Bot releases are hidden (Show)
Published by NATS-CI over 2 years ago
JSConsumerDeliveryNakAdvisory
when a message is nak'ed. Thanks to @Coffeeri for the contribution (#3074)408 Request Canceled
) instead of sending a 409 Exceeded MaxWaiting
to the new request (#3099)/healthz
behavior (#3080)https://github.com/nats-io/nats-server/compare/v2.8.1...v2.8.2
Published by NATS-CI over 2 years ago
crypto/ssh
that the server is not using, the vulnerability does not impact the NATS Server. Thank you to @pgvishnuram for the contribution (#3065)https://github.com/nats-io/nats-server/compare/v2.8.0...v2.8.1
Published by NATS-CI over 2 years ago
min_version
in the leafnodes{}
that would reject servers with a lower version. Note that this would work only for servers that are v2.8.0 and above (#3013)/healthz
endpoint when failure occurs. Thanks to @samuel-form3 for the contribution (#2976)/varz
endpoint (#2996)healthz
endpoint (#2927)unique_tag
option in jetstream{}
configuration block to prevent placing a stream in the same availability zone twice (#3011)Alternates
field in StreamInfo
response. They provide a priority list of mirrors and the source in relation to where the request originated (#3023)authorization{}
and accounts{}
blocks are now detected and will fail the start of the server. Thanks to @smlx for the report (#2943)/jsz
monitoring endpoint is sent from the leader only (#2932, #2983, #2984)$SYS
folder could also being seen as growing in size. Thanks to @phho and @MilkyWay-core for the reports (#2973)reserved_memory
and/or reserved_storage
in the jetstream{}
block of the /varz
endpoint could show incorrect huge number due to a unint64
underflow (#2907)verify_and_map
in the tls{}
block would prevent inspecting the monitoring page when using the secure https
port. Thanks to @rsoberano-ld for the report (#2981)/jsz
endpoint (#3029)authorization{}
and accounts{}
. Thanks to @smlx for the report (#2943)$JS.ACK
prefix) (#3026)https://github.com/nats-io/nats-server/compare/v2.7.4...v2.8.0
Published by NATS-CI over 2 years ago
We use Goreleaser to build our assets, and it seems that it changed the default install from /usr/local/bin
to /usr/bin
. See Goreleaser's change here. We are sorry for the inconvenience this may cause.
$SYS
. Thanks to @nayanparegi and @aksdb for the reports (#2899, #2914)https://github.com/nats-io/nats-server/compare/v2.7.3...v2.7.4
Published by NATS-CI over 2 years ago
github.com/klauspost/compress
: v1.13.4 -> v1.14.4github.com/minio/highwayhash
: v1.0.1 -> v1.0.2PING
possibly sent prior to the CONNECT
protocol. Also, the server accepting a connection was not starting the authentication timer, which responsibility is to close the connection if the CONNECT
protocol is not received within the gateway's authentication timeout. It can be configured with authorization{ timeout: 5.0 }
in the gateway{}
block, but if not set will default to 2 seconds. Thanks to @jimenj1970 for the report (#2881)https://github.com/nats-io/nats-server/compare/v2.7.2...v2.7.3
Published by NATS-CI over 2 years ago
StreamInfo
responses. The request needs to include a subjects_filter:<subject>
for the server to include the list. The StreamInfo
structure now has NumSubjects
that will always be set, but optionally Subjects
which contains the list of distincts subjects present in the stream with the count of messages per subject (#2833)AllowNewAccounts
and function NewAccountsAllowed()
have been removed. Note that the option could only be set for applications embedding the NATS Server since configuration parsing was not parsing this option (#2840)MaxMsgsPerSubject
is set along with DiscardNew
discard policy. Unless the stream is reaching a limit, old messages will be removed on a per-subject basis (#2831)no_wait:true
without expiration was not considering redeliveries (#2832)BackOff
redeliveries would always use the first delay from the list if the consumer's sequence was not matching the stream sequence (#2834)https://github.com/nats-io/nats-server/compare/v2.7.1...v2.7.2
Published by NATS-CI over 2 years ago
Nak
'ing a message (#2812)jsz
endpoint. Thanks to @mattstep for the contribution (#2791)/healthz
endpoint which will return 200 with {status: ok}
if and only if all configured ports are opened and, if JetStream is configured, there is contact with the meta leader and is current and all streams are up to date, otherwise returns 503 with { "status": "unavailable", "error": "DESCRIPTION" }
body (#2815)system_account
(#2811)https://github.com/nats-io/nats-server/compare/v2.7.0...v2.7.1
Published by NATS-CI almost 3 years ago
See important note if using LeafNode regarding domains.
