance-driven domain governance scenarios—reducing service invocation failure rates.

  • Related PR: #3632
    Contributor: @lexburner
    Change Log: Introduces a GitHub Actions workflow that automatically builds and pushes the plugin-server Docker image when an higress v*.*.* tag is released. Supports specifying the plugin-server branch/tag/commit via workflow_dispatch, enhancing automation for plugin service deployment.
    Feature Value: Eliminates manual plugin-server image building and publishing—significantly simplifying version synchronization and deployment processes across the Higress plugin ecosystem. Enhances delivery reliability and efficiency of plugin services while lowering operational overhead.

  • Related PR: #3625
    Contributor: @johnlanni
    Change Log: Adds a new promoteThinkingOnEmpty configuration option: when a model response contains only reasoning_content and no text, it automatically promotes reasoning_content to text. Also introduces the hiclawMode shortcut toggle, simultaneously enabling mergeConsecutiveMessages and promoteThinkingOnEmpty, supporting HiClaw multi-agent collaboration scenarios—including both streaming (SSE) and non-streaming response paths.
    Feature Value: Significantly improves response completeness and downstream compatibility of AI proxies in complex reasoning-chain scenarios—avoiding client exceptions caused by empty responses. hiclawMode simplifies multi-agent coordination configuration, lowers user integration barriers, and enhances robustness and usability in real-world business scenarios.

  • Related PR: #3624
    Contributor: @rinfx
    Change Log: Increases the default value_length_limit in the ai-statistics plugin from 4000 to 32000 and writes token usage to AILog immediately upon parsing it during streaming—rather than waiting until stream completion—enhancing large-field support and observability for streaming responses.
    Feature Value: Enables more complete logging of long attribute values and real-time token consumption when using coding tools like Codex—improving accuracy of AI invocation behavior analytics. Particularly mitigates token-usage loss caused by premature client disconnections in streaming scenarios—enhancing production monitoring reliability.

  • Related PR: #3620
    Contributor: @wydream
    Change Log: Adds path recognition and routing support for OpenAI speech transcription (/v1/audio/transcriptions), translation (/v1/audio/translations), real-time communication (/v1/realtime), and Qwen-compatible mode Responses API (/api/v2/apps/protocols/compatible-mode/v1/responses). Extends provider mapping relationships and test coverage.
    Feature Value: Enables the ai-proxy plugin to fully support OpenAI speech and real-time API standards, as well as the Bailian Qwen compatibility protocol—allowing users to seamlessly invoke advanced capabilities like speech processing and real-time streaming interaction. Improves multimodal AI service integration efficiency and protocol compatibility.

  • Related PR: #3609
    Contributor: @wydream
    Change Log: Adds configurable Prompt Cache retention policies for the Amazon Bedrock Provider—supporting both request-level dynamic overrides and provider-level default fallbacks. Unifies and corrects the cached_tokens measurement metric and integrates native Bedrock usage fields like cacheReadInputTokens.
    Feature Value: Empowers users to flexibly manage Prompt cache lifecycles—improving cache hit rates and cost-effectiveness. Default configuration capability lowers API invocation complexity and improves integration usability. Accurate usage metrics enable granular cost accounting and consumption analytics.

  • Related PR: #3598
    Contributor: @johnlanni
    Change Log: Adds a new mergeConsecutiveMessages configuration option. During AI proxy request preprocessing, it automatically merges consecutive messages of the same role (e.g., multiple user messages) by traversing and reconstructing the messages array—ensuring compatibility with strict alternating-message requirements of non-OpenAI models such as GLM, Kimi, and Qwen.
    Feature Value: Enables seamless adaptation of the ai-proxy plugin to mainstream domestic and local LLM services—preventing API rejection errors caused by message format noncompliance and significantly improving request success rates and user experience consistency across multi-model scenarios.

  • Related PR: #3585
    Contributor: @CH3CHO
    Change Log: Adds /responses to the default path suffix list in both the model-router and model-mapper plugins—natively enabling /v1/responses interface invocations without additional configuration required for routing or mapping response-related requests.
    Feature Value: Allows users to directly invoke model service response functionality via the /v1/responses path—improving API consistency and usability. Reduces customization overhead and strengthens the model gateway’s out-of-the-box support for emerging OpenAI-compatible interfaces.

  • Related PR: #3570
    Contributor: @CH3CHO
    Change Log: Upgrades the Console component to v2.2.1 and synchronously releases the main Higress version v2.2.1—updating the VERSION file, appVersion in Chart.yaml, and dependency versions and digests in Chart.lock to ensure the correct Console subchart version is pulled during Helm deployment.
    Feature Value: Delivers the latest Console features and UX enhancements—improving management interface stability and compatibility. Semantic version synchronization strengthens cluster deployment consistency, reduces operational risks from version mismatches, and simplifies upgrade procedures.

  • Related PR: #3563
    Contributor: @wydream
    Change Log: Adds OpenAI Prompt Cache parameter support to the Bedrock Provider—implementing conversion of request-side prompt_cache_retention/prompt_cache_key to Bedrock’s cachePoint, and mapping response-side cacheRead/cacheWrite tokens to OpenAI’s cached_tokens field in usage.
    Feature Value: Enables seamless enjoyment of OpenAI Prompt Cache functionality when using Bedrock backends—reducing repeated prompt inference overhead, improving response speed, and saving costs—while delivering standard OpenAI cache-usage metrics for monitoring and billing.

  • Related PR: #3550
    Contributor: @icylord
    Change Log: Adds configurable imagePullPolicy support for the gateway, plugin server, and controller components in the Helm Chart—achieving flexible image pull strategy control via template conditionals and new fields in values.yaml, enhancing deployment flexibility.
    Feature Value: Enables users to define image pull strategies (Always/IfNotPresent/Never) per environment (e.g., dev/staging/prod)—avoiding service disruptions due to image caching issues and improving deployment reliability and operational controllability.

  • Related PR: #3536
    Contributor: @wydream
    Change Log: Adds support for OpenAI image editing (/v1/images/edits) and variation generation (/v1/images/variations) APIs in the Vertex Provider of ai-proxy, implementing multipart/form-data request parsing and transformation, adding JSON image_url compatibility logic, and introducing multipart_helper.go for binary image upload handling.
    Feature Value: Allows users to directly call Vertex AI image editing and variation features via standard OpenAI SDKs (Python/Node)—without modifying client code—enhancing seamless cross-cloud AI service integration and development efficiency.

  • Related PR: #3523
    Contributor: @johnlanni
    Change Log: Adds tool-call parsing capability for Claude/Anthropic streaming responses in the ai-statistics plugin—supporting event-driven format: identifying tool_use blocks, accumulating JSON parameter fragments, and fully assembling tool call information. Extends the StreamingParser struct to track content-block states.
    Feature Value: Enables accurate statistics and analysis of streaming tool calls when using Claude models—boosting AI application observability and debugging efficiency. Provides critical support for unified multi-model monitoring and enhances platform compatibility with the Anthropic ecosystem.

  • Related PR: #3521
    Contributor: @johnlanni
    Change Log: Refactors the global.hub parameter into a foundational image registry configuration shared across Higress deployments and Wasm plugins—and introduces an independent pluginNamespace namespace so plugin image paths can be distinguished from core components. Simultaneously unifies image reference logic across multiple Helm templates.
    Feature Value: Empowers users to more flexibly manage image sources for different components (e.g., gateway, controller, plugin, Redis)—supporting distinct repositories or paths for plugins versus core components. Improves multi-environment deployment consistency and private customization capabilities—reducing image-pull failure risks.

  • Related PR: #3518
    Contributor: @johnlanni
    Change Log: Adds logic in the Claude-to-OpenAI request transformation process to parse and strip the dynamically changing cch field from system messages—ensuring x-anthropic-billing-header remains cacheable. Modifies core transformation code and adds comprehensive unit tests covering this behavior.
    Feature Value: Solves Prompt cache invalidation caused by dynamic cch fields—significantly improving AI proxy response speed and service stability, lowering redundant request overhead, and enhancing user interaction experience and CLI tool performance.

  • Related PR: #3512
    Contributor: @johnlanni
    Change Log: Introduces a lightweight mode configuration option use_default_response_attributes, skipping buffering of large request/response bodies (e.g., messages, answer, reasoning) to dramatically reduce memory footprint—suitable for high-concurrency AI observability scenarios in production.
    Feature Value: Helps users balance AI observability and resource overhead in production—avoiding OOM risks from full-message-body buffering and improving service stability and throughput. Especially beneficial for long conversations and streaming-response scenarios.

  • Related PR: #3511
    Contributor: @johnlanni
    Change Log: Adds built-in system field support to the ai-statistics plugin—parsing the top-level system field in Claude /v1/messages API responses, extending structured collection capability for Claude system prompts—implemented via defining the BuiltinSystemKey constant in main.go.
    Feature Value: Enables accurate statistics and analysis of system prompt content in Claude model invocations—improving AI call observability and compliance auditing capabilities. Supports finer-grained evaluation of prompt engineering effectiveness and implementation of security policies.

  • Related PR: #3499
    Contributor: @johnlanni
    Change Log: Introduces consumer affinity for OpenAI stateful APIs (e.g., Responses, Files, Batches)—parsing the x-mse-consumer request header and consistently selecting the same API token using the FNV-1a hash algorithm—ensuring session stickiness and state continuity across requests.
    Feature Value: Solves 404 errors in stateful APIs caused by inconsistent routing under multi-token configurations—significantly enhancing stability and reliability in fine-tuning and response-chaining scenarios. Users receive correct responses without needing to perceive underlying load-distribution logic.

  • Related PR: #3489
    Contributor: @johnlanni
    Change Log: Adds support for z.ai model services—including multilingual brand name display (Chinese “智谱”, English “z.ai”) and an auto-region detection script that determines user region based on system timezone—automatically configuring the api.z.ai domain and code plan mode options.
    Feature Value: Improves out-of-the-box experience for the z.ai service in the Higress AI Gateway—lowering configuration barriers for Chinese and international users. Automatic domain adaptation prevents manual misconfiguration, enhancing deployment reliability and localization friendliness—accelerating AI capability integration.

  • Related PR: #3488
    Contributor: @johnlanni
    Change Log: Adds configurable domain support (China/international dual endpoints), code planning mode routing switching, and thinking mode support for the ZhipuAI provider—extending API request path and authentication adaptation capabilities—to increase flexibility in multi-regional deployments and specialized code-scenario model invocations.
    Feature Value: Enables users to flexibly switch ZhipuAI service endpoints per deployment region. Enabling code planning mode delivers superior programming-assistance responses; thinking mode further improves complex reasoning-task outcomes—enhancing AI proxy practicality and adaptability in development scenarios.

  • Related PR: #3482
    Contributor: @johnlanni
    Change Log: Optimizes the OSS skill sync workflow—packing each skill directory into an individual ZIP file (e.g., my-skill.zip) and uploading to oss://higress-ai/skills/, while maintaining backward compatibility with the AI Gateway installation script.
    Feature Value: Enables on-demand download and deployment of specific skills—increasing skill distribution flexibility and reuse efficiency. Avoids full skill-package pulls—reducing bandwidth consumption and deployment time—and enhances edge-scenario adaptability.

  • Related PR: #3481
    Contributor: @johnlanni
    Change Log: Adds a GitHub Action workflow listening for changes in the .claude/skills directory on the .main branch—automatically triggering sync to OSS object storage for real-time, automated cloud backup and distribution of skill files.
    Feature Value: Eliminates manual skill-file uploads—improving developer collaboration efficiency. Ensures skill version consistency and high availability—facilitating team sharing and rapid deployment—while lowering operational costs and human-error risk.

  • Related PR: #3479
    Contributor: @johnlanni
    Change Log: Adds compatibility logic for non-OpenAI AI providers—automatically converting unsupported 'developer' roles to 'system' roles in chat completion requests via modifications to provider.go to unify role mapping adaptation.
    Feature Value: Enhances cross-platform compatibility of the AI proxy plugin—enabling developers to use Claude, Anthropic, and other vendor APIs without manually modifying requests—lowering integration barriers and avoiding runtime errors.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3667
    Contributor: @wydream
    Change Log: Fixes incorrect passthrough of non-standard fields thinking and reasoning_max_tokens in Claude-to-OpenAI protocol conversion—retaining only the OpenAI-compliant reasoning_effort field—to prevent HTTP 400 errors from Azure and other providers.
    Feature Value: Improves ai-proxy compatibility and stability with Azure and other standard OpenAI-compatible providers—ensuring successful user requests when invoking Azure via Anthropic protocols and preventing service unavailability due to invalid fields.

  • Related PR: #3652
    Contributor: @CH3CHO
    Change Log: Fixes a regex matching error in the template processor when mixing default and non-default namespaces—strictly restricting / and } characters in type/name/namespace, permitting / only in key while forbidding }—ensuring accurate template reference resolution.
    Feature Value: Resolves template parsing failures caused by mixed-namespace usage—improving configuration loading stability and reliability. Prevents silent errors or service anomalies due to illegal character misuse—enhancing system robustness.

  • Related PR: #3599
    Contributor: @wydream
    Change Log: Fixes JSON event fragmentation across network boundaries causing parsing failures in Vertex Provider streaming responses—refactoring chunk buffering and line-boundary detection logic to retain and merge partial JSON payloads—and correcting premature [DONE] marker returns that caused valid data loss.
    Feature Value: Improves stability and data integrity of Vertex streaming responses—preventing content truncation or parsing errors for large-model streaming outputs (e.g., extended reasoning chains)—significantly enhancing AI proxy service availability and user experience.

  • Related PR: #3590
    Contributor: @wydream
    Change Log: Fixes a regression in the Bedrock Provider’s SigV4 canonical URI encoding logic: restores encodeSigV4Path to apply PathEscape directly to path segments—avoiding distortion from double-parsing already-encoded characters (e.g., %3A, %2F) after PathUnescape—ensuring signature alignment with AWS service endpoints.
    Feature Value: Resolves frequent 403 errors caused by signature failures—particularly affecting model names with special characters (e.g., nova-2-lite-v1:0 or ARN-formatted inference profiles)—significantly boosting production stability and API call success rates.

  • Related PR: #3587
    Contributor: @Sunrisea
    Change Log: Upgrades nacos-sdk-go/v2 to v2.3.5—fixing cancellation logic for multi-callback scenarios, supporting multi-cluster service re-subscription, resolving memory leaks, fixing log file handle leaks, and addressing logger initialization regressions—while updating gRPC and Go dependencies.
    Feature Value: Improves Nacos client stability and reliability—preventing OOM or resource exhaustion in production due to memory/file-handle leaks. Enhances multi-cluster service discovery capability—improving registration/discovery resilience for microservices in complex topologies.

  • Related PR: #3582
    Contributor: @lx1036
    Change Log: Removes duplicate "istio.io/istio/pilot/pkg/model" package imports in pkg/ingress/translation/translation.go, retaining only the aliased import statement—eliminating compiler warnings and potential symbol collision risks—improving code robustness and maintainability.
    Feature Value: Fixes duplicate imports to avoid Go compiler warnings and potential package-initialization conflicts—enhancing code stability. Improves build reliability and long-term maintainability of the Istio Ingress translation module—reducing unexpected error probability.

  • Related PR: #3580
    Contributor: @shiyan2016
    Change Log: Fixes a defect in the KIngress controller’s duplicate route detection logic—incorporating request header matching conditions into deduplication key computation—preventing legitimate routes from being erroneously discarded due to header differences.
    Feature Value: Ensures header-differentiated routes are correctly identified and retained—enhancing route configuration reliability and preventing service unavailability or traffic loss from accidental route deletion.

  • Related PR: #3575
    Contributor: @shiyan2016
    Change Log: Fixes a status-update logic error in pkg/ingress/kube/kingress/status.go’s updateStatus method—correcting an inverted condition for determining whether to update KIngress status—and avoiding abnormal status synchronization. Adds 186 lines of unit test coverage for this logic.
    Feature Value: Ensures accurate and timely updates of KIngress resource statuses (e.g., LoadBalancerIngress)—preventing service unavailability or inaccurate monitoring alerts due to status misjudgment—enhancing Ingress controller stability and observability.

  • Related PR: #3567
    Contributor: @DamosChen
    Change Log: Fixes occasional endpoint handshake event loss for SSE connections under high load—replacing Redis Pub/Sub–based event publishing with direct asynchronous InjectData writes to the SSE response stream via local goroutines—eliminating subscribe-goroutine startup latency and timing races.
    Feature Value: Improves SSE connection reliability—ensuring all clients reliably receive endpoint events even under high load or CPU-constrained scenarios—preventing session initialization anomalies and functionality loss from handshake failures—enhancing user experience and system robustness.

  • Related PR: #3549
    Contributor: @wydream
    Change Log: Fixes incomplete SigV4 signature coverage for the ai-proxy plugin’s Bedrock Provider in AWS AK/SK auth mode—centralizing setAuthHeaders calls from scattered request handlers into the TransformRequestBodyHeaders entrypoint—ensuring all Bedrock APIs (including embeddings and other extensions) undergo full SigV4 signing.
    Feature Value: Resolves AWS authentication failures caused by missing SigV4 signatures on some APIs—improving Bedrock Provider stability and compatibility across multifaceted capabilities—enabling reliable use of various Bedrock services (e.g., embedding, converse) without authentication concerns.

  • Related PR: #3530
    Contributor: @Jing-ze
    Change Log: Fixes the Anthropic-compatible API message endpoint path for the Qwen provider—updating the legacy path /api/v2/apps/claude-code-proxy/v1/messages to the official new path /apps/anthropic/v1/messages—ensuring alignment with the Bailian Anthropic API compatibility documentation.
    Feature Value: Enables correct AI proxy invocation of Qwen’s Anthropic-compatible interface—preventing message-request failures from outdated paths—improving service stability and compatibility. Users achieve seamless integration with the latest API without code changes.

  • Related PR: #3517
    Contributor: @johnlanni
    Change Log: Fixes incorrect mapping of OpenAI tool-role messages during conversion to Claude protocol—adding logic to transform OpenAI tool messages into Claude-compatible user-role messages embedding tool_result content—ensuring request format compliance with Claude API specifications.
    Feature Value: Enables correct forwarding of OpenAI requests containing tool-call results to Claude models—preventing API rejection errors—improving multi-model protocol compatibility and user stability. Users seamlessly switch backends without modifying existing tool-call logic.

  • Related PR: #3513
    Contributor: @johnlanni
    Change Log: Fixes the absence of question and model fields in the AI statistics plugin under lightweight mode—adjusting request-phase attribute extraction logic to extract key fields upfront without buffering response bodies—and updating default attribute configurations.
    Feature Value: Makes AI observability data more complete and accurate under lightweight mode—enabling users to obtain question content and model information for analysis—improving debugging efficiency and statistical dimension completeness while preserving low-overhead characteristics.

  • Related PR: #3510
    Contributor: @johnlanni
    Change Log: Fixes improper nesting of the type field within delta objects in message_delta events during Claude protocol conversion—correcting struct definitions in claude.go, updating conversion logic in claude_to_openai.go, and synchronizing test cases and model config structures.
    Feature Value: Ensures AI proxy compliance with Claude protocol specs when interfacing with OpenAI-compatible services like ZhipuAI—avoiding message parsing failures or streaming response interruptions from malformed formats—enhancing stability and compatibility across multi-model services.

  • Related PR: #3507
    Contributor: @johnlanni
    Change Log: Fixes missing tool_calls data in Claude AI proxy’s OpenAI-compatible streaming responses—adding correct parsing and conversion of thinking content—and implementing mapping of OpenAI reasoning_effort to Claude thinking.budget_tokens.
    Feature Value: Enables users to fully retrieve tool-call information and reasoning-process content in streaming responses when using Claude as a backend—improving reliability and debuggability of multi-step AI workflows—and enhancing practicality of the OpenAI compatibility layer.

  • Related PR: #3506
    Contributor: @johnlanni
    Change Log: Fixes incorrect conversion of Claude API stop_reason = 'tool_use' responses into OpenAI-compatible tool_calls format—unifying handling for both non-streaming and streaming responses—and supplementing missing tool_calls arrays and finish_reason mappings.
    Feature Value: Enables ai-proxy to correctly relay Claude tool-call responses to OpenAI clients—improving multi-model proxy compatibility and stability—and preventing downstream application failures from format mismatches.

  • Related PR: #3505
    Contributor: @johnlanni
    Change Log: Fixes answer field extraction failure in streaming responses—where extractStreamingBodyByJsonPath returned nil due to an empty default rule when use_default_attributes was enabled. Sets BuiltinAnswerKey’s rule default to RuleAppend to ensure proper concatenation and extraction of streaming content.
    Feature Value: Users reliably capture answer field content when using AI streaming-response statistics—avoiding ai_log entries with response_type = stream but missing answer—enhancing observation data completeness and debugging efficiency.

  • Related PR: #3503
    Contributor: @johnlanni
    Change Log: Fixes text content loss in Claude protocol conversions when both tool_result and text are present—adding logic in claude_to_openai.go to preserve text content and supplementing test cases for multi-content coexistence scenarios.
    Feature Value: Ensures user-provided text messages are not lost in tool-call scenarios (e.g., Claude Code)—improving AI proxy compatibility and reliability for mixed-content messages—and enhancing developer experience and debugging efficiency in complex interactive workflows.

  • Related PR: #3502
    Contributor: @johnlanni
    Change Log: Fixes missing event field in SSE format for Claude streaming responses—adding necessary event identifiers (event: message_delta, event: message_stop) in [DONE] message handling to ensure full compliance with the official Claude streaming protocol.
    Feature Value: Enables correct parsing of Claude model streaming responses—preventing frontend message loss or parsing failures due to malformed formats—enhancing stability and user experience for unified multi-model access.

  • Related PR: #3500
    Contributor: @johnlanni
    Change Log: Changes GitHub Actions workflow runtime environment from ubuntu-latest to fixed ubuntu-22.04—resolving CI stability issues where underlying image upgrades caused kind cluster container image loading failures (ctr images import errors).
    Feature Value: Fixes persistent failures in critical CI tasks like higress-conformance-test—ensuring reliable code-merge workflows and automated validation—preventing developers from being blocked by CI false positives.

  • Related PR: #3496
    Contributor: @johnlanni
    Change Log: Fixes serialization of empty Content fields in system prompts for Claude Code mode—adjusting JSON tags in claudeChatMessageContent struct to omit empty content fields instead of outputting null—preventing API request rejections.
    Feature Value: Resolves request failures caused by invalid system fields in Claude API calls—enhancing system stability and compatibility—ensuring users receive normal responses in Claude Code mode without manually avoiding empty-content scenarios.

  • Related PR: #3491
    Contributor: @johnlanni
    Change Log: Fixes streaming-response body buffering failure in the AI statistics plugin—explicitly setting ValueSource = ResponseStreamingBody for built-in attributes—ensuring answer fields are correctly extracted and logged to ai_log when use_default_attributes is enabled.
    Feature Value: Enables accurate capture and logging of streaming AI response answer content when default attribute collection is enabled—improving log observability and debugging capability—avoiding critical response-data loss leading to analytical blind spots.

  • Related PR: #3485
    Contributor: @johnlanni
    Change Log: Fixes incorrect model-reference prefix logic in Higress providers—removing conditional checks and universally prepending 'higress/' to all model IDs (including higress/auto)—ensuring correct model-reference formatting in configurations generated by OpenClaw integration plugins.
    Feature Value: Resolves configuration-parsing failures caused by missing model-reference prefixes—improving stability and compatibility between Higress and OpenClaw integration—enabling correct use of higress/auto and other auto-models without manual configuration corrections.

  • Related PR: #3484
    Contributor: @johnlanni
    Change Log: Fixes installation path issues for the higress-openclaw-integration skill—adding mkdir -p higress-install and cd higress-install commands—and updating the log path from ./higress/logs/access.log to ./higress-install/logs/access.log to avoid polluting the current working directory.
    Feature Value: Isolates Higress installation artifacts in a dedicated directory—improving workspace cleanliness. Enables easy cleanup or reinstallation—reducing environment conflict risks—and enhancing skill-deployment reliability and maintainability.

  • Related PR: #3483
    Contributor: @johnlanni
    Change Log: Fixes path-resolution issues in the skill-packaging workflow—replacing error-prone relative paths with absolute paths based on $GITHUB_WORKSPACE, using subshells to avoid directory-change side effects, and adding output-directory existence checks—improving CI robustness.
    Feature Value: Ensures stable ZIP-package generation regardless of execution subdirectory—preventing build failures from path errors—and enhancing OSS skill-sync reliability and developer collaboration efficiency.

  • Related PR: #3477
    Contributor: @johnlanni
    Change Log: Fixes redundant /v1 path concatenation in the OpenClaw plugin’s baseUrl—removing manual /v1 additions from functions like testGatewayConnection to prevent invalid URLs (e.g., http://localhost:8080/v1/v1)—ensuring correct gateway request paths.
    Feature Value: Resolves API call failures caused by duplicate paths—improving plugin connection stability and compatibility. Users can use model services normally without manual URL adjustments—lowering deployment and debugging barriers.

♻️ Refactoring & Optimizations (Refactoring)

  • Related PR: #3657
    Contributor: @CH3CHO
    Change Log: Removes 29 unused Pilot configuration items (e.g., autoscaleEnabled, replicaCount) from higress-core/values.yaml in the Helm Chart—and updates parameter descriptions in README.md—streamlining the configuration file and improving chart maintainability and clarity.
    Feature Value: Reduces user configuration confusion and avoids deployment anomalies from residual deprecated parameters. Simplifies chart structure—lowering operational complexity and improving upgrade/customization efficiency—helping users focus on core configuration parameters.

  • Related PR: #3516
    Contributor: @johnlanni
    Change Log: Migrates the MCP SDK from an external repository into the main repo—moving mcp-servers/all-in-one to extensions/mcp-server, introducing pkg/mcp, deleting obsolete modules like pkg/log, and unifying all MCP import paths and dependency references.
    Feature Value: Improves code maintainability and build consistency—avoiding cross-repository dependency issues. Users gain more stable MCP functionality—significantly improving plugin development and debugging efficiency—and laying a unified foundation for future MCP capability expansion.

  • Related PR: #3475
    Contributor: @johnlanni
    Change Log: Renames the skill from higress-clawdbot-integration to higress-openclaw-integration, removes deprecated agent-session-monitor documentation content, and updates model IDs across multiple scripts (e.g., claude-opus-4.54.6, gpt-5.25.3-codex)—ensuring configuration consistency and naming accuracy.
    Feature Value: Enhances project naming standardization and maintainability—avoiding confusion from legacy names. Updated model IDs support newer large-model versions—enabling users to seamlessly leverage higher-performance, more stable models—enhancing AI gateway integration experiences.

📚 Documentation Updates (Documentation)

  • Related PR: #3644
    Contributor: @Jholly2008
    Change Log: Fixes two broken higress.io links in README.md and docs/architecture.md: replacing the Quick Start link in the English README and the Admin SDK blog link in the architecture doc—ensuring link accuracy and accessibility.
    Feature Value: Improves documentation usability and user experience—preventing information-access disruption from broken links. Ensures smooth onboarding for new users and seamless architecture-resource lookup for developers—enhancing project professionalism and credibility.

  • Related PR: #3524
    Contributor: @github-actions[bot]
    Change Log: Adds bilingual (Chinese/English) Release Notes documents for v2.1.11—including release overview, update distribution stats (4 new features, 2 bug fixes), and full changelog structure—automatically generated and maintained by GitHub Actions to ensure version information is traceable and searchable.
    Feature Value: Provides users with clear, structured version-upgrade references—helping them quickly understand new features, fixes, and compatibility changes. Enhances product transparency and usability—reducing upgrade risks and learning costs.

  • Related PR: #3490
    Contributor: @johnlanni
    Change Log: Optimizes the model provider list in the OpenClaw integration skill documentation—topping 8 frequently used providers (Zhipu, Claude Code, Moonshot, etc.) and collapsing infrequent ones into expandable sections—to improve readability and information hierarchy.
    Feature Value: Significantly improves the new-user configuration experience for Higress AI Gateway—lowering learning costs. Structured presentation of provider options helps users rapidly identify mainstream supported models—enhancing OpenClaw skill usability and adoption efficiency.

  • Related PR: #3480
    Contributor: @johnlanni
    Change Log: Updates the OpenClaw integration documentation SKILL.md—adding dynamic configuration update instructions covering LLM provider hot-addition, online API key updates, and multi-model auto-routing mechanisms—and adding configuration-update guidance prompts in plugin hints.
    Feature Value: Helps users understand how to dynamically extend and update AI service configurations without restarts—lowering operational barriers and improving multi-model switching and management flexibility—enhancing product usability and enterprise-grade configuration governance.

  • Related PR: #3478
    Contributor: @johnlanni
    Change Log: Explicitly labels OpenClaw’s Higress plugin-related commands in SKILL.md as interactive operations—adding warning prompts and separating user-manual-execution steps—to avoid AI agents executing them incorrectly.
    Feature Value: Helps users clearly identify commands requiring manual intervention—improving integration process predictability and success rates—while reducing operation failures and debugging costs caused by AI agents attempting interactive command execution.

  • Related PR: #3476
    Contributor: @johnlanni
    Change Log: Refactors the higress-openclaw-integration skill documentation—simplifying deployment from 6 steps to 3, collecting all necessary information upfront—and adding a 21+-provider comparison table clarifying model-prefix patterns and OAuth token requirements for Claude.
    Feature Value: Significantly boosts skill invocation success rates and stability—even for weaker AI agents—reducing user comprehension and usage barriers. Minimizes configuration errors from verbose steps or missing info—accelerating Higress AI Gateway adoption within the OpenClaw ecosystem.

  • Related PR: #3468
    Contributor: @github-actions[bot]
    Change Log: Adds bilingual (Chinese/English) release notes for v2.2.0—including release overview, update distribution stats (48 new features, 20 bug fixes, etc.), and full changelog—automatically generated by GitHub Actions to ensure authoritative, timely, and bilingual version information.
    Feature Value: Provides users and developers with clear, structured version-upgrade references—lowering usage barriers and migration costs. Bilingual support improves accessibility for international users—enhancing project professionalism and community trust.


📊 Release Statistics

  • 🚀 New Features: 29
  • 🐛 Bug Fixes: 26
  • ♻️ Refactoring & Optimizations: 3
  • 📚 Documentation Updates: 7

Total: 65 changes

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering feature enhancements, bug fixes, and performance optimizations.

Distribution of Updates

  • New Features: 7
  • Bug Fixes: 9
  • Documentation Updates: 2

📝 Complete Change Log

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: Enhanced MCP Server interaction capabilities: supports automatic Host header rewriting for DNS backends; improves transport protocol selection and full-path configuration in direct routing scenarios; refines parsing of DSN special characters (e.g., @) in DB-to-MCP Server scenarios.
    Feature Value: Improves the flexibility and compatibility of MCP Server integration, reduces user configuration complexity, prevents connection failures caused by path prefix ambiguity or DSN special characters, and significantly enhances multi-environment deployment experience and system stability.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: Added plugin display functionality to the AI Route Management page, supporting expansion to view enabled plugins and showing an "Enabled" badge in the configuration panel; reused the standard route plugin display logic, involving frontend AI route components, plugin list query logic, and route page initialization optimization.
    Feature Value: Enables users to intuitively view and verify enabled plugins directly within the AI Route Management interface, improving observability and operational consistency of AI route configurations, reducing misconfiguration risks, and enhancing unified platform management experience and operational efficiency.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: Added support for regular expression-based path rewriting via the higress.io/rewrite-target annotation; extended Kubernetes annotation constants, updated route transformation logic, introduced a regex rewrite type enumeration, and added frontend i18n support.
    Feature Value: Empowers users to define flexible path rewriting rules using regular expressions, enhancing routing match precision and adaptability—ideal for complex URL transformation scenarios—while lowering gateway configuration barriers and strengthening business integration capability.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: Introduced the constant STATIC_SERVICE_PORT = 80 in the static service source form component and explicitly displays this fixed port in the UI, enabling users to clearly understand the default HTTP port bound to static services and thereby improving configuration transparency and comprehensibility.
    Feature Value: Users can visually identify the default port 80 when configuring static service sources, preventing service access failures caused by port misunderstanding; lowers operational overhead and improves deployment efficiency and user experience consistency.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: Added search functionality to the upstream service selection component in AI Routes, enabling frontend input filtering of the service list to improve selection efficiency for long lists; achieved via minimal code changes to the RouteForm component to enhance interactivity.
    Feature Value: Allows users to quickly search and locate target upstream services during AI route configuration, significantly improving usability when numerous services exist, reducing configuration error rates, and boosting both operational and development efficiency.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: Added support for Tongyi Qwen large language model (LLM) services, including a dedicated QwenLlmProviderHandler implementation, frontend i18n adaptation, and a configuration form supporting custom service endpoints, internet search, and file ID uploads.
    Feature Value: Enables flexible integration of private or customized Qwen services, improving AI gateway compatibility with domestic LLMs; simplifies deployment workflows via the configuration UI, lowers enterprise-level AI service integration barriers, and strengthens platform extensibility.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: Added support for the vport (virtual port) attribute to extend MCP Bridge registry configuration capabilities; introduced the VPort class into ServiceSource, enhanced Kubernetes model conversion logic, and made service virtual ports configurable—resolving routing failures caused by dynamic backend instance port changes in registries such as Eureka/Nacos.
    Feature Value: Allows users to specify a service virtual port (vport) in registry configurations, ensuring routing rules remain effective despite backend port changes; enhances service governance stability and compatibility, reduces traffic forwarding anomalies due to port mismatches, and simplifies multi-environment deployment and operational complexity.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: Fixed a typo in the sortWasmPluginMatchRules logic, correcting variable or method name errors that could cause latent logic anomalies during matching rule sorting—ensuring Wasm plugin rules are sorted correctly according to their intended priority.
    Feature Value: Prevents matching rule sorting errors caused by typos, guaranteeing accurate application order of Wasm plugins in Kubernetes CRs; improves reliability of plugin-based routing and policy enforcement, reducing issues where configured behavior deviates from expectations.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: Fixed redundant version information storage when converting AiRoute to ConfigMap: removed the version field from the data JSON payload, retaining it solely in the ConfigMap metadata to eliminate data redundancy and potential inconsistency.
    Feature Value: Improves configuration management accuracy and consistency, preventing parsing errors or synchronization anomalies caused by duplicate version fields; enhances system stability and operational reliability—delivering direct benefits to users managing route configurations via Kubernetes ConfigMaps.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: Refactored API authentication logic in SystemController, introducing an @AllowAnonymous annotation mechanism for unified handling of unauthenticated endpoints; replaced hardcoded path whitelists with AOP-based fine-grained access control, resolving a security vulnerability permitting unauthorized access to sensitive system interfaces.
    Feature Value: Addresses a latent unauthorized access vulnerability in the system controller, significantly improving platform security; delivers stronger permission guarantees for users and mitigates risks of data leakage or privilege escalation caused by authentication logic defects—enhancing compliance and stability in production environments.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: Fixed three critical frontend console issues: missing unique key props causing React warnings during list rendering; Content Security Policy (CSP) blocking remote image loading; and incorrect type definition for the Consumer.name field (corrected from boolean to string).
    Feature Value: Improves frontend application stability and user experience, eliminating console errors that interfere with development debugging, ensuring proper avatar rendering and accurate consumer information parsing, and preventing runtime exceptions or data display issues caused by type mismatches.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: Corrected the type definition of the type field (indicating service source) in the ServiceSource class and added validation logic to ensure incoming registry types belong to a predefined set, preventing illegal values from triggering runtime exceptions.
    Feature Value: Enhances system robustness and data consistency, avoiding configuration parsing failures or backend exceptions caused by invalid service source types; ensures reliable operation of service registration and discovery functions and reduces operational troubleshooting effort.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: Fixed a frontend Content Security Policy (CSP) configuration defect by adding essential <meta> tags and security policy declarations in document.tsx, preventing XSS and other malicious script injections and strengthening security header control during page loading.
    Feature Value: Significantly reduces the risk of cross-site scripting (XSS) attacks and data injection vulnerabilities in the frontend application, enhancing user access security and trust; aligns with modern web security best practices and provides more reliable security assurance for production environments.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: Added logic in DashboardServiceImpl to ignore hop-to-hop headers (e.g., Transfer-Encoding) per RFC 2616, filtering headers that must not be forwarded by proxies—resolving Grafana frontend page load failures caused by reverse proxies transmitting Transfer-Encoding: chunked.
    Feature Value: Fixes the issue where Transfer-Encoding: chunked headers transmitted by reverse proxies cause Grafana frontend pages to crash, improving stability and compatibility when integrating external monitoring services in the console; enables seamless dashboard access for users.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: Fixed a type error in the Consumer interface’s name field, correcting it from boolean to string to ensure frontend data structures align with actual backend response values and avoid runtime type errors and UI rendering anomalies.
    Feature Value: Enhances accuracy and stability of consumer information display, preventing page crashes or incorrect data rendering due to type mismatches, and improving user experience and system reliability during consumer management.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Corrected the frontend form validation regex for AI route names, adding support for periods (.) and restricting alphabetic characters to lowercase only; simultaneously updated Chinese and English error messages to accurately reflect the revised rules.
    Feature Value: Resolves issues where users incorrectly receive rejection errors when creating AI routes with names containing periods or uppercase letters; improves consistency between form validation logic and UI prompts, reduces configuration failure rates, and enhances overall usability.

📚 Documentation Updates (Documentation)

  • Related PR: #611
    Contributor: @qshuai
    Change Log: Corrected the OpenAPI documentation summary comment for the @PostMapping endpoint in LlmProvidersController, replacing the inaccurate description “Add a new route” with a precise one reflecting its actual purpose (adding an LLM provider). Ensures API documentation matches real functionality.
    Feature Value: Improves API documentation accuracy, helping developers correctly understand the endpoint’s purpose—reducing integration misunderstandings and debugging effort—and enhancing the maintainability and user experience of the console’s APIs.

  • Related PR: #610
    Contributor: @heimanba
    Change Log: Updated frontend canary plugin documentation: changed rewrite, backendVersion, and enabled fields from required to optional; corrected the associated path for the name field within rules (from deploy.gray[].name to grayDeployments[].name); and synchronized field descriptions and requirements across Chinese/English READMEs and spec.yaml.
    Feature Value: Increases configuration flexibility and compatibility, lowering the barrier to adopting canary capabilities; provides more precise terminology and path references, minimizing configuration errors caused by documentation ambiguity and enhancing developer experience and documentation credibility.


📊 Release Statistics

  • 🚀 New Features: 7
  • 🐛 Bug Fixes: 9
  • 📚 Documentation Updates: 2

Total: 18 changes

Thank you to all contributors for your hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.2.0...v2.2.1

2026-02-22 20:27:32
higress

v2.1.11

Higress Console

📋 Overview of This Release

This release includes 6 updates, covering feature enhancements, bug fixes, and performance optimizations.

Distribution of Updates

  • New Features: 4
  • Bug Fixes: 2

📝 Full Change Log

🚀 New Features

  • Related PR: #666
    Contributor: @johnlanni
    Change Log: Added configuration options for the plugin image registry and namespace. Supports dynamically specifying built-in WASM plugin image addresses via environment variables HIGRESS_ADMIN_WASM_PLUGIN_IMAGE_REGISTRY/NAMESPACE, eliminating the need to modify plugins.properties. Corresponding Helm Chart values parameters and deployment template rendering logic have also been integrated.
    Feature Value: Enables users to flexibly configure WASM plugin image sources across diverse network environments (e.g., private cloud, air-gapped environments), improving deployment flexibility and security; reduces operational overhead and mitigates maintenance difficulties and upgrade risks associated with hard-coded configurations.

  • Related PR: #665
    Contributor: @johnlanni
    Change Log: Added support for Zhipu AI’s Code Plan mode and Claude’s API version configuration. Achieved by extending ZhipuAILlmProviderHandler and ClaudeLlmProviderHandler to support custom domains, code-generation optimization toggles, and API version parameters—enhancing LLM invocation flexibility and scenario adaptability.
    Feature Value: Allows users to enable model-specific code generation modes (e.g., Zhipu Code Plan) based on AI vendor characteristics and precisely control Claude API versions, significantly improving code generation quality and compatibility, lowering integration barriers, and strengthening the practicality of the AI Gateway in multi-model collaborative development scenarios.

  • Related PR: #661
    Contributor: @johnlanni
    Change Log: Introduced a lightweight mode configuration for the AI statistics plugin. Added the USE_DEFAULT_ATTRIBUTES constant and enabled use_default_response_attributes: true in AiRouteServiceImpl, reducing response attribute collection overhead and preventing memory buffer issues.
    Feature Value: Improves production environment stability and performance while lowering resource consumption of AI route statistics; eliminates the need for manual configuration of complex attributes—the system automatically adopts a default, streamlined attribute set—simplifying operations and enhancing reliability under high-concurrency workloads.

  • Related PR: #657
    Contributor: @liangziccc
    Change Log: Removed the original text-input search from the Route Management page and introduced multi-select dropdown filters for five fields: Route Name, Domain, Route Conditions, Destination Service, and Request Authorization. Completed Chinese–English internationalization support and implemented multi-dimensional composite filtering (OR within each field, AND across fields), significantly improving data filtering precision.
    Feature Value: Enables users to quickly locate specific routes via intuitive dropdown selection, avoiding input errors; bilingual support accommodates international usage scenarios; multi-condition combined filtering substantially boosts query efficiency and operational experience for SREs managing large-scale route configurations.