max_connections
, max_subscriptions
, max_payload
, max_leafnodes
) in server configuration file (#2755)MaxRequestBatch
to limit the batch size any client can requestMaxRequestExpires
to limit the expiration any client can requestInactiveThreshold
duration that instructs the server to cleanup ephemeral consumers that are inactive for that longmax_file_store
and max_memory_store
in the jetstream{}
block as strings with the following suffixes K
, M
, G
and T
, for instance: max_file_store: "256M"
. Thanks to @hooksie1 for the contribution (#2777)MaxBytesRequired
, which defines a per-account maximum bytes for assets (#2779)/mqtt
to the URL path. Thanks to @Etran-H for the suggestion (#2735)connection_rate_limit: <number of connections per seconds>
in the tls{}
top-level block. Thanks to @julius-welink for the contribution (#2573)X-Forwarded-For
header. Thanks to @byazrail for the suggestion (#2734, #2769)WorkQueue
retention policy) could have its first/last sequences reset to 0 after a non-clean server restart, causing pull subscriptions to fail getting newly published messages (#2753)/jsz
endpoint. Thanks to @rh2048 for the report (#2743)verify_and_map
to true
, if a connection connects with a certificate with an ID matching an existing user, but that user's allowed_connection_types
is specified and does not have the type of the connection trying to connect, the server would panic (#2747)no_auth_user
should be done only when no authentication at all is provided by the connection (#2744)https://github.com/nats-io/nats-server/compare/v2.6.6...v2.7.0
Published by NATS-CI almost 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
LEAFNODE_WS
in allowed_connection_types
to allow or prevent Leafnode over websocket. Previously, if allowed_connection_types
was specified and contained LEAFNODE
, this user could be used to create a Leafnode connection over websocket. The existing WEBSOCKET
connection type is used for regular client applications (#2707)allowed_connection_types
, it was not possible to restrict a Leafnode connection over websocket (#2707)https://github.com/nats-io/nats-server/compare/v2.6.5...v2.6.6
Published by NATS-CI almost 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
AlwaysEnableNonce
to force the server to send a nonce in the INFO block, regardless if the client connects with a NKey or not. Since its primarily useful to embedded scenarios there is no corresponding option in configuration file (#2696, #2699)https://github.com/nats-io/nats-server/compare/v2.6.4...v2.6.5
Published by NATS-CI almost 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
https://github.com/nats-io/nats-server/compare/v2.6.3...v2.6.4
Published by NATS-CI almost 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
/varz
endpoint may still show gateway URLs of servers that have been removed from the remote cluster (#2647)/varz
endpoint would not show the configured URLs of a remote gateway block if that remote gateway was the one of the server being inspected (#2653)https://github.com/nats-io/nats-server/compare/v2.6.2...v2.6.3
Published by NATS-CI about 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
HeadersOnly
consumer configuration (#2596)NumPending
value (#2616)NSURLSession WebSocket
. Thanks to @byazrail for the report (#2613)https://github.com/nats-io/nats-server/compare/v2.6.1...v2.6.2
Published by NATS-CI about 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
https://github.com/nats-io/nats-server/compare/v2.6.0...v2.6.1
Published by NATS-CI about 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See important note if upgrading from a version prior to v2.5.0
.
/jsz
and /varz
endpoints (#2539, #2555)systemd
service. Thanks to @c0deaddict for the contribution (#2318)token
is specified in cluster{authorization{}}
or gateway{authorization{}}
. Routes and Gateways have never supported token
authentication, however, it was silently ignored. Thanks to @antong for the report (#2518)token
specified in cluster{}
or gateway{}
's authorization{}
blocks. Authentication token were never supported there but the misconfiguration was silently ignored. Thanks to @antong for the report (#2518)https://github.com/nats-io/nats-server/compare/v2.6.0...v2.5.0
Published by NATS-CI about 3 years ago
Notice for JetStream Users
See important note if upgrading from a version prior to v2.4.0
.
Notice for MQTT Users
See note in the Improved
and Changed
section.
MQTTClient
in the /connz
connections report and system events CONNECT and DISCONNECT. Ability to select on mqtt_client
. Thanks to @carr123 and @imranrazakhan for the suggestions (#2507)Nats-Expected-Last-Subject-Sequence
header with a value of 0
now means that the server will reject the store command if there were messages on this subject (#2506)$MQTT_sess_<xxxx>
streams to a new $MQTT_sess
stream for the user's account (#2501)408
status when pull request expires. This has no visible impact for users, but library implementers may want to be aware of it (#2482)AckNone
consumers in clustered mode (#2499)SIGTERM
on Windows platform (#2481)x509: certificate signed by unknown authority
errors. Thanks to @Ryner51, @ronaldslc for the report (#2483)https://github.com/nats-io/nats-server/compare/v2.4.0...v2.5.0
Published by NATS-CI about 3 years ago
Notice for JetStream Users
With the latest release of the NATS server we have fixed bugs around queue subscriptions and have restricted undesired behavior that could be confusing or introduce data loss by unintended/undefined behavior of client applications. If you are using queue subscriptions on a JetStream Push Consumer or have created multiple push subscriptions on the same consumer, you may be affected and need to upgrade your client version along with the server version. We’ve detailed the behavior with different client versions below.