🐛 Bug Fixes

  • Related PR: #662
    Contributor: @johnlanni
    Change Log: Fixed an issue where the OCI image path for the mcp-server plugin was not migrated synchronously—updated the original path mcp-server/all-in-one to plugins/mcp-server to align with the new plugin directory structure, ensuring correct plugin loading and deployment.
    Feature Value: Prevents plugin pull or startup failures caused by incorrect image paths, guaranteeing stable operation and seamless upgrades of the mcp-server plugin within the Higress Gateway, thereby enhancing deployment reliability in plugin-driven use cases.

  • Related PR: #654
    Contributor: @fgksking
    Change Log: Upgraded the swagger-ui version dependency of springdoc by introducing a newer version of the webjars-lo dependency in pom.xml and updating related version properties, resolving an issue where request body schemas appeared empty in Swagger UI.
    Feature Value: Ensures users can correctly view and interact with request body structures when using the API documentation functionality in the Higress Console, improving API debugging experience and development efficiency—and preventing interface misinterpretations caused by documentation display anomalies.


📊 Release Statistics

  • 🚀 New Features: 4
  • 🐛 Bug Fixes: 2

Total: 6 changes

Thank you to all contributors for your hard work! 🎉

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.10...v2.1.11

2026-02-11 17:46:53
higress

v2.2.0

Higress

📋 Overview of This Release

This release includes 73 updates, covering enhancements, bug fixes, performance optimizations, and more.

Update Distribution

  • New Features: 48
  • Bug Fixes: 20
  • Refactoring and Optimization: 3
  • Documentation Updates: 2

📝 Complete Changelog

🚀 New Features (Features)

  • Related PR: #3459
    Contributor: @johnlanni
    Change Log: Added support for Claude Code mode, allowing authentication with OAuth tokens and mimicking the request format of the Claude CLI.
    Feature Value: This feature expands the ability to interact with the Anthropic Claude API, enabling users to utilize more customized configuration options to meet specific needs.

  • Related PR: #3455
    Contributor: @EndlessSeeker
    Change Log: This PR updated the project's submodules, including upgrading Envoy and go-control-plane versions, and updating Istio to use the latest version of go-control-plane.
    Feature Value: By synchronizing with the latest key dependency libraries, it enhances system compatibility and stability, helping users receive better service and support.

  • Related PR: #3438
    Contributor: @johnlanni
    Change Log: Improved the documentation structure of the higress-clawdbot-integration skill, streamlined and merged duplicate content, and achieved full compatibility with the Clawdbot plugin.
    Feature Value: By optimizing the documentation structure and ensuring the compatibility of the Clawdbot plugin, it enhances the user experience, simplifies the configuration process, and allows users to integrate and configure the gateway more quickly and conveniently.

  • Related PR: #3437
    Contributor: @johnlanni
    Change Log: This PR integrated the higress-ai-gateway plugin into the higress-clawdbot-integration skill, simplifying the installation and configuration process by migrating and bundling related files.
    Feature Value: This feature enables users to more easily install and configure Higress AI Gateway with Clawbot/OpenClaw, enhancing user experience and software usability.

  • Related PR: #3436
    Contributor: @johnlanni
    Change Log: This PR updated the list of service providers in the Higress-OpenClaw integration and moved the OpenClaw plugin package from higress-standalone to the main repository.
    Feature Value: By enhancing the list of service providers and integrating the plugin package, users can more easily configure and use Higress AI Gateway, improving the user experience and system flexibility.

  • Related PR: #3428
    Contributor: @johnlanni
    Change Log: Added two new skills, higress-auto-router and higress-clawdbot-integration, supporting natural language configuration for automatic model routing and deployment of Higress AI Gateway via CLI parameters.
    Feature Value: This enhancement improves the integration capabilities of Higress AI Gateway with Clawbot, providing users with a more convenient configuration method and flexible routing strategies, thereby enhancing the user experience.

  • Related PR: #3427
    Contributor: @johnlanni
    Change Log: Added the use_default_attributes configuration option, allowing the ai-statistics plugin to use a default attribute set, simplifying the user configuration process. This change involves significant modifications to the main logic file.
    Feature Value: By introducing the functionality to automatically apply default attributes, it reduces the initial setup burden for users, making the ai-statistics plugin easier to get started with while maintaining advanced customization capabilities to meet specific needs.

  • Related PR: #3426
    Contributor: @johnlanni
    Change Log: Added the Agent Session Monitor skill, supporting real-time parsing of Higress access logs, tracking multi-turn conversations through session_id, and providing token usage analysis.
    Feature Value: By monitoring the real-time usage of LLMs in the Higress environment, users can better understand and control resource consumption, optimizing the performance of the conversation system.

  • Related PR: #3424
    Contributor: @johnlanni
    Change Log: This PR added support for detailed token usage information in the ai-statistics plugin, including two new built-in attribute keys: reasoning_tokens and cached_tokens.
    Feature Value: By recording more detailed token usage, users can better understand and optimize resource consumption during the AI inference process, which helps improve efficiency and reduce costs.

  • Related PR: #3420
    Contributor: @johnlanni
    Change Log: This PR added session ID tracking to the AI statistics plugin, supporting the retrieval of session IDs through custom headers or default headers to track multi-turn conversations.
    Feature Value: The new session ID tracking capability helps users better analyze and understand the interaction of multi-turn conversations, enhancing the observability and user experience of the system.

  • Related PR: #3417
    Contributor: @johnlanni
    Change Log: Added an important warning about unsupported fragments and provided pre-migration check commands to help users identify affected Ingress resources.
    Feature Value: By providing critical warnings and guidelines, this feature significantly reduces potential issues during migration, improving the user experience and migration success rate.

  • Related PR: #3411
    Contributor: @johnlanni
    Change Log: Added a skill for migrating from ingress-nginx to Higress, including analyzing existing Nginx Ingress resources, generating migration test scripts, and creating Wasm plugin frameworks for unsupported features.
    Feature Value: This feature helps users smoothly migrate their Kubernetes environments from ingress-nginx to Higress, providing detailed migration guides and tools to reduce migration burdens and enhance the user experience.

  • Related PR: #3409
    Contributor: @johnlanni
    Change Log: Added the contextCleanupCommands configuration option, allowing users to define commands to clean up the conversation context. When a user message exactly matches the configured cleanup command, all non-system messages before that command will be cleared.
    Feature Value: This feature enables users to actively manage their conversation history by sending predefined commands to clear irrelevant or outdated messages, thus improving the quality and relevance of the conversation.

  • Related PR: #3404
    Contributor: @johnlanni
    Change Log: Added the Higress community governance daily report generation skill, which can automatically track project GitHub activity and generate structured reports.
    Feature Value: This feature helps users better track and manage the daily progress and issue resolution of the project, enhancing community engagement and issue resolution efficiency.

  • Related PR: #3403
    Contributor: @johnlanni
    Change Log: This PR added an automatic routing feature based on the content of user messages to the model-router plugin. It uses regular expressions to match user input and decide which model to use.
    Feature Value: This feature allows the selection of the most appropriate processing model based on the message content, greatly enhancing the user experience and system flexibility, making the service more intelligent and efficient.

  • Related PR: #3402
    Contributor: @johnlanni
    Change Log: Added a Claude skill for developing Higress WASM plugins using Go 1.24+, covering reference documents for HTTP client, Redis client, and local testing.
    Feature Value: This feature provides a comprehensive guide for developers to create and debug Higress gateway plugins, significantly improving work efficiency and plugin quality.

  • Related PR: #3394
    Contributor: @changsci
    Change Log: When provider.apiTokens is not configured, support retrieving the API key from the request header. The changes mainly involve importing proxywasm in openai.go and adding related configuration logic in provider.go.
    Feature Value: This feature enhances system flexibility, allowing users to pass the API key through the request header, thus enabling normal service use even when provider.apiTokens is not configured, improving the user experience and security.

  • Related PR: #3384
    Contributor: @ThxCode-Chen
    Change Log: This PR enhanced the system's ability to handle IPv6 addresses by adding support for static IPv6 addresses in the watcher.go file. Specifically, it introduced new logic in the generateServiceEntry function to recognize and handle static IPv6 addresses.
    Feature Value: The added support for static IPv6 addresses allows users to use IPv6 addresses in their network configurations, enhancing the system's network flexibility and compatibility, and providing convenience for users who need to deploy in an IPv6 environment.

  • Related PR: #3375
    Contributor: @wydream
    Change Log: This PR added Vertex Raw mode support to the Vertex AI Provider of the ai-proxy plugin, enabling the getAccessToken mechanism when accessing native REST APIs via Vertex.
    Feature Value: The added Vertex Raw mode support enhances the user's ability to directly invoke Vertex AI hosted models and ensures automatic OAuth authentication when using native API paths, improving the user experience.

  • Related PR: #3367
    Contributor: @rinfx
    Change Log: This PR updated the wasm-go dependency, introducing Foreign Function to enable Wasm plugins to perceive the log level of the Envoy host in real-time and optimizing the log handling process to improve performance.
    Feature Value: This feature enhances system runtime efficiency, especially under high load, by reducing unnecessary memory allocation and copying operations, resulting in lower resource consumption and better application response speed for users.

  • Related PR: #3342
    Contributor: @Aias00
    Change Log: This PR implemented the mapping of Nacos instance weights to Istio WorkloadEntry weights in watchers, ensuring more precise traffic distribution between services.
    Feature Value: By mapping Nacos instance weights to Istio WorkloadEntry weights, it enhances the flexibility and accuracy of traffic management in the service mesh, allowing users to more finely control request distribution between services.

  • Related PR: #3335
    Contributor: @wydream
    Change Log: This PR added image generation support to the Vertex AI Provider of the ai-proxy plugin, implementing the conversion of OpenAI's image generation protocol to Vertex AI's image generation protocol.
    Feature Value: Users can now call the image generation functionality of Vertex AI using the standard OpenAI SDK, enhancing the plugin's functionality and user experience.

  • Related PR: #3324
    Contributor: @wydream
    Change Log: This PR implemented OpenAI-compatible endpoint support in the Vertex AI Provider of the ai-proxy plugin, allowing developers to directly use the OpenAI SDK and API format to call Vertex AI models.
    Feature Value: By adding OpenAI-compatible endpoint support, this feature simplifies the migration process from OpenAI to Vertex AI, making it easier for users to seamlessly integrate Vertex AI services using existing OpenAI toolchains, enhancing development efficiency and user experience.

  • Related PR: #3318
    Contributor: @hanxiantao
    Change Log: Applied Istio's native authentication logic to the debug endpoint using the withConditionalAuth middleware, while maintaining the existing behavior based on the DebugAuth feature flag.
    Feature Value: This enhancement enhances system security by ensuring that only authenticated users can access the debug endpoint, thereby reducing potential security risks and providing a more secure service environment.

  • Related PR: #3317
    Contributor: @rinfx
    Change Log: Added two Wasm-Go plugins, model-mapper and model-router, supporting mapping and routing based on the model parameter in the LLM protocol, including prefix matching and wildcard fallback.
    Feature Value: This enhancement improves Higress's ability to handle large language model requests, improving the user experience and service efficiency by more flexibly managing model names and provider information.

  • Related PR: #3305
    Contributor: @CZJCC
    Change Log: Added Bearer Token authentication support for the AWS Bedrock provider, retaining the original AWS Signature V4 authentication method and cleaning up some unused code.
    Feature Value: This feature provides more flexible authentication options, allowing users to choose the appropriate authentication method based on their needs, thereby enhancing the system's flexibility and security.

  • Related PR: #3301
    Contributor: @wydream
    Change Log: This PR implemented Express Mode support for the Vertex AI Provider of the ai-proxy plugin, simplifying the authentication process and allowing users to start using an API Key quickly.
    Feature Value: By adding Express Mode support, users no longer need to configure complex Service Account authentication to use Vertex AI, significantly lowering the entry barrier and enhancing the user experience.

  • Related PR: #3295
    Contributor: @rinfx
    Change Log: This PR added MCP support to the ai-security-guard plugin, including security checks for both standard and streaming responses.
    Feature Value: By adding support for MCP API types, the plugin can now better protect data related to the model context protocol, enhancing the overall security of the system.

  • Related PR: #3267
    Contributor: @erasernoob
    Change Log: This PR implemented the hgctl agent module, adding new features and related services, and updating dependencies.
    Feature Value: The new hgctl agent module provides users with more powerful command-line tool support, enhancing the system's operability and user experience.

  • Related PR: #3261
    Contributor: @rinfx
    Change Log: This PR added the ability to disable thinking for gemini-2.5-flash and its simplified version, and included reasoning token usage information in the response.
    Feature Value: By adding the ability to disable thinking and providing reasoning token consumption details, users can more flexibly control the behavior of the AI proxy and better understand resource consumption.

  • Related PR: #3255
    Contributor: @nixidexiangjiao
    Change Log: Improved the global minimum request count load balancing strategy, fixing issues with abnormal node preference, inconsistent new node handling, and uneven sampling distribution, enhancing the stability and accuracy of the algorithm.
    Feature Value: By optimizing the load balancing algorithm, it avoids concentrating traffic on faulty nodes, leading to service interruptions, and enhances system availability and reliability, reducing operational burdens.

  • Related PR: #3236
    Contributor: @rinfx
    Change Log: This PR implemented support for the Claude model in Vertex AI and handled cases where delta might be empty, ensuring system stability in edge cases.
    Feature Value: The added support for the Claude model in Vertex AI broadens the application scenarios of the AI proxy plugin, allowing users to leverage a wider range of AI models, increasing the system's flexibility and applicability.

  • Related PR: #3218
    Contributor: @johnlanni
    Change Log: Enhanced the model mapper and router, adding request count monitoring and memory usage monitoring, and setting up an automatic rebuild trigger mechanism; expanded supported path suffixes.
    Feature Value: By adding an automatic rebuild trigger mechanism, it enhances the stability of the service under high load or low memory conditions. The expanded path support allows more features to be correctly routed and processed, improving the system's flexibility and compatibility.

  • Related PR: #3213
    Contributor: @rinfx
    Change Log: This PR added support for global regions in the Vertex AI support, modifying the request domain to accommodate the latest Gemini-3 series models.
    Feature Value: This enhancement improves system compatibility, allowing users to seamlessly access the latest Gemini-3 series models, enhancing the user experience and system flexibility.

  • Related PR: #3206
    Contributor: @rinfx
    Change Log: This PR implemented content checking for prompts and images in the request body for the AI security guard plugin, enhancing content security detection.
    Feature Value: By supporting checks for prompts and images, it improves the system's security when handling image generation requests, helping to protect users from inappropriate content.

  • Related PR: #3200
    Contributor: @YTGhost
    Change Log: This PR added support for array-type content in the ai-proxy plugin, extending the chatToolMessage2BedrockMessage function's handling capabilities.
    Feature Value: This enhancement improves message processing, allowing the system to correctly parse and convert array-formatted message content, enhancing the user experience and system flexibility.

  • Related PR: #3185
    Contributor: @rinfx
    Change Log: This PR added a rebuild logic for ai-cache, optimizing memory management to avoid high memory usage issues. The changes are mainly concentrated in go.mod, go.sum, and main.go files.
    Feature Value: The newly added ai-cache rebuild logic effectively prevents memory overflow issues caused by caching, enhancing system stability and performance, providing a more reliable user experience.

  • Related PR: #3184
    Contributor: @rinfx
    Change Log: This PR added support for user-defined domain name configuration in the DouBao plugin, involving modifications to the Makefile and two Go files, allowing the service to communicate based on the new domain.
    Feature Value: Allowing users to configure custom domain names for specific services enhances the system's flexibility and user experience, enabling users to adjust service access paths according to their needs.

  • Related PR: #3175
    Contributor: @wydream
    Change Log: Added a new generic provider to handle requests for unmapped paths, utilizing shared headers and basePath tool. Additionally, updated the README to include configuration details and introduced relevant tests.
    Feature Value: By providing a vendor-agnostic generic provider, users can more flexibly handle various requests, enhancing the system's adaptability and maintainability.

  • Related PR: #3173
    Contributor: @EndlessSeeker
    Change Log: This PR added a new global parameter to support inference scaling, involving updates to Helm templates and values files, enhancing system flexibility.
    Feature Value: The new global parameter allows users to enable or disable the inference scaling feature, providing more configuration options to better meet the needs of different scenarios.

  • Related PR: #3171
    Contributor: @wilsonwu
    Change Log: This PR added topology spread constraints support for the gateway and controller, implemented through new configuration items in Helm templates.
    Feature Value: This new feature allows users to define more granular Pod distribution policies, enhancing the availability and stability of services within the cluster.

  • Related PR: #3160
    Contributor: @EndlessSeeker
    Change Log: This PR upgraded the gateway API to the latest version, updated related dependencies, and modified some configuration files to adapt to new features.
    Feature Value: By introducing the latest gateway API features, it enhances the system's compatibility and scalability, providing users with more advanced and secure network service functions.

  • Related PR: #3136
    Contributor: @Wangzy455
    Change Log: Added a tool search server based on the Milvus vector database, achieving semantic matching by converting tool descriptions into vectors.
    Feature Value: Users can now find the most relevant tools through natural language queries, enhancing the user experience and simplifying the tool search process.

  • Related PR: #3075
    Contributor: @rinfx
    Change Log: This PR refactored the AI security guard plugin to support multimodal input detection and improved security for text and image generation scenarios. It also fixed some boundary case response anomalies.
    Feature Value: By introducing multimodal input support and enhanced security detection capabilities, it improves the system's flexibility and security, providing users with more comprehensive content protection in different application scenarios.

  • Related PR: #3066
    Contributor: @EndlessSeeker
    Change Log: Upgraded Istio to version 1.27.1, adjusted higress-core to adapt to the new Istio version, fixed submodule branch pull issues, and corrected integration tests.
    Feature Value: This upgrade enhances system stability and compatibility, improves performance, and ensures compatibility with the latest Istio version, providing users with a better service experience.

  • Related PR: #3063
    Contributor: @rinfx
    Change Log: Added the ability to perform cross-cluster and endpoint load balancing based on specific metrics such as concurrency, TTFT, and RT, allowing users to more flexibly configure load balancing strategies.
    Feature Value: This feature allows users to choose the appropriate backend service based on custom performance metrics, thereby improving the overall response speed and service quality of the system, enhancing the user experience.

  • Related PR: #3061
    Contributor: @Jing-ze
    Change Log: This PR fixed the implementation issues of the response-cache plugin and added comprehensive unit tests, including cache key extraction logic, interface mismatch issues, and trailing whitespace corrections in configuration validation.
    Feature Value: By optimizing the response cache plugin, users can more reliably use the caching feature, improving system performance and response speed while reducing unnecessary resource consumption.

  • Related PR: #2825
    Contributor: @CH3CHO
    Change Log: Added the traffic-editor plugin, allowing users to edit requests and responses. The plugin provides multiple operation types, including deletion, renaming, and updating, and has an extensible code structure.
    Feature Value: This feature enhances the flexibility and functionality of the Higress gateway, allowing users to more freely control the content of HTTP requests and responses, meeting more personalized needs and enhancing the user experience.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3448
    Contributor: @lexburner
    Change Log: Fixed an out-of-bounds error in the Qwen API response handling due to an empty selection array. The fix adds a null check to avoid runtime errors.
    Feature Value: This enhancement improves system stability and robustness, preventing service crashes due to abnormal API responses, and enhances the user experience.

  • Related PR: #3434
    Contributor: @johnlanni
    Change Log: Fixed a YAML parsing error in the skill description by adding double quotes around values containing colons, ensuring they are treated as regular characters rather than YAML syntax.
    Feature Value: This fix resolves rendering issues caused by special YAML characters, ensuring the skill page displays correctly and enhancing the user experience and document accuracy.

  • Related PR: #3422
    Contributor: @johnlanni
    Change Log: Fixed an issue in the model-router plugin where the model field in the request body was not updated in auto-routing mode. The correct logic adjustment ensures the model field accurately reflects the routing decision.
    Feature Value: This fix ensures that the model name received by downstream services is the value after the correct routing decision, not the default higress/auto, enhancing system consistency and accuracy.

  • Related PR: #3400
    Contributor: @johnlanni
    Change Log: Fixed a duplicate definition of the loadBalancerClass field in service.yaml by removing the redundant definition to avoid YAML parsing errors.
    Feature Value: This fix resolves YAML parsing errors caused by duplicate fields, ensuring users can configure loadBalancerClass without encountering issues, enhancing system stability and the user experience.

  • Related PR: #3380
    Contributor: @Thomas-Eliot
    Change Log: This PR added the setting of the request model context in the request handling function, ensuring that the request model data can be correctly accessed throughout the call chain.
    Feature Value: This fix resolves the issue of the request model context not being set, allowing the system to correctly pass and use request model information, improving system stability and data consistency.

  • Related PR: #3370
    Contributor: @rinfx
    Change Log: Fixed an issue in the model-mapper component where the request body was still processed even if the suffix did not match, and added JSON validation for the body to ensure its validity.
    Feature Value: This enhancement improves system stability and data processing accuracy, avoiding application anomalies due to invalid or incorrectly formatted request bodies, enhancing the user experience.

  • Related PR: #3341
    Contributor: @zth9
    Change Log: This PR fixed an issue with concurrent SSE connections returning incorrect endpoints, by modifying the mcp-session plugin configuration and filter logic to ensure that SSE server instances are correctly created for each filter.
    Feature Value: This fix resolves endpoint errors that may occur in concurrent SSE connection scenarios, enhancing system stability and reliability, which is a significant improvement for applications relying on SSE for real-time communication.

  • Related PR: #3258
    Contributor: @johnlanni
    Change Log: Fixed the MCP server version negotiation issue to comply with the specification. Updated dependencies to ensure compatibility and stability.
    Feature Value: This fix enhances system stability and compatibility, ensuring that the MCP server can correctly negotiate versions with clients, improving the user experience and system reliability.

  • Related PR: #3257
    Contributor: @sjtuzbk
    Change Log: This PR fixed the issue in the ai-proxy plugin where the host was directly rewritten to difyApiUrl by using the net/url package to correctly extract the hostname.
    Feature Value: After the fix, users can more accurately handle the hostname when configuring difyApiUrl, avoiding connection issues due to incorrect rewriting, enhancing system stability and the user experience.

  • Related PR: #3252
    Contributor: @rinfx
    Change Log: This PR fixed the error response issue in cross-provider load balancing by adding a penalty mechanism to prevent fast error responses from disrupting service selection and adjusting debug log information.
    Feature Value: By improving error response handling and enhancing debugging capabilities, it improves system stability and reliability during load balancing, reducing the risk of service disruptions due to error responses.

  • Related PR: #3251
    Contributor: @rinfx
    Change Log: This PR addressed the situation where content extracted from a specified jsonpath in the configuration is empty. When detecting empty content, it replaces the detected content with [empty content].
    Feature Value: By introducing a special handling mechanism for empty content, it ensures that the system can operate normally even in the absence of data, enhancing system robustness and the user experience.

  • Related PR: #3237
    Contributor: @CH3CHO
    Change Log: Increased the request body buffer size for multipart data in the model-router to support larger file uploads.
    Feature Value: This enhancement improves the system's ability to handle large file uploads, reducing data truncation issues due to small buffers, and enhancing the user experience.

  • Related PR: #3225
    Contributor: @wydream
    Change Log: Fixed the issue where basePathHandling: removePrefix did not work correctly when using the protocol: original configuration. Adjusted the request header transformation logic in multiple providers to ensure the path prefix is correctly removed.
    Feature Value: This fix resolves the path handling failure in specific configurations, ensuring that API calls to over 27 AI service providers work as expected, enhancing system stability and reliability.

  • Related PR: #3220
    Contributor: @Aias00
    Change Log: This PR fixed two issues: 1. Skipping unhealthy or disabled Nacos services; 2. Ensuring the AllowTools field is serialized even if it is empty.
    Feature Value: By skipping unhealthy or disabled services, it improves system stability and reliability. Additionally, ensuring consistent output of the AllowTools field avoids potential configuration issues due to missing fields.

  • Related PR: #3211
    Contributor: @CH3CHO
    Change Log: This PR modified the logic in the ai-proxy plugin for determining if a request contains a request body, changing from relying on specific header information to using the new HasRequestBody logic.
    Feature Value: By correcting the request body detection logic, it improves the accuracy and efficiency of handling HTTP requests, reducing misjudgment issues caused by the old logic.

  • Related PR: #3187
    Contributor: @CH3CHO
    Change Log: This PR bypassed the handling of streamable response bodies in MCP to allow progress notifications, resolving the issue of not being able to correctly display progress during data transmission.
    Feature Value: By bypassing the response body handling in specific situations, users can more accurately obtain progress information during data transmission, enhancing the user experience.

  • Related PR: #3168
    Contributor: @wydream
    Change Log: Fixed an issue where the query string was incorrectly removed when processing paths with regular expressions. It strips the query string first, performs the match, and then reappends the query string.
    Feature Value: This ensures that API requests with regular expression paths are correctly parsed and retain their original query parameters, enhancing system compatibility and the user experience.

  • Related PR: #3167
    Contributor: @EndlessSeeker
    Change Log: Updated multiple submodule references to the latest version and simplified the Makefile commands related to submodules, reducing redundant code.
    Feature Value: By ensuring all submodules are up-to-date and synchronized, this fix improves project stability and maintainability, reducing potential compatibility issues.

  • Related PR: #3148
    Contributor: @rinfx
    Change Log: Removed the omitempty tag from the toolcall index field, ensuring that the default value 0 is correctly passed even if there is no index.
    Feature Value: This fix resolves the issue of missing toolcall index in the response, ensuring data consistency and integrity, and enhancing system stability and the user experience.

  • Related PR: #3022
    Contributor: @lwpk110
    Change Log: This PR resolved the issue of missing support for gateway.metrics.labels in the Helm template by adding a podMonitorSelector to the gateway metrics configuration and setting a default PodMonitor selector label to ensure seamless auto-discovery with the kube-prometheus-stack monitoring system.
    Feature Value: This fix enhances Prometheus monitoring integration, allowing users to more flexibly configure and collect gateway metrics data, thereby improving system observability and management efficiency.

♻️ Refactoring and Optimization (Refactoring)

  • Related PR: #3462
    Contributor: @johnlanni
    Change Log: This PR removed the automatic injection of Bash tools in Claude Code mode, including deleting related constants, logic code, and test cases, and updating the documentation.
    Feature Value: By removing unnecessary features, it simplifies the codebase and reduces maintenance costs. This change helps improve system stability and reduce potential sources of errors.

  • Related PR: #3457
    Contributor: @johnlanni
    Change Log: This PR primarily updated the version number to 2.2.0, adjusted the Envoy submodule branch, and corrected the package URL pattern in the Makefile.
    Feature Value: By updating the version and related configurations, it ensures the consistency and correctness of software builds, avoiding potential build errors due to version mismatches.

  • Related PR: [#3155](https

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 7
  • Bug Fixes: 10
  • Documentation Updates: 1

📝 Full Changelog

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: Enhanced some interaction capabilities of the MCP Server, including header host rewriting in direct routing scenarios, support for selecting transport, and support for special characters in the DB to MCP Server scenario.
    Feature Value: Increased system flexibility and usability, allowing users to more easily customize MCP Server configurations, and resolved previous path confusion issues.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: Added hop-to-hop headers to the ignore list, resolving the issue where Grafana pages could not work properly due to the reverse proxy sending the transfer-encoding: chunked header.
    Feature Value: Improved system compatibility and stability by adhering to RFC 2616, ensuring that Grafana monitoring pages display correctly when using a reverse proxy.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: Added support for displaying AI routing management page plugins, allowing users to view enabled plugins and their status through extended AI routing entries.
    Feature Value: Enhanced user experience by allowing users to intuitively see which plugins are activated on the AI routing configuration interface, thus better managing and understanding the AI routing configuration.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: Introduced the use of the higress.io/rewrite-target annotation to support path rewriting based on regular expressions, involving modifications to the SDK server and frontend localization files.
    Feature Value: The new path rewriting capability allows users to define URL routing rules more flexibly, enhancing system configurability and user experience.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: Displayed a fixed service port 80 for static service sources on the frontend page, implemented by adding a static constant in the component.
    Feature Value: This feature allows users to clearly see the service port number used by static service sources, improving configuration transparency and user experience.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: Added support for service search functionality during AI routing configuration, optimizing the frontend interface to make it easier for users to find and select upstream services.
    Feature Value: Enhanced user experience, especially when dealing with a large number of services, allowing users to quickly locate the required services, improving efficiency and ease of use.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: Added support for custom Qwen services, including enabling internet search and file ID upload. The main changes were focused on the frontend interface and backend service processing logic.
    Feature Value: Provided users with more flexible service configuration options, allowing them to customize Qwen service behavior according to their needs, enhancing system extensibility and user experience.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: Fixed a spelling error in the sortWasmPluginMatchRules logic, ensuring that the rule matching function works as expected.
    Feature Value: Resolved a potential misoperation issue, improving system stability and user experience.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: Removed version information from the data JSON when converting AiRoute to ConfigMap, as this information is already stored in the ConfigMap metadata.
    Feature Value: By avoiding redundant storage of version information, reduced redundancy and ensured data consistency, thereby improving system reliability and maintainability.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: Refactored the API authentication logic in SystemController by introducing new annotations and modifying existing AOP aspects to eliminate security vulnerabilities.
    Feature Value: Resolved security risks in API authentication, enhancing system security and protecting user data from potential threats.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: Fixed several errors in the frontend console, including missing unique key attributes for list items, image loading violations of the content security policy, and incorrect type for the Consumer.name field.
    Feature Value: By addressing these frontend issues, improved user experience and application stability. Reducing console warnings and errors enhances user trust in the system and ensures the correct execution of functions.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: Corrected the type error in the type field of the ServiceSource class and added dictionary value validation to ensure data consistency.
    Feature Value: By fixing the type error and introducing dictionary value validation, improved system stability and reliability, avoiding potential data inconsistency issues.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: This PR modified the document.tsx file, adding 15 lines of code, primarily to fix security issues related to the frontend CSP, ensuring the application's security.
    Feature Value: Fixed frontend CSP and other security risks, enhancing system security and protecting user data from potential threats, improving user experience and trust.

  • Related PR: #611
    Contributor: @qshuai
    Change Log: Corrected a spelling error in an API title in LlmProvidersController.java, changing 'Add a new route' to a more appropriate description.
    Feature Value: Correcting the API documentation title improves code readability and maintainability, ensuring developers can accurately understand each API's function, thus enhancing user experience.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: Fixed the type error in the name field of the Consumer interface, changing it from a boolean to a string.
    Feature Value: Corrected the data type inconsistency in the Consumer.name field, ensuring data consistency and correctness, improving system stability and reliability.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Adjusted the regular expression validation rules for AI route names to support periods and unify case restrictions. Also updated the Chinese and English error messages to accurately reflect the new validation logic.
    Feature Value: Resolved inconsistencies in route name validation, improving user experience and ensuring that user input conforms to expectations without causing confusion due to misleading prompts.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: This PR added a vport attribute to adapt to mcpbridge, solving the issue of route configuration failure due to inconsistent backend service ports. Multiple files were changed, including the addition of the VPort class.
    Feature Value: Resolved compatibility issues caused by changes in the service instance ports in the registry, enhancing system stability and user experience, ensuring that services run normally even when ports change.

📚 Documentation Updates (Documentation)

  • Related PR: #610
    Contributor: @heimanba
    Change Log: Adjusted the required fields for multiple fields in the frontend canary plugin configuration documentation and updated the associated rules to reflect the latest configuration flexibility. Also corrected some descriptive text to ensure document consistency and accuracy.
    Feature Value: By increasing the flexibility and compatibility of configuration options, enhanced user experience, allowing users to configure canaries more flexibly; synchronized updates of Chinese and English documents also ensured accurate information dissemination.

📊 Release Statistics

  • 🚀 New Features: 7
  • 🐛 Bug Fixes: 10
  • 📚 Documentation Updates: 1

Total: 18 changes

Thanks to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.9...v2.2.0

2026-02-03 19:13:11
higress

v2.1.10

Higress

📋 Overview of This Release

This release includes 84 updates, covering various aspects such as feature enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 46
  • Bug Fixes: 18
  • Refactoring and Optimization: 1
  • Documentation Updates: 18
  • Testing Improvements: 1

📝 Complete Changelog

🚀 New Features (Features)

  • Related PR: #3438
    Contributor: @johnlanni
    Change Log: This PR significantly improves the higress-clawdbot-integration skill by adjusting the documentation structure, streamlining content, and adding support for the Clawdbot plugin.
    Feature Value: This update allows users to configure plugins more smoothly and ensures true compatibility with Clawdbot, enhancing user experience and system flexibility.

  • Related PR: #3437
    Contributor: @johnlanni
    Change Log: This PR integrates the higress-ai-gateway plugin into the higress-clawdbot-integration skill, including moving and packaging plugin files and updating the documentation.
    Feature Value: This integration makes it easier for users to install and configure the connection between Higress AI Gateway and Clawbot/OpenClaw, simplifying the deployment process and enhancing user experience.

  • Related PR: #3436
    Contributor: @johnlanni
    Change Log: This PR updates the SKILL provider list for Higress-OpenClaw integration and migrates the OpenClaw plugin package from higress-standalone to the main higress repository.
    Feature Value: By enhancing the provider list and migrating the plugin package, users can more easily access commonly used providers, improving integration efficiency and user experience.

  • Related PR: #3428
    Contributor: @johnlanni
    Change Log: This PR adds two new skills to the Higress AI Gateway and Clawdbot integration: automatic model routing configuration and gateway deployment via CLI parameters. It supports multilingual trigger words and hot reloading of configurations.
    Feature Value: The new features enable users to manage AI model traffic distribution more flexibly and simplify the integration process with Clawdbot, enhancing system availability and usability.

  • Related PR: #3427
    Contributor: @johnlanni
    Change Log: Added the use_default_attributes configuration option, which, when set to true, automatically applies a set of default attributes, simplifying the user configuration process.
    Feature Value: This feature makes the ai-statistics plugin easier to use, especially for common use cases, reducing manual configuration work while maintaining full configurability.

  • Related PR: #3426
    Contributor: @johnlanni
    Change Log: Added the Agent Session Monitor skill, supporting real-time monitoring of Higress access logs and tracking multi-turn conversation session IDs and token usage.
    Feature Value: By providing real-time visibility into LLMs in the Higress environment, this helps users better understand and optimize the performance and cost of their AI assistants.

  • Related PR: #3424
    Contributor: @johnlanni
    Change Log: This PR adds support for token usage details to the ai-statistics plugin, including the built-in attribute keys reasoning_tokens and cached_tokens, to better track resource consumption during inference.
    Feature Value: By introducing more detailed token usage logging, users can more clearly understand resource usage during AI inference, aiding in model efficiency and cost control.

  • Related PR: #3420
    Contributor: @johnlanni
    Change Log: This PR adds session ID tracking to the ai-statistics plugin, allowing users to track multi-turn conversations through custom or default headers.
    Feature Value: The added session ID tracking capability helps better analyze and understand multi-turn conversation flows, enhancing user experience and system traceability.

  • Related PR: #3417
    Contributor: @johnlanni
    Change Log: This PR adds key warnings and guidelines to the Nginx to Higress migration tool, including explicit warnings for unsupported fragment annotations and pre-migration check commands.
    Feature Value: By providing clear warnings about unsupported configurations and pre-migration check methods, this helps users identify potential issues and complete the migration from Nginx to Higress more smoothly.

  • Related PR: #3411
    Contributor: @johnlanni
    Change Log: Added a comprehensive skill for migrating from ingress-nginx to Higress in a Kubernetes environment. Includes analysis scripts, migration test generators, and plugin skeleton generation tools.
    Feature Value: This feature greatly simplifies the migration process from ingress-nginx to Higress by providing detailed compatibility analysis and automation tools, reducing migration difficulty and enhancing user experience.

  • Related PR: #3409
    Contributor: @johnlanni
    Change Log: This PR adds the contextCleanupCommands configuration option to the ai-proxy plugin, allowing users to define commands to clear conversation context. When a user message exactly matches a cleanup command, all non-system messages before that command will be removed.
    Feature Value: This new feature allows users to proactively clear previous conversation records by sending specific commands, thereby better controlling conversation history and enhancing user experience and privacy.

  • Related PR: #3404
    Contributor: @johnlanni
    Change Log: Added the ability for the Claude AI assistant to automatically generate Higress community governance daily reports, including auto-tracking GitHub activities, progress tracking, and knowledge consolidation.
    Feature Value: This feature helps community managers better understand project dynamics and issue progress, promoting efficient problem resolution and enhancing overall community governance.

  • Related PR: #3403
    Contributor: @johnlanni
    Change Log: Implemented a new automatic routing feature that dynamically selects the appropriate model to handle requests based on user message content and predefined regular expression rules.
    Feature Value: This feature allows users to more flexibly configure services to automatically recognize and respond to different types of messages, reducing the need for manual model specification and enhancing system intelligence.

  • Related PR: #3402
    Contributor: @johnlanni
    Change Log: Added the Claude skill for developing Higress WASM plugins using Go 1.24+. Includes reference documentation and local testing guidelines for HTTP clients, Redis clients, etc.
    Feature Value: Provides developers with detailed guidance and example code, making it easier for them to create, modify, or debug WASM plugins based on the Higress gateway, enhancing development efficiency and experience.

  • Related PR: #3394
    Contributor: @changsci
    Change Log: This PR extends the existing authentication mechanism by fetching API keys from request headers, particularly when provider.apiTokens is not configured, thus enhancing system flexibility.
    Feature Value: This new feature allows users to more flexibly manage and pass API keys, ensuring normal service access even when direct configuration is missing, enhancing user experience and security.

  • Related PR: #3384
    Contributor: @ThxCode-Chen
    Change Log: Added support for upstream IPv6 static addresses in the watcher.go file, involving 31 lines of new code and 9 lines of deletions, mainly focusing on handling service entry generation logic.
    Feature Value: Adding support for IPv6 static addresses enhances system network flexibility and compatibility, allowing users to configure more types of network addresses, thereby enhancing user experience and service diversity.

  • Related PR: #3375
    Contributor: @wydream
    Change Log: This PR adds Vertex Raw mode support to the Vertex AI Provider in the ai-proxy plugin, enabling the getAccessToken mechanism when accessing native REST APIs via Vertex.
    Feature Value: Enhances support for native Vertex AI APIs, allowing direct calls to third-party hosted model APIs and enjoying automatic OAuth authentication, enhancing development flexibility and security.

  • Related PR: #3367
    Contributor: @rinfx
    Change Log: Updated the wasm-go dependency version and introduced Foreign Function, enabling Wasm plugins to perceive the Envoy host's log level in real time. By checking the log level upfront, unnecessary memory operations are avoided when there is a mismatch.
    Feature Value: Enhances system performance, especially when handling large amounts of log data, reducing memory consumption and CPU usage, and improving response speed and resource utilization.

  • Related PR: #3342
    Contributor: @Aias00
    Change Log: This PR implements the functionality of mapping Nacos instance weights to Istio WorkloadEntry weights in the watcher, using the math library for weight conversion.
    Feature Value: This feature allows users to more flexibly control traffic distribution between services, enhancing system configurability and flexibility and improving integration with Istio.

  • Related PR: #3335
    Contributor: @wydream
    Change Log: This PR adds image generation support to the Vertex AI Provider in the ai-proxy plugin, achieving compatibility with OpenAI SDK and Vertex AI image generation.
    Feature Value: The new image generation feature allows users to call Vertex AI services through standard OpenAI interfaces, simplifying cross-platform development and enhancing user experience.

  • Related PR: #3324
    Contributor: @wydream
    Change Log: This PR adds OpenAI-compatible endpoint support to the Vertex AI Provider in the ai-proxy plugin, enabling direct invocation of Vertex AI models.
    Feature Value: By introducing OpenAI-compatible mode, developers can interact with Vertex AI using familiar OpenAI SDK and API formats, simplifying the integration process and enhancing development efficiency.

  • Related PR: #3318
    Contributor: @hanxiantao
    Change Log: This PR applies the native Istio authentication logic to the debugging endpoint using the withConditionalAuth middleware, while retaining the existing behavior based on the DebugAuth feature flag.
    Feature Value: Adds authentication support for debugging endpoints, enhancing system security and ensuring that only authorized users can access these critical debugging interfaces, protecting the system from unauthorized access.

  • Related PR: #3317
    Contributor: @rinfx
    Change Log: Added two Wasm-Go plugins: model-mapper and model-router, implementing mapping and routing functions based on the model parameter in the LLM protocol.
    Feature Value: Enhances Higress's capabilities in handling large language models, allowing flexible configuration to optimize request paths and model usage, enhancing system flexibility and performance.

  • Related PR: #3305
    Contributor: @CZJCC
    Change Log: Added Bearer Token authentication support for the AWS Bedrock provider, while retaining the existing AWS SigV4 authentication method and adjusting related configurations and header processing.
    Feature Value: The new Bearer Token authentication method provides users with more flexibility, making it easier to choose the appropriate authentication mechanism when using AWS Bedrock services, enhancing user experience.

  • Related PR: #3301
    Contributor: @wydream
    Change Log: This PR implements Express Mode support in the Vertex AI Provider of the ai-proxy plugin, simplifying the authentication process for developers using Vertex AI, requiring only an API Key.
    Feature Value: By introducing the Express Mode feature, users can start using Vertex AI more conveniently, without the need for complex Service Account configuration, enhancing developer efficiency and experience.