With a NATS Server prior to v2.4.0 and client libraries prior to these versions: NATS C client v3.1.0, Go client v1.12.0, Java client 2.12.0-SNAPSHOT, NATS.js v2.2.0, NATS.ws v1.3.0, NATS.deno v1.2.0, NATS .NET 0.14.0-pre2:
If above client libraries are not updated to the latest but the NATS server is upgraded to v2.4.0:
PushBound
in the consumer information object set by the server), this mis-behavior is still possible.DeliverGroup
in the consumer configuration, which won’t be set for existing JetStream consumers and by the older libraries, and detects interest (and starts delivering) only when a subscription on the deliver subject for a queue subscription matching the “deliver group” name is found. Since the JetStream consumer is thought to be a non-deliver-group consumer, the opposite happens: the server detects an core NATS queue subscription on the “deliver subject”, therefore does not trigger delivery on the JetStream consumer’s “deliver subject”.The 2 other issues are still present because those checks are done in the updated libraries.
If the above client libraries are update to the latest version, but the NATS Server is still to version prior to v2.4.0 (that is, up to v2.3.4):
PushBound
boolean set by the server, therefore will not be able to alert the user that they are trying to create multiple subscription instances for the same JetStream consumer.DeliverGroup
field. The error will be likely to the effect that the user tries to create a queue subscription to a non-queue JetStream consumer. Note that if the application creates a queue subscription for a non-yet created JetStream consumer, then this call will succeed, however, adding new members or restarting the application with the now existing JetStream consumer will fail.For completeness, using the latest client libraries and NATS Server v2.4.0:
DeliverGroup
field will be set by the library or need to be provided when creating the consumer externally.Note that if the server v2.4.0 recovers existing JetStream consumers that were created prior to v2.4.0 (and with older libraries), none of them will have a DeliverGroup
, so none of them can be used for queue subscriptions. They will have to be recreated.
PubAck
protocol (#2432, #2434)PushBound
boolean in ConsumerInfo
to indicate that a push consumer is already bound to an active subscription (#2438)DeliverGroup
string in ConsumerConfig
to specify which deliver group (or queue group name) the consumer is created for (#2438)connz
information (#2437)resolver_pinned_accounts
to ensure user are signed by certain accounts (#2461)ConsumerInfo
's Delivered
and AckFloor
are now SequenceInfo
instead of SequencePair
. SequenceInfo
contains Last
which represents the last active time (in UTC) (#2462)DeliverGroup
(#2438)max_msgs_per_subject
defaults to 0, but should be -1 (#2426)max_waiting
value and a deliver subject was returning the wrong error message (#2427)max_ack_pending
when AckExplicit
or AckAll
(#2428)wss://
scheme but no tls{}
configuration block would be attempted as non TLS connection, resulting on an "invalid websocket connection" in the log of the server attempting to create the remote connection (#2442)https://github.com/nats-io/nats-server/compare/v2.3.4...v2.4.0
Published by NATS-CI about 3 years ago
max_payload
that is set higher than max_pending
since no message would be able to be delivered to subscriptions. The server will also warn if the value is set above 8MB (and may enforce this limit in the future) (#2407, #2413)max_msgs_per_subject
set, if a consumer had deliver_last_per_subject
set, the initial pending would be 1 higher than it actually was (#2412)https://github.com/nats-io/nats-server/compare/v2.3.3...v2.3.4
Published by NATS-CI about 3 years ago
ReloadOptions
API to support configuration reload without use of configuration file for embedded cases. Thanks to @taigrr for the contribution (#2341)Kind
and ClientType
to account CONNECT/DISCONNECT events. Thanks to @mullerch for the report (#2351)Description
property (#2377)DeliverLastPerSubject
delivery policy (#2381, #2390)Authorization Violation
error instead of a i/o timeout
error when credentials of an account has not yet been pushed to the account server (#2365)NumPending
may be stuck at 1 (#2357)https://github.com/nats-io/nats-server/compare/v2.3.2...v2.3.3
Published by NATS-CI over 3 years ago
https://github.com/nats-io/nats-server/compare/v2.3.1...v2.3.2