  • Related PR: #3295
    Contributor: @rinfx
    Change Log: This PR adds MCP protocol support to the ai-security-guard plugin, including implementing two response handling methods for content security checks and adding corresponding unit tests.
    Feature Value: The new MCP support expands the plugin's application scope, allowing users to use the plugin for API call content security checks in more scenarios, enhancing system security.

  • Related PR: #3267
    Contributor: @erasernoob
    Change Log: Added the hgctl agent module, including basic functionality implementation and integration with related services, and updated go.mod and go.sum files to support new dependencies.
    Feature Value: By introducing the hgctl agent module, a new management and control method is provided to users, enhancing system flexibility and operability and improving user experience.

  • Related PR: #3261
    Contributor: @rinfx
    Change Log: This PR adds the ability to disable thinking for gemini-2.5-flash and gemini-2.5-flash-lite and includes reasoning token information in the response, allowing users to better control AI behavior and understand its working details.
    Feature Value: By allowing users to choose whether to enable the thinking feature and displaying reasoning token usage, system flexibility and transparency are enhanced, helping developers more effectively debug and optimize AI applications.

  • Related PR: #3255
    Contributor: @nixidexiangjiao
    Change Log: Optimized the Lua-based minimum in-flight requests load balancing strategy, addressing issues such as abnormal node preference selection, inconsistent new node handling, and uneven sampling distribution.
    Feature Value: Improves system stability and service availability, reduces the fault amplification effect caused by abnormal nodes, and enhances support for new nodes and even traffic distribution.

  • Related PR: #3236
    Contributor: @rinfx
    Change Log: This PR adds support for the claude model in vertex and handles the case where delta might be empty, increasing system compatibility and stability.
    Feature Value: Adding support for the claude model in vertex allows users to leverage a wider range of AI models for development and research, enhancing system flexibility and practicality.

  • Related PR: #3218
    Contributor: @johnlanni
    Change Log: Added an automatic rebuild trigger mechanism based on request count and memory usage, and expanded supported path suffixes, including /rerank and /messages.
    Feature Value: These improvements enhance system stability and response speed, allowing effective handling of high loads or low memory situations through automatic rebuilding, while also enhancing support for new features.

  • Related PR: #3213
    Contributor: @rinfx
    Change Log: This PR updates the vertex.go file, changing the access method from region-specific to global, to support new models that only support global mode.
    Feature Value: After adding support for the global region, users can more easily use new models like the gemini-3 series without specifying a specific geographic region.

  • Related PR: #3206
    Contributor: @rinfx
    Change Log: This PR primarily adds support for security checks on prompt and image content in the request body, especially when using OpenAI and Qwen to generate images. Enhanced the parseOpenAIRequest function to parse image data and improved related processing logic.
    Feature Value: The new security check feature enhances system security when handling image generation requests, helping to prevent the spread of potential malicious content and providing users with a safer and more reliable service experience.

  • Related PR: #3200
    Contributor: @YTGhost
    Change Log: This PR adds support for array content in the ai-proxy plugin by modifying the relevant logic in the bedrock.go file, enabling correct handling when content is an array.
    Feature Value: Enhances the ai-proxy plugin's ability to handle messages, now correctly supporting and converting array-formatted content, making chat tool message transmission more flexible and diverse.

  • Related PR: #3185
    Contributor: @rinfx
    Change Log: This PR adds a rebuild mechanism to ai-cache, updating go.mod and go.sum files and making minor adjustments to main.go to avoid excessive memory usage.
    Feature Value: The new ai-cache rebuild mechanism effectively manages memory usage, preventing system performance degradation due to high memory consumption, enhancing system stability and user experience.

  • Related PR: #3184
    Contributor: @rinfx
    Change Log: This PR adds support for user-defined domain names in the Doubao extension, allowing users to configure service access domain names according to their needs. Main changes include adding compilation options in the Makefile and introducing new configuration items in doubao.go and provider.go.
    Feature Value: The new custom domain configuration feature allows users to flexibly set up external service domain names based on actual needs, enhancing system flexibility and user experience. This helps better adapt to the requirements of different deployment environments.

  • Related PR: #3175
    Contributor: @wydream
    Change Log: Added a generic provider for handling requests that do not require path remapping, utilizing shared headers and basePath tools. Also updated the README file to include configuration details and introduced relevant tests.
    Feature Value: By adding this generic provider, users can more flexibly handle requests from different suppliers without needing to make complex path modifications, lowering the usage threshold and enhancing system compatibility.

  • Related PR: #3173
    Contributor: @EndlessSeeker
    Change Log: This PR adds a global parameter to the Higress Controller for controlling the enablement of the inference scaling feature. Main changes are in the controller-deployment.yaml and values.yaml files, adding new configuration items and documenting them in the README file.
    Feature Value: The new global parameter allows users to more flexibly control the inference scaling feature in the Higress Controller, which is very useful for users who need to adjust behavior based on specific circumstances, enhancing system configurability and adaptability.

  • Related PR: #3171
    Contributor: @wilsonwu
    Change Log: This PR introduces support for topology distribution constraints for the gateway and controller, achieved by adding new fields in the relevant YAML configuration files.
    Feature Value: The new support helps users better manage the distribution of pods within the cluster, optimizing resource usage and enhancing system high availability.

  • Related PR: #3160
    Contributor: @EndlessSeeker
    Change Log: This PR upgrades the gateway API to the latest version, involving multiple modifications across several files, including Makefile and go.mod, to ensure compatibility with the latest API.
    Feature Value: By introducing the latest gateway API support, users can enjoy more stable and feature-rich service mesh characteristics, enhancing system scalability and maintainability.

  • Related PR: #3136
    Contributor: @Wangzy455
    Change Log: Added a tool semantic search function based on the Milvus vector database, allowing users to find the most relevant tools through natural language queries.
    Feature Value: This feature enhances the system's search capabilities, enabling users to more accurately locate the required tools, enhancing user experience and work efficiency.

  • Related PR: #3075
    Contributor: @rinfx
    Change Log: Refactored the code to modularize, supporting multimodal input detection and image generation security checks, and fixed response anomalies in boundary conditions.
    Feature Value: Enhanced the AI Security Guard's ability to handle multimodal inputs, improving system robustness and user experience, ensuring the security of content generation.

  • Related PR: #3066
    Contributor: @EndlessSeeker
    Change Log: Upgraded Istio to version 1.27.1 and adjusted higress-core to adapt to the new version, fixing submodule branch pulling and integration testing issues.
    Feature Value: By upgrading Istio and related dependencies, system stability and performance are enhanced, solving problems in the old version and providing users with more reliable services.

  • Related PR: #3063
    Contributor: @rinfx
    Change Log: Implemented cross-cluster and endpoint load balancing based on specified metrics, allowing users to select specific metrics for load balancing in the plugin configuration.
    Feature Value: Enhances system flexibility and scalability, allowing users to optimize request distribution based on actual needs (e.g., concurrency, TTFT, RT), thereby enhancing overall service performance and response speed.

  • Related PR: #3061
    Contributor: @Jing-ze
    Change Log: This PR resolves multiple issues in the response-cache plugin and adds comprehensive unit tests. Improved cache key extraction logic, fixed interface mismatch errors, and cleaned up redundant spaces in configuration validation.
    Feature Value: By enhancing the functionality and stability of the response-cache plugin, system performance and user experience are improved. Now supports extracting keys from request headers/bodies and caching responses, reducing the processing time for repeated requests.

  • Related PR: #2825
    Contributor: @CH3CHO
    Change Log: Added the traffic-editor plugin, supporting request and response header editing, providing a more flexible code structure to meet different needs.
    Feature Value: Users can use this plugin to perform various types of modifications to request/response headers, such as deletion, renaming, etc., enhancing system flexibility and configurability.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3434
    Contributor: @johnlanni
    Change Log: Fixed a YAML parsing error in the frontmatter section of the SKILL file by adding double quotes to the description value to avoid misinterpreting colons as YAML syntax.
    Feature Value: Resolved rendering issues caused by YAML parsing, ensuring that the skill description is displayed correctly, enhancing user experience and document accuracy.

  • Related PR: #3422
    Contributor: @johnlanni
    Change Log: Fixed an issue in the model-router plugin where the model field in the request body was not updated in the automatic routing mode. Ensured that the model field in the request body matches the routing decision after matching the target model.
    Feature Value: Ensures that downstream services receive the correct model name, enhancing system consistency and accuracy, avoiding service anomalies or data processing deviations due to using the wrong model.

  • Related PR: #3400
    Contributor: @johnlanni
    Change Log: This PR fixes the issue of duplicate definition of the loadBalancerClass field in Helm templates, resolving YAML parsing errors by removing the redundant definition.
    Feature Value: Fixed the YAML parsing error when configuring loadBalancerClass, ensuring a more stable and reliable service deployment process.

  • Related PR: #3370
    Contributor: @rinfx
    Change Log: This PR fixes the issue of incorrect request body handling in the model-mapper when the suffix does not match, and adds JSON validation for the body content to ensure its validity.
    Feature Value: By resolving unexpected request handling issues and enhancing input validation, system stability and data processing security are improved, providing a more reliable service experience to users.

  • Related PR: #3341
    Contributor: @zth9
    Change Log: Fixed the issue of concurrent SSE connections returning the wrong endpoint, ensuring the correctness of the SSE server instance by updating the configuration file and filter logic.
    Feature Value: Resolved the concurrent SSE connection issue encountered by users, enhancing system stability and reliability, and improving user experience.

  • Related PR: #3258
    Contributor: @johnlanni
    Change Log: This PR corrects the MCP server version negotiation mechanism to comply with the specification, including updating related dependency versions.
    Feature Value: By ensuring that the MCP server version negotiation complies with the specification, system compatibility and stability are enhanced, reducing potential communication errors.

  • Related PR: #3257
    Contributor: @sjtuzbk
    Change Log: This PR fixes the defect in the ai-proxy plugin where difyApiUrl was directly used as the host, by parsing the URL to correctly extract the hostname.
    Feature Value: The fix enhances the plugin's stability and compatibility, ensuring that users can normally use the plugin when configuring custom API URLs, avoiding service interruptions due to incorrect handling.

  • Related PR: #3252
    Contributor: @rinfx
    Change Log: This PR adjusts the debug log messages and adds a penalty mechanism for error responses, delaying the processing of error responses to avoid interfering with service selection during load balancing.
    Feature Value: Enhances the stability and reliability of cross-provider load balancing by delaying error responses to optimize the service selection process, reducing service interruptions caused by quick error returns.

  • Related PR: #3251
    Contributor: @rinfx
    Change Log: This PR handles the case where the content extracted from the configuration's JSONPath is empty by using [empty content] instead, ensuring that the program can continue to execute correctly.
    Feature Value: This fix enhances system robustness, preventing potential errors or anomalies caused by empty content, thereby improving user experience and system reliability.

  • Related PR: #3237
    Contributor: @CH3CHO
    Change Log: This PR increases the buffer size for the request body when handling multipart data, resolving the issue of a too small buffer in the model-router when processing multipart form data.
    Feature Value: Increasing the buffer size for handling multipart data ensures stability in scenarios like large file uploads, enhancing user experience.

  • Related PR: #3225
    Contributor: @wydream
    Change Log: Fixed the issue where the basePathHandling configuration did not work correctly when using the protocol: original setting. This was resolved by adjusting the request header transformation logic for multiple providers.
    Feature Value: Ensures that when using the original protocol, users can correctly remove the base path prefix, enhancing the consistency and reliability of API calls, affecting over 27 service providers.

  • Related PR: #3220
    Contributor: @Aias00
    Change Log: Fixed the issue where unhealthy or disabled service instances were improperly registered in Nacos, and ensured that the AllowTools field is always present during serialization.
    Feature Value: By skipping unhealthy or disabled services, system stability and reliability are improved; ensuring consistent presentation of the AllowTools field avoids potential configuration misunderstandings.

  • Related PR: #3211
    Contributor: @CH3CHO
    Change Log: Updated the request body judgment logic in the ai-proxy plugin, replacing the old method of determining whether a request body exists based on content-length and content-type with the new HasRequestBody logic.
    Feature Value: This change resolves the issue of incorrectly judging the presence of a request body under specific conditions, enhancing the accuracy of service request handling and avoiding potential data processing errors.

  • Related PR: #3187
    Contributor: @CH3CHO
    Change Log: This PR enables progress notifications by bypassing the handling of streamable response bodies in MCP. Specifically, it modified the filter.go file in the golang-filter plugin, involving small-scale adjustments to data encoding logic.
    Feature Value: This change allows users to receive progress updates when using MCP for streaming, enhancing user experience and providing a more transparent data transmission process, especially useful for applications requiring real-time monitoring of transmission status.

  • Related PR: #3168
    Contributor: @wydream
    Change Log: Fixed the issue of query string loss during the OpenAI capability rewrite process, ensuring that query parameters are stripped and re-appended to the original path during path matching.
    Feature Value: Resolved the path matching issue caused by query string interference, ensuring the correctness and stability of services like video content endpoints.

  • Related PR: #3167
    Contributor: @EndlessSeeker
    Change Log: This PR updates the references to multiple submodules and simplifies the command logic for submodule initialization and update in the Makefile, deleting 25 lines of code and adding 8 lines.
    Feature Value: By fixing submodule update issues and simplifying related scripts, the build efficiency and stability of the project are improved, ensuring users can obtain the latest dependency library versions.

  • Related PR: #3148
    Contributor: @rinfx
    Change Log: Removed the omitempty tag from the toolcall index field, ensuring that the default value is 0 when the response does not contain an index, thus avoiding potential data loss issues.
    Feature Value: This fix enhances system stability and data integrity, allowing users who rely on the toolcall index to more reliably handle related data, reducing errors due to missing indices.

  • Related PR: #3022
    Contributor: @lwpk110
    Change Log: This PR fixes the issue of missing podMonitorSelector in the gateway metrics configuration, adding support for gateway.metrics.labels in the PodMonitor template and setting a default selector label to ensure automatic discovery by the kube-prometheus-stack monitoring system.
    Feature Value: By adding support for custom selectors and setting default values, users can more flexibly configure their monitoring metrics, enhancing system observability and maintainability.

♻️ Refactoring and Optimization (Refactoring)

  • Related PR: #3155
    Contributor: @github-actions[bot]
    Change Log: This PR updates the CRD files in the helm folder, adding the routeType field and its enumeration value definitions.
    Feature Value: By updating the CRD configuration, the flexibility and extensibility of the application are enhanced, allowing users to choose different route types as needed.

📚 Documentation Updates (Documentation)

  • Related PR: #3442
    Contributor: @johnlanni
    Change Log: Updated the higress-clawdbot-integration skill documentation, removing the IMAGE_REPO environment variable and retaining PLUGIN_REGISTRY as the single source.
    Feature Value: Simplified the user configuration process, reducing the complexity of environment variable settings, and enhancing document consistency and usability.

  • Related PR: #3441
    Contributor: @johnlanni
    Change Log: Updated the skill documentation to reflect the new behavior of automatically selecting the best registry for container images and WASM plugins based on the timezone.
    Feature Value: By automating timezone detection to select the best registry, the user configuration process is simplified, enhancing user experience and efficiency.

  • Related PR: #3440
    Contributor: @johnlanni
    Change Log: This PR adds a troubleshooting guide for common errors during Higress AI Gateway API server deployment due to file descriptor limits.
    Feature Value: By providing detailed troubleshooting information, users can quickly locate and fix service startup failures caused by system file descriptor limits, enhancing user experience.

  • Related PR: #3439
    Contributor: @johnlanni
    Change Log: This PR adds a guide for choosing geographically closer container image registries in the higress-clawdbot-integration SKILL documentation, including a new section on image registry selection, an environment variable table, and examples.
    Feature Value: By providing a method to choose the nearest container image registry based on geographical location, this feature helps users optimize the Higress deployment process, reduce network latency, and improve user experience.

  • Related PR: #3433
    Contributor: @johnlanni \

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 7 items
  • Bug Fixes: 10 items
  • Documentation Updates: 1 item

📝 Complete Changelog

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: This PR optimizes the interaction capabilities of the MCP Server, including rewriting the header host, modifying the interaction method to support transport selection, and handling special characters like @.
    Feature Value: These improvements enhance the flexibility and compatibility of the MCP Server in various scenarios, making it easier for users to configure and use the MCP Server.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: This PR adds ignore handling for hop-to-hop headers, particularly for the transfer-encoding: chunked header. It also enhances code readability and maintainability by adding comments at key points.
    Feature Value: This feature resolves the issue where the Grafana page fails to work due to specific HTTP headers sent by the reverse proxy server, improving system compatibility and user experience.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: This PR adds plugin display support to the AI route management page, allowing users to view enabled plugins and see the "Enabled" label on the configuration page.
    Feature Value: This enhancement improves the functional consistency and user experience of the AI route management page, enabling users to more intuitively manage and view enabled plugins in the AI route.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: This PR introduces support for path rewriting using regular expressions, implemented through the new higress.io/rewrite-target annotation, with corresponding code and test updates in relevant files.
    Feature Value: The new feature allows users to flexibly define path rewriting rules using regular expressions, significantly enhancing the flexibility and functionality of application routing configurations, making it easier for developers to customize request paths as needed.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: This PR adds a feature to display a fixed service port 80 in the static service source settings, achieved by defining a constant in the code and updating the form component.
    Feature Value: Adding the display of a fixed service port 80 helps users better understand and configure static service sources, improving the user experience.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: This PR implements search functionality in the process of selecting upstream services on the AI route configuration page, enhancing the interactivity and usability of the user interface.
    Feature Value: The added search function enables users to quickly and accurately find the required upstream services, greatly improving configuration efficiency and user experience.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: Adds support for custom Qwen services, including enabling internet search and uploading file IDs.
    Feature Value: This enhancement increases the flexibility and functionality of the system, allowing users to configure custom Qwen services to meet more personalized needs.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: This PR fixes a spelling error in the sortWasmPluginMatchRules logic, ensuring the correctness and readability of the code.
    Feature Value: By correcting the spelling error, the code quality is improved, reducing potential misunderstandings and maintenance costs, and enhancing the user experience.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: This PR removes version information from the data JSON when converting AiRoute to ConfigMap. This information is already stored in the ConfigMap metadata and does not need to be duplicated in the JSON.
    Feature Value: Avoiding redundant information storage makes the data structure clearer and more reasonable, which helps improve the consistency and efficiency of configuration management, reducing potential data inconsistencies.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: Refactors the API authentication logic in the SystemController, eliminating security vulnerabilities. Adds the AllowAnonymous annotation and adjusts the ApiStandardizationAspect class to support the new authentication logic.
    Feature Value: Fixes the security vulnerabilities in the SystemController, enhancing system security and protecting user data from unauthorized access.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: This PR fixes multiple errors in the front-end console, including missing unique key attributes for list items, issues with loading images that violate the content security policy, and incorrect type for the Consumer.name field.
    Feature Value: By resolving these front-end errors, the stability and user experience of the application are improved. This helps reduce issues encountered by developers during debugging and ensures the application runs as expected.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: Fixes an error in the type of the type field in the ServiceSource class by adding dictionary value validation to ensure the correct type.
    Feature Value: This fix improves the stability and data accuracy of the system, preventing service anomalies due to type mismatches and enhancing the user experience.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: This PR strengthens the content security policy (CSP) by modifying the front-end configuration, preventing cross-site scripting attacks and other security threats, ensuring the application is more secure and reliable.
    Feature Value: Enhances the security of the front-end application, effectively defending against common web security attacks, protecting user data from unauthorized access or tampering, and improving user experience and trust.

  • Related PR: #611
    Contributor: @qshuai
    Change Log: This PR fixes a spelling error in the controller API title in the LlmProvidersController.java file, ensuring consistency between the documentation and the code.
    Feature Value: Fixing the title spelling error improves the accuracy and readability of the API documentation, helping developers better understand and use the relevant interfaces.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: This PR corrects the type of the name field in the Consumer interface from boolean to string, ensuring the accuracy of the type definition.
    Feature Value: By fixing the type definition error, the code quality and maintainability are improved, reducing potential runtime errors and enhancing the developer experience.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Fixes the AI route name validation rules to support dot characters and unifies them to allow only lowercase letters. Also updates the error messages in both Chinese and English to accurately reflect the new validation logic.
    Feature Value: Resolves the inconsistency between the UI prompt and backend validation logic, improving the consistency and accuracy of the user experience, ensuring users can correctly enter AI route names according to the latest rules.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: Adds the vport attribute to fix the issue of route configuration failure when the service instance port changes. By adding the vport attribute in the registry configuration, it ensures that changes to the backend service port do not affect the route.
    Feature Value: Solves the compatibility issue caused by changes in the service instance port, enhancing the stability and user experience of the system, ensuring that services remain accessible even if the backend instance port changes.

📚 Documentation Updates (Documentation)

  • Related PR: #610
    Contributor: @heimanba
    Change Log: Updates the required and associated explanations for the document configuration fields, including changing the rewrite fields to optional and correcting some description texts.
    Feature Value: By adjusting the field descriptions in the documentation, the configuration flexibility and compatibility are improved, helping users better understand and use the front-end canary plugin.

📊 Release Statistics

  • 🚀 New Features: 7 items
  • 🐛 Bug Fixes: 10 items
  • 📚 Documentation Updates: 1 item

Total: 18 changes

Thank you to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.9...v2.2.0

2025-11-13 19:28:35
higress

v2.1.9

Higress

📋 Overview of This Release

This release includes 44 updates, covering various aspects such as feature enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 23
  • Bug Fixes: 14
  • Refactoring Optimizations: 2
  • Documentation Updates: 1
  • Testing Improvements: 4

⭐ Key Highlights

This release contains 3 significant updates, which are recommended for special attention:

  • feat(mcp-server): add server-level default authentication and MCP proxy server support (#3096): This feature enhances Higress's security management capabilities for MCP traffic, allowing users to set up authentication through a unified interface, simplifying the deployment process of security policies, and enhancing system security and flexibility.
  • feat: add higress api mcp server (#2923): By adding the higress-ops MCP Server, users can use the hgctl agent command to manage Higress configurations and troubleshoot issues, improving operational efficiency and user experience.
  • feat: implement hgctl agent & mcp add subcommand (#3051): This enhancement improves Higress's operational capabilities, especially through interactive management and debugging via the Agent, making it easier for users to configure and debug MCP traffic governance. It is a significant step towards AI-native operations for Higress.

For more details, please refer to the detailed descriptions of key features below.


🌟 Detailed Description of Key Features

Below are the detailed explanations of the important features and improvements in this release:

1. feat(mcp-server): add server-level default authentication and MCP proxy server support

Related PR: #3096 | Contributor: @johnlanni

Usage Background

As the AI-native API gateway Higress develops, users' demands for API security, flexibility, and ease of use are increasing. In practical applications, the MCP (Model Context Protocol) is widely used for managing and invoking AI models. However, existing MCP servers lack a unified security authentication mechanism, leading to the need for configuring different authentication mechanisms in various scenarios (such as direct proxying by MCP Server, or REST API conversion to MCP Server). This update addresses these issues, targeting user groups including, but not limited to, developers, operations personnel, and system administrators, who require a more secure, flexible, and easy-to-manage API gateway.

Feature Details

This update primarily implements two core features: 1. Adding default authentication at the MCP server level, including client-to-gateway and gateway-to-backend authentication; 2. Introducing a new type of MCP proxy server that can proxy MCP requests from clients to backend MCP servers, supporting timeout configuration and full authentication support. Technically, this is achieved by updating dependency library versions (such as wasm-go and proxy-wasm-go-sdk) to support the new features, while also refactoring existing code to accommodate the new authentication and proxy logic.

Usage

To enable this feature, you need to set the corresponding parameters in the Higress configuration file. For example, to configure default downstream security, specify the authentication policy in the defaultDownstreamSecurity field; similarly, upstream authentication is configured through the defaultUpstreamSecurity field. To use the MCP proxy server, define a new mcp-proxy type server and specify the backend MCP server address via the mcpServerURL field. Additionally, you can control the request timeout time using the timeout field. Best practices recommend utilizing the priority configuration mechanism to ensure that tool-level settings can override server-level defaults, thereby achieving finer-grained control.

Feature Value

This feature significantly enhances the security and flexibility of Higress, making API management more efficient. By introducing server-level default authentication, it reduces the workload of repetitive configurations and lowers the security risks caused by configuration errors. The newly added MCP proxy server capability not only simplifies the complexity of MCP service governance but also effectively alleviates the pressure on backend MCP servers by offloading state-keeping tasks to the Higress side. These improvements collectively contribute to enhancing the stability and user experience of the entire ecosystem, laying a solid foundation for Higress to become an indispensable API gateway in the AI era.


2. feat: add higress api mcp server

Related PR: #2923 | Contributor: @Tsukilc

Usage Background

As AI technology advances, API gateways need to better support AI-related functionalities. Higress, as an AI-native API gateway, needs to provide more powerful management tools to unify the management of core API assets such as LLM APIs, MCP APIs, and Agent APIs. This PR integrates the Higress API MCP Server, providing comprehensive management capabilities for AI routing, AI providers, and MCP servers. These new features help users more efficiently configure and maintain Higress's AI features, meeting the needs of modern applications. The target user groups include Higress operators and developers, especially those with deep needs in the AI domain.

Feature Details

This PR mainly implements the following features:

  1. AI Routing Management: Added tools such as list-ai-routes, get-ai-route, add-ai-route, update-ai-route, and delete-ai-route to allow users to manage AI routes.
  2. AI Provider Management: Added tools such as list-ai-providers, get-ai-provider, add-ai-provider, update-ai-provider, and delete-ai-provider to allow users to manage AI providers.
  3. MCP Server Management: Added tools such as list-mcp-servers, get-mcp-server, add-or-update-mcp-server, and delete-mcp-server to allow users to manage MCP servers and their consumers.
  4. Authentication Configuration: Uses HTTP Basic Authentication for authorization, carrying the Authorization header in the client request.
  5. Code Changes: Removed hard-coded usernames and passwords, instead providing them at runtime via the MCP Client, enhancing security. Additionally, added the higress-ops module for hgctl agent command integration, enabling Agent-based management of Higress configurations.

Usage

To enable and configure this feature, follow these steps:

  1. Configure Higress API MCP Server: Add the Higress API MCP Server configuration in the Higress configuration file, specifying the URL of the Higress Console.
  2. Use hgctl agent: Start the interactive Agent using the hgctl agent command, allowing you to manage Higress using natural language. For example, use the mcp add subcommand to add a remote MCP Server to the Higress MCP management directory.
  3. Manage AI Routes: Use tools like list-ai-routes, get-ai-route, add-ai-route, update-ai-route, and delete-ai-route to manage AI routes.
  4. Manage AI Providers: Use tools like list-ai-providers, get-ai-provider, add-ai-provider, update-ai-provider, and delete-ai-provider to manage AI providers.
  5. Manage MCP Servers: Use tools like list-mcp-servers, get-mcp-server, add-or-update-mcp-server, and delete-mcp-server to manage MCP servers and their consumers. Note: Ensure that you correctly configure the authentication information and carry the Authorization header in the request.

Feature Value

This feature brings the following specific benefits to users:

  1. Enhanced Management Capabilities: Users can more easily manage and debug Higress's AI routing, AI provider, and MCP server configurations using the new MCP tools, improving management efficiency.
  2. Higher Security: By providing usernames and passwords at runtime via the MCP Client rather than hard-coding them in the configuration file, the system's security is enhanced.
  3. Better User Experience: The interactive management method via hgctl agent allows users to manage Higress using natural language, reducing the learning curve and difficulty of use.
  4. Improved System Performance and Stability: The new MCP tools provide more management and debugging options, helping to promptly identify and resolve issues, thereby improving system stability and performance.
  5. Ecosystem Importance: As the first step for Higress to transition from traditional operations to Agent-based operations, this feature is significant for the development of the Higress ecosystem, laying the groundwork for future innovations.

3. feat: implement hgctl agent & mcp add subcommand

Related PR: #3051 | Contributor: @erasernoob

Usage Background

Higress is an AI-native API gateway used to unify the management of LLM APIs, MCP APIs, and Agent APIs. As Higress evolves, traditional command-line tools no longer meet user needs, especially in the management and debugging of MCP services. This PR introduces an interactive Agent similar to Claude Code, allowing users to manage Higress using natural language. Additionally, the new mcp add subcommand makes it easy to add remote MCP services to Higress's MCP management directory, enabling MCP traffic governance. These features not only simplify the configuration process for MCP services but also enhance the system's maintainability and usability.

Feature Details

This PR mainly implements two new subcommands: hgctl agent and mcp add.

  • hgctl agent: This command allows users to interact with Higress using natural language. It calls the underlying claude-code agent and prompts the user to set up the necessary environment upon first use. hgctl agent provides an interactive window, enabling users to manage Higress in a more intuitive manner.

  • mcp add: This command allows users to add MCP services with simple parameters. It supports two types of MCP services: direct proxy type and OpenAPI-based type. Direct proxy type MCP services can directly call the Higress Console API and publish to the Higress MCP Server management tool. OpenAPI-based MCP services generate MCP configurations by parsing the OpenAPI specification. The code changes include the addition of multiple files and a significant amount of code, including agent.go, base.go, core.go, mcp.go, and client.go, which collectively implement the above features.

Usage

To enable and configure these new features, users need to update to the latest version of the hgctl tool.

  1. Enable hgctl agent:

    • Run the hgctl agent command. On the first use, it will prompt the user to set up the necessary environment, such as installing the claude-code agent.
    • Interact with Higress using natural language, for example, to query or modify configurations.
  2. Add MCP Services Using mcp add:

    • Add a direct proxy type MCP service:
      hgctl mcp add mcp-deepwiki -t http https://mcp.deepwiki.com --user admin --password 123 --url http://localhost:8080
    • Add an OpenAPI-based MCP service:
      hgctl mcp add openapi-server -t openapi --spec openapi.yaml --user admin --password 123 --url http://localhost:8080

Note: Ensure that the system has correctly configured Higress and related dependencies before running these commands.

Feature Value

These new features bring significant benefits to users, including:

  • Improved User Experience: Through natural language interaction, the learning curve for users is reduced, making Higress management more intuitive and user-friendly.
  • Simplified Configuration Process: The mcp add command greatly simplifies the process of adding and configuring MCP services, reducing the complexity and error rate of manual operations.
  • Enhanced System Stability: With unified MCP service management, it is easier to monitor and maintain MCP traffic, improving the system's stability and reliability.
  • Expanded Ecosystem: These new features enable Higress to better support different types of MCP services, enhancing its competitiveness and ecosystem influence in the AI era.

📝 Full Changelog

🚀 New Features (Features)

  • Related PR: #3126
    Contributor: @johnlanni
    Change Log: Updated Envoy dependencies, supporting the setting of Redis call-related parameters via WASM, such as buffer_flush_timeout and max_buffer_size_before_flush.
    Feature Value: This feature enhances the flexibility of the WASM plugin, allowing users to customize Redis client buffer behavior through URL query parameters, improving the convenience and efficiency of configuration management.

  • Related PR: #3123
    Contributor: @johnlanni
    Change Log: Upgraded the Higress proxy version to v2.2.0, updated the Go toolchain and multiple dependency package versions, and added specific architecture build targets for golang-filter, fixing dependency issues related to MCP servers, OpenAI, and Milvus SDK.
    Feature Value: This improvement enhances the overall performance and stability of Higress, supporting more architecture types and enhancing support for the latest technology stack. For users, this means broader compatibility, better security, and richer feature expansion possibilities.

  • Related PR: #3108
    Contributor: @wydream
    Change Log: Added video-related API paths and capabilities, including constants, default capabilities, and regular expression path handling, enabling the proxy to correctly parse multiple video-related endpoints and updating the OpenAI provider to optimize support for these new endpoints.
    Feature Value: By adding support for video-related APIs, this enhancement strengthens Higress's ability to manage AI services, particularly for applications that need to handle video content. This will make it easier for users to integrate and use advanced features involving video.

  • Related PR: #3071
    Contributor: @rinfx
    Change Log: The PR added an example of using the inject_encoded_data_to_filter_chain_on_header function, demonstrating how to add body data to a request when there is no response body. This was achieved by modifying README.md, go.mod, and other files.
    Feature Value: This feature allows users to add body data to a request even when there is no response body, enhancing the API gateway's ability to handle requests flexibly and dynamically, especially when generating or modifying response content.

  • Related PR: #3067
    Contributor: @wydream
    Change Log: This PR added support for vLLM as an AI provider in the Higress ai-proxy plugin, implementing multiple API interfaces compatible with OpenAI, including chat and text completion, model list display, and other functions.
    Feature Value: By introducing vLLM as a new AI service provider, users can now directly access various AI capabilities provided by vLLM through the Higress proxy, such as generating text. This greatly enriches the availability of Higress in AI application scenarios and simplifies the integration process.

  • Related PR: #3060
    Contributor: @erasernoob
    Change Log: This PR enhanced the hgctl mcp and hgctl agent commands to automatically obtain Higress Console credentials from installation configuration files and Kubernetes secrets, optimizing the user experience.
    Feature Value: This feature reduces the steps required for users to manually enter credentials, improving operational convenience and security, especially when Higress is installed via hgctl. It is a significant usability improvement for users.

  • Related PR: #3043
    Contributor: @2456868764
    Change Log: This PR fixed the issue of incorrect default port for Milvus and added Python example code to the README.md. The port issue was resolved by modifying the match_rule_domain field in the configuration file, and usage guidance was provided.
    Feature Value: This fix resolves the port configuration issue that could lead to service failure, enhancing the practicality of the documentation. It provides a specific Python example to help users understand and quickly get started with the plugin functionality.

  • Related PR: #3040
    Contributor: @victorserbu2709
    Change Log: This PR added the ApiNameAnthropicMessages feature for Anthropic and supported configuring the Anthropique provider without setting protocol=original, allowing /v1/messages requests to be directly forwarded to Anthropic, while /v1/chat/completion requests convert the OpenAI format message body to a Claude-compatible format.
    Feature Value: By adding support for the Anthropic messages API, this feature enhances Higress's ability to manage different types of AI services. Users can now more flexibly use services provided by Anthropic, especially when interacting with Claude, increasing the platform's diversity and flexibility.

  • Related PR: #3038
    Contributor: @Libres-coder
    Change Log: Added the list-plugin-instances tool, allowing AI proxies to query plugin instances within a specific scope using the MCP protocol. This PR added two new functions to the MCP Server and updated the relevant documentation.
    Feature Value: This feature enables users to more conveniently manage plugin configurations in Higress, enhancing the system's manageability and transparency, especially when checking or adjusting the status of plugins within a specific scope.

  • Related PR: #3032
    Contributor: @johnlanni
    Change Log: This PR enabled Qwen compatibility mode by default and added missing API endpoints, including AsyncAIGC, AsyncTask, and V1Rerank, to provide more comprehensive API coverage.
    Feature Value: By enabling compatibility mode by default and filling in API endpoint gaps, this feature enhances the out-of-the-box experience for users and strengthens Higress's support for Qwen AI services, making it easier for developers to integrate and use Qwen-related features.

  • Related PR: #3029
    Contributor: @victorserbu2709
    Change Log: Added support for v1/responses in the groq provider, specifically by introducing new response handling logic.
    Feature Value: This new feature supports better management and utilization of the services provided by the groq plugin, enhancing the flexibility and completeness of API management.

  • Related PR: #3024
    Contributor: @rinfx
    Change Log: Added malicious URL and model hallucination detection to ensure the security of AI-generated content; also adjusted specific configurations at the consumer level to better adapt to different scenario needs.
    Feature Value: By adding detection for malicious URLs and model hallucinations, this feature enhances the security and accuracy of Higress in handling AI-generated content, helping to protect users from potential threats. Additionally, the adjusted consumer-level configurations enhance the system's flexibility and adaptability.

  • Related PR: #3008
    Contributor: @hellocn9
    Change Log: This PR added support for custom parameter names for MCP SSE stateful sessions. By adding the higress.io/mcp-sse-stateful-param-name annotation in the ingress configuration, users can specify their own parameter names.
    Feature Value: This feature allows users to flexibly set the parameter names for MCP SSE stateful sessions according to their needs, improving configuration flexibility and user experience. This makes Higress better suited for diverse application scenarios.

  • Related PR: #3006
    Contributor: @SaladDay
    Change Log: This PR added Secret reference support for Redis configuration in the MCP Server, allowing Redis passwords to be stored in Kubernetes Secrets, enhancing security, and modified the relevant documentation and test code.
    Feature Value: By storing Redis passwords in Kubernetes Secrets instead of writing them in plaintext in ConfigMaps, this improvement enhances system security. Users can more securely manage sensitive information, reducing the risk of password leaks.

  • Related PR: #2992
    Contributor: @rinfx
    Change Log: This PR modified the authentication logic in the key_auth plugin, logging the consumer name in the logs even if the access is not authorized. By adding logging of consumer identification during the authentication and authorization process, it enhances the observability of the system.
    Feature Value: This feature improves the efficiency of system monitoring and troubleshooting, allowing operations personnel to clearly understand the source of requests, even if they are not authorized, thus better diagnosing issues and conducting security audits.

  • Related PR: #2978
    Contributor: @rinfx
    Change Log: After determining the consumer name, it adds the consumer name to the request header regardless of whether the authentication is successful, for subsequent processing.
    Feature Value: This feature enhances the ability to track consumer behavior, helping to better understand API call patterns and consumer activity, thus providing a more personalized service experience for users.

  • Related PR: #2968
    Contributor: @2456868764
    Change Log: Added vector database mapping functionality, introducing a field mapping system and index configuration management mechanism, supporting various index types such as HNSW, IVF, SCANN, etc., to improve system flexibility and adaptability.
    Feature Value: By providing flexible field mapping and rich index configuration options, this feature enhances support for different vector databases, simplifying the process for developers to integrate various storage solutions and improving the user experience.

  • Related PR: #2943
    Contributor: @Guo-Chenxu
    Change Log: This PR added the ability to support custom system prompts when generating release notes, achieved by modifying the GitHub Actions workflow file.
    Feature Value: This feature allows users to add personalized system prompts when generating release notes, enhancing the flexibility and practicality of the release notes and better meeting the needs of different projects.

  • Related PR: #2942
    Contributor: @2456868764
    Change Log: Fixed the handling logic when the LLM provider is empty and optimized the document structure and content, adding detailed introductions to MCP tools.
    Feature Value: This improvement enhances the robustness of the system when LLM configuration is missing, enhancing the user's understanding and experience with MCP tools, making it clearer for users to understand the functions and configuration requirements of different tools.

  • Related PR: #2916
    Contributor: @imp2002
    Change Log: Implemented Nginx migration to MCP servers and provided 7 MCP tools to automate the migration process from Nginx configuration/Lua plugins to Higress, including important features such as configuration conversion.
    Feature Value: This feature greatly simplifies the effort required for users to migrate from Nginx to Higress, providing a complete set of tools to make the migration process smoother and more efficient, helping users adopt Higress as their API gateway solution more quickly.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #3120
    Contributor: @lexburner
    Change Log: Adjusted the log level in the ai-proxy component, specifically in the wasm-go/extensions/ai-proxy/provider/qwen.go file, reducing unnecessary warning messages.
    Feature Value: By lowering the log level in specific parts, this change reduces redundant warning messages during system operation, improving the efficiency of developers and operations personnel in viewing logs, allowing them to focus more on actual errors or important information.

  • Related PR: #3119
    Contributor: @johnlanni
    Change Log: Updated the Istio dependency and replaced reqChan and deltaReqChan in the Connection with channels.Unbounded to prevent deadlock issues caused by HTTP2 flow control.
    Feature Value: By resolving the deadlock issue caused by HTTP2 flow control, this improvement ensures that client requests and ACK requests can be processed normally without blocking, enhancing the stability and response speed of the system.

  • Related PR: #3118
    Contributor: @johnlanni
    Change Log: This PR fixed the issue where port-level policies unconditionally overwrite existing configurations converted from Ingress annotations. By adding nil checks before setting policy.Tls and policy.LoadBalancer, it avoids overwriting existing configurations.
    Feature Value: This fix resolves the unexpected configuration overwrite issue caused by TLS and load balancer settings in DestinationRule, ensuring that user-defined Ingress annotation configurations are correctly retained and applied, enhancing the stability and reliability of the system.

  • Related PR: #3095
    Contributor: @rinfx
    Change Log: Fixed the issue of usage information being lost during the claude2openai conversion process and added the index field in the bedrock streaming tool response to ensure data integrity and accuracy.
    Feature Value: This fix enhances the system's data integrity when handling API conversions, ensuring that users can accurately obtain all necessary usage information, especially in the case of streaming responses, by introducing the index field to enhance response management flexibility.

  • Related PR: #3084
    Contributor: @rinfx
    Change Log: Fixed the issue where the include_usage: true flag was not correctly included when converting Claude requests to OpenAI requests, ensuring that usage information is properly passed in streaming response mode.
    Feature Value: This fix allows users to receive more accurate resource usage feedback when using streaming APIs, enhancing the accuracy of resource consumption monitoring.

  • Related PR: #3074
    Contributor: @Jing-ze
    Change Log: This PR added a check for Content-Encoding in the log-request-response plugin to avoid logging compressed request/response bodies, which can result in garbled log entries.
    Feature Value: By improving the logging mechanism to prevent unreadable log entries, this change enhances the efficiency and accuracy of system operations personnel in troubleshooting issues.

  • Related PR: #3069
    Contributor: @Libres-coder
    Change Log: This PR fixed an issue in the CI testing framework where e2e tests failed due to the go.mod file not being correctly updated. By adding the go mod tidy command in the prebuild.sh script, it ensures that the go.mod in the root directory is also updated.
    Feature Value: This fix resolves the CI test failure issue that all PRs triggering end-to-end testing of the wasm plugin might encounter, ensuring the stability of the build and test process and improving the developer experience.

  • Related PR: #3010
    Contributor: @rinfx
    Change Log: Fixed the issue of parsing failures in bedrock responses due to unpacking problems and adjusted the maxtoken conversion logic to ensure the accuracy and integrity of event stream processing.
    Feature Value: This fix resolves the data parsing error issue encountered by users when using bedrock services, enhancing the stability and user experience of the system. By optimizing boundary condition handling, it ensures the consistency of data transmission.

  • Related PR: #2997
    Contributor: @hanxiantao
    Change Log: Optimized the cluster rate limiting and AI token rate limiting logic, changing to cumulative counting of request counts and token usage, avoiding reset of counters when changing rate limit values.
    Feature Value: By improving the rate limiting mechanism, this change ensures that the system can accurately track and limit request traffic even after changing the rate limit thresholds, thereby enhancing the stability and reliability of the system.

  • Related PR: #2988
    Contributor: @johnlanni
    Change Log: This PR fixed the JSON formatting error in the jsonrpc-converter, switching to using raw JSON data to avoid data parsing issues caused by string formatting.
    Feature Value: By correcting the JSON handling method, this change ensures the accuracy and consistency of data transmission, enhancing the stability and reliability of the system and reducing potential issues caused by data format errors.

  • Related PR: #2973
    Contributor: @CH3CHO
    Change Log: Fixed the issue where the Higress 2.1.8 version did not support an empty match_rule_domain by using a wildcard to match all domains, eliminating compatibility risks.
    Feature Value: This fix ensures that the generation of MCP server configurations is backward-compatible with older versions, avoiding service interruptions or behavioral anomalies due to configuration errors, enhancing the stability and user experience of the system.

  • Related PR: #2952
    Contributor: @Erica177
    Change Log: Corrected the JSON tag for the Id field in the ToolSecurity struct, changing it from type to id, to ensure correct serialization.
    Feature Value: This fix ensures the correctness of the ToolSecurity struct during data transmission, avoiding data parsing issues caused by incorrect field tags, enhancing the stability and user experience of the system.

  • Related PR: #2948
    Contributor: @johnlanni
    Change Log: Fixed the handling issue with the Azure OpenAI Response API and the service URL type detection logic, including adding support for custom full paths and improving streaming event parsing.
    Feature Value: This enhancement improves support for Azure OpenAI services, enhancing the accuracy and efficiency of API response handling, allowing users to more stably use Azure OpenAI-related features.

  • Related PR: #2941
    Contributor: @rinfx
    Change Log: This PR fixed the compatibility issue between the ai-security-guard plugin and old configurations, by adjusting the relevant code in the main.go file to ensure backward compatibility.
    Feature Value: This fix resolves the compatibility issue caused by configuration updates, allowing users with old configurations to seamlessly transition to the new version, enhancing the user experience and stability of the system.

♻️ Refactoring Optimizations (Refactoring)

  • Related PR: #3113
    Contributor: @johnlanni
    Change Log: This PR implemented a hash cache for Protobuf messages, using the xxHash algorithm for recursive hash calculation and handling google.protobuf.Any types and deterministically sorted map fields specially, optimizing LDS performance.
    Feature Value: This change significantly improves the efficiency of Envoy in handling large-scale configuration updates, reducing performance overhead due to repeated serialization. In environments with frequent changes or large-scale deployments, it accelerates the propagation of configurations and enhances system responsiveness.

  • Related PR: #2945
    Contributor: @rinfx
    Change Log: Optimized the Lua script logic for selecting pods with the global minimum number of requests in ai-load-balancer, improving request distribution efficiency by adjusting the health check mechanism and load balancing strategy.
    Feature Value: This change enhances the fairness and efficiency of the AI load balancer in handling requests, reducing the service response time extension caused by a single node being overloaded, positively impacting the overall system stability and user experience.

📚 Documentation Updates (Documentation)

  • Related PR: #2965
    Contributor: @CH3CHO
    Change Log: Updated the description of azureServiceUrl in the ai-proxy README file, adding detailed information about the use of this parameter to help users better understand and configure it.
    Feature Value: By providing a more detailed description of the azureServiceUrl parameter, this change improves the user experience, making it easier for users to correctly configure settings according to the documentation, thus avoiding potential usage errors.

🧪 Testing Improvements (Testing)

  • Related PR: #3110
    Contributor: @Jing-ze
    Change Log: This PR added the CODECOV_TOKEN environment variable configuration in the GitHub Actions workflow to ensure that Codecov can correctly authenticate and upload code coverage data.
    Feature Value: By adding the CODECOV_TOKEN environment variable, this improvement enhances the security and reliability of the CI/CD process, ensuring the accuracy and completeness of code coverage reports, which helps in maintaining project quality.

  • Related PR: #3097
    Contributor: @johnlanni
    Change Log: This PR added unit tests for the mcp-server, adding a total of 2766 lines of code, primarily in the main_test.go file, enhancing the test coverage of the mcp-server.
    Feature Value: By adding unit tests, this improvement enhances the stability and reliability of the mcp-server module, ensuring that new features or fixes do not introduce new issues. For users, this improves the overall quality assurance and user experience of Higress.

  • Related PR: #2998
    Contributor: @Patrisam
    Change Log: This PR implemented end-to-end test cases for Cloudflare, enhancing the test coverage of the Higress project. By adding new test logic and configurations in go-wasm-ai-proxy.go and go-wasm-ai-proxy.yaml, it improved system integration.
    Feature Value: The newly added Cloudflare e2e test cases help ensure the compatibility and stability between Higress and Cloudflare services, greatly enhancing the confidence of users who use or plan to use Cloudflare as part of their network infrastructure.

  • Related PR: #2980
    Contributor: @Jing-ze
    Change Log: Enhanced the CI workflow for WASM plugin unit tests, adding coverage display functionality and setting an 80% coverage threshold.
    Feature Value: This improvement enhances the quality and transparency of the testing process, ensuring that the WASM plugin meets a certain code coverage standard, which helps in identifying potential issues and improving code reliability.


📊 Release Statistics

  • 🚀 New Features: 23
  • 🐛 Bug Fixes: 14
  • ♻️ Refactoring Optimizations: 2
  • 📚 Documentation Updates: 1
  • 🧪 Testing Improvements: 4

Total: 44 changes (including 3 key updates)

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 18 updates, covering enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 7 items
  • Bug Fixes: 10 items
  • Documentation Updates: 1 item

📝 Complete Changelog

🚀 New Features (Features)

  • Related PR: #621
    Contributor: @Thomas-Eliot
    Change Log: This PR enhances the interaction capabilities of the MCP Server, including rewriting the header host, modifying the interaction method to support transport selection, and improving DSN character handling logic to support the special character @.
    Feature Value: These improvements allow users to configure and use the MCP Server more flexibly, especially in direct routing scenarios, where DNS addresses and service paths can be handled better, enhancing system flexibility and usability.

  • Related PR: #612
    Contributor: @zhwaaaaaa
    Change Log: Added handling to ignore hop-by-hop headers in DashboardServiceImpl, preventing headers like Transfer-Encoding: chunked from being mistakenly passed.
    Feature Value: By correctly handling hop-by-hop headers, it ensures that the Grafana page works properly in environments with reverse proxy servers, improving system compatibility and user experience.

  • Related PR: #608
    Contributor: @Libres-coder
    Change Log: This PR adds plugin display support to the AI route management page, allowing users to expand AI route rows to view enabled plugins and see the "Enabled" label on the configuration page.
    Feature Value: Enhances AI route management by enabling users to manage AI-related plugin states more intuitively, improving user experience and operational convenience.

  • Related PR: #604
    Contributor: @CH3CHO
    Change Log: This PR introduces the feature of using the higress.io/rewrite-target annotation for path rewriting, supporting regular expressions, and enhancing the flexibility of path configuration.
    Feature Value: By adding the ability to rewrite paths based on regular expressions, users can control and transform request paths more flexibly, enhancing the routing processing capability of the Higress gateway and meeting the needs of more scenarios.

  • Related PR: #603
    Contributor: @CH3CHO
    Change Log: This PR displays a fixed service port 80 for static service sources, implemented by hardcoding this value in the frontend component.
    Feature Value: Users can more intuitively see and understand the default port number specific to static service sources, enhancing the clarity and user experience of the UI.

  • Related PR: #602
    Contributor: @CH3CHO
    Change Log: This PR adds a search function to the frontend page, allowing users to search when selecting upstream services for AI routes, improving the user experience.
    Feature Value: This feature enables users to find the required upstream services more quickly and accurately, simplifying the configuration process and improving operational efficiency.

  • Related PR: #566
    Contributor: @OuterCyrex
    Change Log: This PR adds support for custom Qwen services, including enabling internet search and uploading file IDs. The main changes are in the backend SDK and frontend UI.
    Feature Value: By supporting custom Qwen services, users can configure AI services more flexibly, such as using specific internet search features or specifying file IDs, thus meeting more personalized needs.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #620
    Contributor: @CH3CHO
    Change Log: Fixed a spelling error in the sortWasmPluginMatchRules logic, ensuring correct sorting of match rules.
    Feature Value: Fixing this spelling error improves the reliability and readability of the code, ensuring that Wasm plugin match rules work as expected and reducing potential runtime errors.

  • Related PR: #619
    Contributor: @CH3CHO
    Change Log: This PR removes version information from the data JSON during the conversion from AiRoute to ConfigMap, as this information is already saved in the ConfigMap metadata.
    Feature Value: By removing redundant data, it improves the consistency and simplicity of the configuration, reducing potential data conflicts and inconsistencies.

  • Related PR: #618
    Contributor: @CH3CHO
    Change Log: This PR refactors the API authentication logic in SystemController to eliminate existing security vulnerabilities. It adds the AllowAnonymous annotation and adjusts the ApiStandardizationAspect class to ensure a more secure system.
    Feature Value: This fix enhances the security of the system, preventing unauthorized access and potential security threats, improving user experience and trust.

  • Related PR: #617
    Contributor: @CH3CHO
    Change Log: Fixed frontend console errors, including missing key attributes for list elements, image loading failures due to CSP policy restrictions, and incorrect type for the Consumer.name field.
    Feature Value: Resolved multiple frontend issues encountered by users, improving the user experience and ensuring the stability and security of the application.

  • Related PR: #614
    Contributor: @lc0138
    Change Log: This PR corrects the type of the type field in the ServiceSource class and adds dictionary value validation to ensure data accuracy.
    Feature Value: By fixing the service source type error, it improves the data consistency and reliability of the system, reducing potential issues caused by type mismatches.

  • Related PR: #613
    Contributor: @lc0138
    Change Log: This PR fixes CSP and other security risk issues by adding 15 lines of code to the frontend document.tsx file.
    Feature Value: It resolves security risks related to Content Security Policy, enhancing the security level of the application and protecting users from potential security threats.

  • Related PR: #611
    Contributor: @qshuai
    Change Log: Corrected a description error in the LlmProvidersController.java file regarding the new route API, changing the title from 'Add a new route' to 'Ad'.
    Feature Value: This fix addresses misleading information in the API documentation, ensuring developers can accurately understand the API's functionality, improving the development experience and reducing potential misuse.

  • Related PR: #609
    Contributor: @CH3CHO
    Change Log: Fixed the type error for the Consumer.name field, changing its type from boolean to string.
    Feature Value: This fix ensures the data consistency and accuracy of the Consumer.name field, avoiding data handling issues caused by type errors and improving system stability and user experience.

  • Related PR: #605
    Contributor: @SaladDay
    Change Log: Corrected the AI route name validation rules to support dot characters and unified case restrictions and interface prompts. Additionally, updated error messages in a multilingual environment.
    Feature Value: Resolves inconsistencies encountered by users when setting AI route names, improving the user experience and system usability, ensuring information consistency and accuracy.

  • Related PR: #552
    Contributor: @lcfang
    Change Log: This PR adds the vport attribute to address compatibility issues caused by inconsistent service instance ports and provides an optional configuration for virtual ports during registration center setup.
    Feature Value: By introducing the vport attribute, users can handle backend instance port changes more flexibly, avoiding service routing failures due to port changes, enhancing system stability and flexibility.

📚 Documentation Updates (Documentation)

  • Related PR: #610
    Contributor: @heimanba
    Change Log: This PR updates the documentation configuration for the frontend gray-scale plugin, including modifying the description of required fields, updating associated rules, and synchronizing the content in both Chinese and English README and spec.yaml files.
    Feature Value: By adjusting the documentation configuration requirements and descriptions, it enhances the flexibility and compatibility of the configuration, making it easier for users to understand and use the frontend gray-scale plugin features.

📊 Release Statistics

  • 🚀 New Features: 7 items
  • 🐛 Bug Fixes: 10 items
  • 📚 Documentation Updates: 1 item

Total: 18 changes

Thank you to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.8...v2.1.9

2025-10-09 17:32:35
higress

v2.1.9-rc.1

Higress

📋 Overview of This Release

This release includes 11 updates, covering areas such as feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

  • New Features: 3
  • Bug Fixes: 5
  • Refactoring and Optimization: 1
  • Documentation Updates: 2

📝 Full Changelog

🚀 New Features (Features)

  • Related PR: #2978
    Contributor: @rinfx
    Change Log: In the key-auth plugin, regardless of whether authentication is successful, the consumer name will be recorded after it is determined. This is achieved by adding the X-Mse-Consumer field to the HTTP request header.
    Feature Value: This feature allows the system to obtain and record the consumer's name earlier, which is very important for logging and subsequent processing, improving the traceability and transparency of the system.

  • Related PR: #2968
    Contributor: @2456868764
    Change Log: This PR introduces the core functionality of vector database mapping, including a field mapping system and index configuration management, supporting various index types.
    Feature Value: By providing flexible field mapping and index configuration capabilities, users can more easily integrate with different database architectures, enhancing the system's compatibility and flexibility.

  • Related PR: #2943
    Contributor: @Guo-Chenxu
    Change Log: Added a feature for customizing system prompts, allowing users to add personalized notes when generating release notes. This is implemented by modifying the GitHub Actions workflow file.
    Feature Value: This feature allows users to include customized system prompts when generating release notes, enhancing the flexibility and richness of information in the release notes, thereby improving the user experience.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #2973
    Contributor: @CH3CHO
    Change Log: This PR fixes an issue in Higress version 2.1.8 where the mcp-session filter did not support setting match_rule_domain to an empty string, using wildcards to match all domains and eliminate compatibility risks.
    Feature Value: This resolves a compatibility issue caused by specific configurations, ensuring that users do not encounter errors due to empty string settings during upgrades or configuration, thus improving the stability and user experience of the system.

  • Related PR: #2952
    Contributor: @Erica177
    Change Log: Corrected the JSON tag for the Id field in the ToolSecurity struct from type to id, ensuring correct mapping during data serialization.
    Feature Value: This fix addresses data inconsistency issues caused by incorrect field mapping, enhancing the stability and data accuracy of the system.

  • Related PR: #2948
    Contributor: @johnlanni
    Change Log: Fixed the Azure service URL type detection logic to support custom full paths. Enhanced the handling of Azure OpenAI response APIs and improved edge case parsing in streaming events.
    Feature Value: This ensures better compatibility with Azure OpenAI services, improves error handling and user experience, especially when using non-standard paths or streaming responses.

  • Related PR: #2942
    Contributor: @2456868764
    Change Log: Fixed the issue of LLM provider being empty and optimized documentation and prompt messages. Specifically, updated README.md for better explanations and adjusted the default LLM model.
    Feature Value: By enhancing the robustness of LLM provider initialization and optimizing related documentation, this improves the stability and user experience of the system, making it clearer for users to understand system configuration and usage.

  • Related PR: #2941
    Contributor: @rinfx
    Change Log: This PR fixes compatibility issues with old configurations, ensuring the system can correctly handle outdated configuration parameters, avoiding potential errors due to configuration changes.
    Feature Value: By supporting older version configurations, this enhances the system's backward compatibility, reducing inconvenience to users during upgrades or configuration adjustments, and improving the user experience.

♻️ Refactoring and Optimization (Refactoring)

  • Related PR: #2945
    Contributor: @rinfx
    Change Log: Optimized the logic for selecting pods based on the minimum number of requests globally, updated the Lua script code related to ai-load-balancer, reducing unnecessary checks and improving performance.
    Feature Value: By improving the minimum request count algorithm in load balancing strategies, this enhances the system's response speed and resource allocation efficiency, allowing users to utilize cluster resources more efficiently.

📚 Documentation Updates (Documentation)

  • Related PR: #2965
    Contributor: @CH3CHO
    Change Log: Updated the description of the azureServiceUrl field in the ai-proxy plugin README file to provide clearer and more accurate information.
    Feature Value: By improving the description in the documentation, users can better understand how to configure the Azure OpenAI service URL, thus enhancing the user experience and configuration accuracy.

  • Related PR: #2940
    Contributor: @github-actions[bot]
    Change Log: This PR adds English and Chinese release notes for version 2.1.8, detailing 30 updates in this version.
    Feature Value: By providing detailed release notes, users can more easily understand the new features, bug fixes, and other information included in the new version, allowing them to make better use of the new features.


📊 Release Statistics

  • 🚀 New Features: 3
  • 🐛 Bug Fixes: 5
  • ♻️ Refactoring and Optimization: 1
  • 📚 Documentation Updates: 2

Total: 11 changes

Thank you to all contributors for their hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 4 updates, covering multiple aspects such as feature enhancements, bug fixes, and performance optimizations.

Update Distribution

  • New Features: 1
  • Bug Fixes: 2
  • Documentation Updates: 1

⭐ Key Highlights

This release contains 1 significant update, which is recommended for special attention:

  • feat: Support using a known service in OpenAI LLM provider (#589): This feature allows users to use predefined services within the OpenAI LLM, thereby enhancing development efficiency and flexibility, and meeting the needs of a wider range of application scenarios.

For more details, please refer to the Important Feature Details section below.


🌟 Important Feature Details

Below are detailed explanations of key features and improvements in this release:

1. feat: Support using a known service in OpenAI LLM provider

Related PR: #589 | Contributor: @CH3CHO

Usage Background

As more organizations and services adopt large language models (LLMs), access and management of these models have become increasingly important. Especially when integration with specific known services, such as an on-premises OpenAI API server or a custom API endpoint, is required. This feature addresses the need for direct support of custom OpenAI services within the Higress system, allowing users to more flexibly configure and use their services. The target user groups include, but are not limited to, developers, operations personnel, and enterprises requiring highly customized solutions.

Feature Details

The update primarily focuses on the OpenaiLlmProviderHandler class, introducing support for custom service sources. By adding new configuration options like openaiCustomServiceName and openaiCustomServicePort, users can now directly specify the details of their custom OpenAI service. Additionally, the code has been improved so that if a custom upstream service is specified, a service source will not be created for the default service. This design not only simplifies the configuration process but also enhances the system's scalability. Technically, this is achieved by overriding the buildServiceSource and buildUpstreamService methods, which include checks for user-defined settings.

Usage Instructions

To enable and configure this new feature, users first need to provide the necessary custom service information in their OpenAI LLM provider settings. This typically involves filling in fields such as the custom service name, host address, and port number. The general steps are: 1. Locate the relevant LLM provider settings section in the Higress console or corresponding configuration file; 2. Enter the appropriate custom service details as prompted; 3. Save the changes. A typical use case might be a company wishing to use its own internally hosted OpenAI interface instead of the publicly available one. It is important to ensure that the provided custom service address is accurate and network-accessible.

Feature Value

This feature greatly enhances the adaptability of the Higress platform to different environments, especially for scenarios requiring high levels of customization. It not only improves the user experience—making the configuration process more intuitive and simple—but also promotes the overall stability and security of the system, as it now allows for the direct use of trusted internal resources. In the long run, such enhancements help build a more robust ecosystem, encouraging more innovative application development.


📝 Full Changelog

🐛 Bug Fixes

  • Related PR: #591
    Contributor: @CH3CHO
    Change Log: Fixed the issue where required fields were not properly validated when enabling route rewriting, ensuring that both host and newPath.path must provide valid values when enabled.
    Feature Value: This fix improves the accuracy and robustness of system configurations, preventing functional anomalies due to incomplete configurations and enhancing the user experience.

  • Related PR: #590
    Contributor: @CH3CHO
    Change Log: Fixed an error in the Route.customLabels processing logic, ensuring that built-in labels are correctly excluded during updates.
    Feature Value: Resolved the conflict between custom labels and built-in labels when updating Routes, improving the stability and user experience of the system.

📚 Documentation

  • Related PR: #595
    Contributor: @CH3CHO
    Change Log: This PR updated the README.md file, removing non-project-level descriptions and adding code formatting guidelines.
    Feature Value: By cleaning up irrelevant information and providing formatting suggestions, it helps developers better understand the project documentation, promoting consistency and readability in code contributions.

📊 Release Statistics

  • 🚀 New Features: 1
  • 🐛 Bug Fixes: 2
  • 📚 Documentation Updates: 1

Total: 4 changes (including 1 significant update)

Thank you to all contributors for your hard work! 🎉

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.8...v2.1.9-rc.1

2025-09-21 14:57:09
higress

v2.1.8

Higress

📋 Overview of This Release

This release includes 30 updates, covering various aspects such as feature enhancements, bug fixes, performance optimizations, and more.

Update Distribution

  • New Features: 13
  • Bug Fixes: 7
  • Refactoring and Optimization: 5
  • Documentation Updates: 4
  • Testing Improvements: 1

⭐ Key Highlights

This release includes 2 major updates, which are highly recommended for your attention:

  • feat: add rag mcp server (#2930): By introducing the RAG MCP server, this update provides a new way for users to manage and retrieve knowledge, enhancing the functionality and practicality of the system.
  • refactor(mcp): use ECDS for golang filter configuration to avoid connection drain (#2931): Using ECDS for filter configuration avoids instability caused by directly embedding golang filter configurations, improving the system's stability and maintainability, and reducing unnecessary service interruptions for users.

For more details, please refer to the important features section below.


🌟 Detailed Description of Important Features

Below is a detailed description of the key features and improvements in this release:

1. feat: add rag mcp server

Related PR: #2930 | Contributor: @2456868764

Use Case

In modern applications, knowledge management and retrieval have become increasingly important. Many systems require fast and accurate extraction and retrieval of information from large volumes of text data. RAG (Retrieval-Augmented Generation) technology combines retrieval and generation models to effectively enhance the efficiency and accuracy of knowledge management. This PR introduces a Model Context Protocol (MCP) server specifically for knowledge management and retrieval, meeting the needs of users for efficient information processing. The target user group includes enterprises and developers who need to handle large amounts of text data, especially in the fields of natural language processing (NLP) and machine learning.

Feature Details

This PR implements the RAG MCP server, adding multiple functional modules, including knowledge management, chunk management, search, and chat functions. The core features include:

  1. Knowledge Management: Supports creating knowledge blocks from text.
  2. Chunk Management: Provides functionalities for listing and deleting knowledge chunks.
  3. Search: Supports keyword-based search.
  4. Chat Function: Allows users to send chat messages and receive responses. Technically, the server uses several external libraries, such as github.com/dlclark/regexp2, github.com/milvus-io/milvus-sdk-go/v2, and github.com/pkoukk/tiktoken-go, which provide regular expression handling, vector database management, and text encoding functionalities. Key code changes include adding an HTTP client, configuration files, and multiple processing functions to ensure the flexibility and configurability of the system.

Usage Instructions

To enable and configure the RAG MCP server, follow these steps:

  1. Enable the MCP server in the higress-config configuration file and set the corresponding path and configuration items.
  2. Configure the basic parameters of the RAG system, such as splitter type, chunk size, and overlap.
  3. Configure the LLM (Large Language Model) provider and its API key, model name, etc.
  4. Configure the embedding model provider and its API key, model name, etc.
  5. Configure the vector database provider and its connection information. Example configuration:
rag:
  splitter:
    type: "recursive"
    chunk_size: 500
    chunk_overlap: 50
  top_k: 5
  threshold: 0.5
llm:
  provider: "openai"
  api_key: "your-llm-api-key"
  model: "gpt-3.5-turbo"
embedding:
  provider: "openai"
  api_key: "your-embedding-api-key"
  model: "text-embedding-ada-002"
vectordb:
  provider: "milvus"
  host: "localhost"
  port: 19530
  collection: "test_collection"

Notes:

  • Ensure all configuration items are correct, especially API keys and model names.
  • In production environments, it is recommended to adjust parameters such as timeout appropriately to adapt to different network conditions.

Feature Value

The RAG MCP server provides a complete solution for knowledge management and retrieval, enhancing the intelligence and automation of the system. Specific benefits include:

  1. Improved Efficiency: Through integrated knowledge management and retrieval functions, users can quickly process and retrieve large volumes of text data, saving time and resources.
  2. Enhanced Accuracy: Combining RAG technology, the system can more accurately extract and retrieve information, reducing error rates.
  3. Flexible Configuration: Provides rich configuration options, allowing users to flexibly adjust according to actual needs, meeting the requirements of different scenarios.
  4. High Scalability: Supports multiple providers and models, making it easy for users to choose suitable components and technology stacks based on business needs.
  5. Stability Improvement: Through detailed configuration validation and error handling mechanisms, the stability and robustness of the system are ensured.

2. refactor(mcp): use ECDS for golang filter configuration to avoid connection drain

Related PR: #2931 | Contributor: @johnlanni

Use Case

In the current implementation, Golang filter configurations are directly embedded in the HTTP_FILTER patch, which can lead to connection drain when configurations change. The main reason is the inconsistent sorting of Go maps in the map[string]any field, and the listener configuration changes triggered by HTTP_FILTER updates. This issue affects the stability and user experience of the system. The target user group is developers and operations personnel using Higress for service mesh management.

Feature Details

This PR splits the configuration into two parts: HTTP_FILTER only contains filter references with config_discovery, while EXTENSION_CONFIG contains the actual Golang filter configuration. This way, configuration changes do not directly cause connection drain. The specific implementation includes updating the constructMcpSessionStruct and constructMcpServerStruct methods to return formats compatible with EXTENSION_CONFIG and updating unit tests to match the new configuration structure. The core innovation lies in using the ECDS mechanism to separate configurations, making configuration changes smoother.

Usage Instructions

Enabling and configuring this feature does not require any additional operations as it is automatically handled in the background. A typical use case is when configuring Golang filters in Higress; the system will automatically split them into HTTP_FILTER and EXTENSION_CONFIG. Users only need to configure Golang filters as usual. Note that when upgrading to the new version, ensure all related configuration files are updated and thoroughly tested in the production environment to ensure that configuration changes do not introduce other issues.

Feature Value

By separating configurations and using ECDS, this feature eliminates the connection drain problem during configuration changes, significantly improving the system's stability and user experience. Additionally, this design makes configurations easier to manage and maintain, reducing potential issues caused by configuration changes. For large-scale service mesh deployments, this improvement is particularly important as it reduces service interruptions caused by configuration changes, thereby enhancing the overall reliability and availability of the system.


📝 Full Changelog

🚀 New Features (Features)

  • Related PR: #2926
    Contributor: @rinfx
    Change Log: This PR adds support for multimodal, function calls, and thinking in vertex-ai, involving the introduction of a regular expression library and improvements to the processing logic.
    Feature Value: By adding new features, vertex-ai can better support application needs in complex scenarios, such as multimodal data processing and more flexible function call methods, enhancing the system's flexibility and practicality.

  • Related PR: #2917
    Contributor: @Aias00
    Change Log: This PR adds support for Fireworks AI, expanding the functionality of the AI agent plugin, including the addition of necessary configuration files and test code.
    Feature Value: Adding support for Fireworks AI allows users to leverage the AI features provided by the platform, broadening the range of AI services that applications can integrate with, and enhancing the user experience.

  • Related PR: #2907
    Contributor: @Aias00
    Change Log: This PR upgrades wasm-go to support outputSchema, involving dependency updates for jsonrpc-converter and oidc plugins.
    Feature Value: By supporting outputSchema, the functionality and flexibility of the wasm-go plugin are enhanced, making it easier for users to handle and define output data structures.

  • Related PR: #2897
    Contributor: @rinfx
    Change Log: This PR adds multimodal support and thinking functionality to the ai-proxy bedrock, achieved by extending the relevant code in bedrock.go.
    Feature Value: The added multimodal and thinking support enriches the ai-proxy's feature set, enabling users to utilize more advanced AI technologies for complex scenarios, enhancing the system's flexibility and practicality.

  • Related PR: #2891
    Contributor: @rinfx
    Change Log: This PR adds the ability to configure specific detection services for different consumers in the AI content security plugin, allowing users to customize request and response check rules according to their needs.
    Feature Value: By supporting independent detection services for different consumers, this feature enhances the system's flexibility and security, enabling users to control the content review process more precisely, thus meeting diverse security policy requirements.

  • Related PR: #2883
    Contributor: @Aias00
    Change Log: This PR adds support for Meituan Longcat, including integration with the Longcat platform and related unit tests.
    Feature Value: Adding support for Meituan Longcat expands the plugin's functionality, allowing users to leverage more AI service providers' technologies, enhancing the flexibility and diversity of the application.

  • Related PR: #2867
    Contributor: @Aias00
    Change Log: This PR adds support for Gzip configuration and updates the default settings. By adding gzip options in the Helm configuration file, users can customize compression parameters to optimize response performance.
    Feature Value: Adding support for Gzip configuration allows users to adjust the compression level of HTTP responses according to their needs, helping to reduce the amount of transmitted data, speed up page loading, and improve the user experience.

  • Related PR: #2844
    Contributor: @Aias00
    Change Log: This PR enhances the consistent hashing algorithm for load balancing by supporting useSourceIp, modifying the relevant Go code files, and adding an example configuration file.
    Feature Value: The newly added useSourceIp option allows users to perform consistent hash load balancing based on source IP addresses, which helps to improve the stability and reliability of services under specific network conditions.

  • Related PR: #2843
    Contributor: @erasernoob
    Change Log: This PR adds NVIDIA Triton server support to the AI agent plugin, including related configuration instructions and code implementation.
    Feature Value: Adding support for the Triton server expands the AI agent plugin's feature set, allowing users to leverage high-performance machine learning inference services.

  • Related PR: #2806
    Contributor: @C-zhaozhou
    Change Log: This PR makes ai-security-guard compatible with the MultiModalGuard interface, adding support for multimodal APIs and updating the relevant documentation.
    Feature Value: By supporting multimodal APIs, the functionality of ai-security-guard is enhanced, enabling it to handle more complex content security scenarios, improving the user experience and security.

  • Related PR: #2727
    Contributor: @Aias00
    Change Log: This PR adds end-to-end testing support for OpenAI, including test cases for non-streaming and streaming requests.
    Feature Value: The added end-to-end testing for OpenAI ensures the system remains stable and accurate when handling different types of requests, improving the user experience.

  • Related PR: #2593
    Contributor: @Xscaperrr
    Change Log: Adds the WorkloadSelector field to limit the scope of EnvoyFilter, ensuring that it does not affect other components in the same namespace in an open-source istio environment.
    Feature Value: By limiting EnvoyFilter to only apply to the Higress Gateway, this feature prevents interference with other istio gateways/sidecars in the environment, enhancing the security and isolation of the configuration.

🐛 Bug Fixes (Bug Fixes)

  • Related PR: #2938
    Contributor: @wydream
    Change Log: This PR fixes the issue where prompt attack detection fails due to the lack of AttackLevel field support in MultiModalGuard mode, ensuring that all levels of attacks are correctly identified.
    Feature Value: By adding support for the AttackLevel field, the system's security is improved, preventing high-risk-level prompt attacks from going undetected, ensuring user experience and security.

  • Related PR: #2904
    Contributor: @johnlanni
    Change Log: This PR fixes the issue where the original Authorization header might be overwritten when processing HTTP requests. By unconditionally saving and checking for non-empty before writing to the context, it ensures the accuracy and security of authentication information.
    Feature Value: This fix improves the system's security and stability, preventing potential authentication failures or security vulnerabilities due to lost authentication information, enhancing user experience and trust.

  • Related PR: #2899
    Contributor: @Jing-ze
    Change Log: This PR optimizes the MCP server, including pre-parsing the host pattern to reduce runtime overhead and removing the unused DomainList field. It also fixes the SSE message format issue, particularly the handling of extra newline characters.
    Feature Value: By improving pattern matching efficiency and memory usage, as well as correcting errors in SSE messages, the user experience and service stability are enhanced, ensuring the correctness and integrity of data transmission.

  • Related PR: #2892
    Contributor: @johnlanni
    Change Log: This PR corrects the JSON unmarshalling error when Claude API returns content in array format and removes redundant code structures, improving code quality and maintainability.
    Feature Value: This resolves the message parsing failure due to incorrect data types, enhancing the system's stability and user experience. For users using array as the content format, this fix ensures a smooth message processing flow.

  • Related PR: #2882
    Contributor: @johnlanni
    Change Log: This PR addresses the SSE event chunking issue in Claude's streaming response conversion logic, improving protocol auto-conversion and tool invocation state tracking.
    Feature Value: It enhances the bidirectional conversion reliability between Claude and OpenAI-compatible providers, avoiding connection blocking, and enhancing the user experience.

  • Related PR: #2865
    Contributor: @Thomas-Eliot
    Change Log: This PR solves the issue where SSE connections would be blocked when SSE events were split into multiple chunks. By adding a caching mechanism in the proxy mcp server scenario, it ensures the continuity of data stream processing.
    Feature Value: This fix resolves the potential issue of SSE connection interruption, enhancing the system's stability and user experience. Users will no longer encounter incomplete data reception due to network conditions or server response methods.

  • Related PR: #2859
    Contributor: @lcfang
    Change Log: This PR solves the issue of route configuration failure when the registered service instance ports are inconsistent by adding a vport element in the mcpbridge. The main changes include updating the CRD definition, protobuf files, and related generated code.
    Feature Value: This feature ensures that even if the backend instance ports change, the service route configuration remains valid, thereby improving the system's stability and compatibility, providing a more reliable service experience for users.

♻️ Refactoring and Optimization (Refactoring)

  • Related PR: #2933
    Contributor: @rinfx
    Change Log: This PR removes duplicate think tags in bedrock and vertex, reducing redundant code and improving code readability and maintainability.
    Feature Value: By removing unnecessary duplicate code, the overall quality and development efficiency of the project are improved, making the code structure clearer and easier to maintain and extend.

  • Related PR: #2927
    Contributor: @rinfx
    Change Log: This PR modifies the API name extraction logic in the ai-statistics plugin, adjusting the check condition from a fixed length of 5 to at least 3 parts to enhance flexibility and compatibility.
    Feature Value: By relaxing the restriction on API string splitting, the system's support for different format API strings is enhanced, improving the system's adaptability and stability.

  • Related PR: #2922
    Contributor: @daixijun
    Change Log: This PR upgrades the Higress SDK package reference in the project from github.com/alibaba/higress to github.com/alibaba/higress/v2 to be compatible with the latest version.
    Feature Value: By updating the package name, the project can introduce and use the latest features and improvements of Higress, enhancing development efficiency and code quality.

  • Related PR: #2890
    Contributor: @johnlanni
    Change Log: This PR refactors the matchDomain function, introduces the HostMatcher struct and matching types, replaces regular expressions with simple string operations to improve performance, and implements port stripping logic.
    Feature Value: By optimizing the host matching logic, the system performance and code maintainability are improved, making the handling of host headers with port numbers more accurate and efficient, enhancing the user experience.

📚 Documentation Updates (Documentation)

  • Related PR: #2915
    Contributor: @a6d9a6m
    Change Log: This PR fixes a broken link in README_JP.md and adds missing parts in README.md, making the multilingual documentation more consistent.
    Feature Value: This improves the accuracy and consistency of the documentation, helping users find relevant information more easily, enhancing the user experience.

  • Related PR: #2912
    Contributor: @hanxiantao
    Change Log: This PR optimizes the English and Chinese documentation for the hmac-auth-apisix plugin, adding more detailed configuration explanations, and improving the clarity of the documentation.
    Feature Value: By providing more detailed documentation, it helps developers better understand and use the hmac-auth-apisix plugin, improving the user experience.

  • Related PR: #2880
    Contributor: @a6d9a6m
    Change Log: This PR fixes grammatical errors in README.md, README_JP.md, and README_ZH.md files, ensuring the correctness and consistency of the documentation.
    Feature Value: By correcting language errors in the documentation, the quality and readability of the documentation are improved, helping users better understand project information.

  • Related PR: #2873
    Contributor: @CH3CHO
    Change Log: This PR adds methods to obtain Higress runtime logs and configurations in the non-crash-safe vulnerability issue template, helping to better investigate problems.
    Feature Value: By providing more detailed log and configuration information, users can more easily diagnose and resolve issues, improving the efficiency and accuracy of problem handling.

🧪 Testing Improvements (Testing)

  • Related PR: #2928
    Contributor: @rinfx
    Change Log: This PR updates the test code for the ai-security-guard component, adding new test cases and adjusting some existing test logic.
    Feature Value: By improving the test coverage and accuracy of ai-security-guard, the stability and reliability of the entire project are enhanced, helping developers better understand and maintain related features.

📊 Release Statistics

  • 🚀 New Features: 13
  • 🐛 Bug Fixes: 7
  • ♻️ Refactoring and Optimization: 5
  • 📚 Documentation Updates: 4
  • 🧪 Testing Improvements: 1

Total: 30 changes (including 2 major updates)

Thank you to all contributors for your hard work! 🎉

Higress Console

📋 Overview of This Release

This release includes 4 updates, covering aspects such as feature enhancements, bug fixes, and performance optimizations.

Update Content Distribution

  • New Features: 1 item
  • Bug Fixes: 2 items
  • Documentation Updates: 1 item

⭐ Key Focus

This release contains 1 significant update, which is recommended for special attention:

  • feat: Support using a known service in OpenAI LLM provider (#589): This feature allows users to utilize existing service resources within the OpenAI LLM provider, thereby enhancing the flexibility and usability of the system, offering more options to users.

For more details, please refer to the "Important Features in Detail" section below.


🌟 Important Features in Detail

Here are detailed explanations of the important features and improvements in this release:

1. feat: Support using a known service in OpenAI LLM provider

Related PR: #589 | Contributor: @CH3CHO

Usage Background

In many application scenarios, developers may wish to use their own custom OpenAI service instance instead of the default one. This could be due to specific security requirements, performance optimizations, or infrastructure constraints. This PR meets these needs by introducing support for known services. The target user group includes enterprise-level users and technical experts who require highly customized configurations. This feature addresses the issue of users not being able to flexibly choose and configure OpenAI services, improving the adaptability and user experience of the system.

Feature Details

This PR mainly implements the following:

  1. Allows users to specify a custom service when configuring the OpenAI LLM provider.
  2. Modifies the OpenaiLlmProviderHandler class, adding the buildServiceSource and buildUpstreamService methods to handle the logic for custom services.
  3. Adds a delete method with an internal parameter to the WasmPluginInstanceService interface, supporting finer-grained control.
  4. Updates the frontend internationalization resource files, adding prompts related to custom services. The key technical point lies in extending the existing architecture so that the system can recognize and use user-provided custom services while maintaining backward compatibility.

Usage Instructions

Enabling and configuring this feature is straightforward. First, when creating or updating an LLM provider, select the "Custom OpenAI Service" option and enter the corresponding service host and service path. Then, the system will automatically use these custom configurations to connect to the OpenAI service. Typical use cases include internally deployed OpenAI service instances within enterprises or environments requiring specific security policies. It's important to ensure that the entered URL is valid and that the service host and service path are correct. Best practice involves thorough testing to ensure that the custom configuration works as expected.

Feature Value

This new feature significantly enhances the flexibility and configurability of the system, allowing users to choose the most suitable OpenAI service based on their needs. For enterprise-level users who require high levels of customization, this flexibility is particularly crucial. Additionally, by supporting custom services, the system can better integrate into existing infrastructures, improving overall stability and performance. This is of great significance for maintaining and scaling large application systems. Overall, this feature not only enhances the user experience but also brings higher scalability and reliability to the system.


📝 Full Changelog

🐛 Bug Fixes

  • Related PR: #591
    Contributor: @CH3CHO
    Change Log: This PR fixes the issue where mandatory fields were not properly validated when enabling route rewrite configuration, ensuring that both host and newPath.path must provide valid values to avoid configuration errors.
    Feature Value: By correcting the validation logic for route rewrites, it prevents potential errors caused by incomplete configurations, enhancing the system's stability and user experience.

  • Related PR: #590
    Contributor: @CH3CHO
    Change Log: Fixed an error in the Route.customLabels handling logic, ensuring that built-in labels are correctly excluded during updates.
    Feature Value: Resolved the conflict between custom labels and built-in labels, ensuring flexibility and accuracy for users when updating route settings.

📚 Documentation

  • Related PR: #595
    Contributor: @CH3CHO
    Change Log: Removed irrelevant descriptions from README.md and added a code formatting guide, making the documentation more focused on the project itself.
    Feature Value: By updating README.md, users can more clearly understand the project structure and code formatting requirements, helping new contributors get up to speed quickly.

📊 Release Statistics

  • 🚀 New Features: 1 item
  • 🐛 Bug Fixes: 2 items
  • 📚 Documentation Updates: 1 item

Total: 4 changes (including 1 significant update)

Thank you to all contributors for their hard work! 🎉

New Contributors

Full Changelog: https://github.com/alibaba/higress/compare/v2.1.7...v2.1.8