Changes since v1.10.0

• Tag to digest minimum TLS version was reverted back to 1.2. (https://github.com/knative/serving/pull/13963, @dprotaso)
  • Higher TLS versions can be configured using the controller environment variable TAG_TO_DIGEST_TLS_MIN_VERSION and supports values "1.2" and "1.3"

Changes since v1.9

Note: some container image registries support only TLS v1.2 (quay.io) so we reverted the change min TLS 1.3 change in v1.10.1 and made it configurable

🚨 Breaking or Notable

• Container-freezer has been sunset in Knative v1.10. (#13830, @psschwei)
• Controller uses TLS 1.3 as the minimum version when communicating with image registries for tag to digest resolution (#13886, @izabelacg)

💫 New Features & Changes

• Adds support for downwardAPI sources in projected volumes on Knative Services (#13896, @KauzClay)
• Controllers now have liveness and readiness probes (#13563, @skonto)
• With enabling internal-encryption, activator pods needed to be restarted when certificates are updated. The restart is not necessary anymore. (#13854, @nak3)
• ImagePullSecrets with references to unknown service accounts won't error out anymore but fail silently like Kubernetes. (#13701, @Bisht13)

🐞Bug Fixes

• Fixes issue where certificates would not get renewed when using auto-tls. (#13666, @KauzClay)
• Fix queue proxy not draining connections on shutdown (https://github.com/knative/serving/pull/13815, @dprotaso)

Dependencies

• cloud.google.com/go/asset: v1.5.0
• cloud.google.com/go/iam: v0.3.0
• cloud.google.com/go/security: v1.5.0
• github.com/Azure/go-ansiterm: d185dfc
• github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.13.6
• github.com/buger/jsonparser: v1.1.1
• github.com/flowstack/go-jsonschema: v0.1.1
• github.com/googleapis/enterprise-certificate-proxy: v0.1.0
• github.com/googleapis/go-type-adapters: v1.0.0
• github.com/moby/term: 9d4ed18
• github.com/morikuni/aec: v1.0.0

• cloud.google.com/go/compute: v1.5.0 → v1.10.0
• cloud.google.com/go/pubsub: v1.5.0 → v1.3.1
• cloud.google.com/go/storage: v1.18.2 → v1.22.1
• cloud.google.com/go: v0.100.2 → v0.102.1
• github.com/Azure/azure-sdk-for-go: v62.0.0+incompatible → v67.0.0+incompatible
• github.com/Azure/go-autorest/autorest/adal: v0.9.20 → v0.9.21
• github.com/Azure/go-autorest/autorest/azure/cli: v0.4.5 → v0.4.6
• github.com/Azure/go-autorest/autorest: v0.11.27 → v0.11.28
• github.com/BurntSushi/toml: v0.4.1 → v0.3.1
• github.com/Microsoft/go-winio: v0.5.2 → v0.6.0
• github.com/aws/aws-sdk-go-v2/config: v1.14.0 → v1.17.8
• github.com/aws/aws-sdk-go-v2/credentials: v1.9.0 → v1.12.21
• github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.11.0 → v1.12.17
• github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.5 → v1.1.23
• github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.3.0 → v2.4.17
• github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.6 → v1.3.24
• github.com/aws/aws-sdk-go-v2/service/ecr: v1.15.0 → v1.17.18
• github.com/aws/aws-sdk-go-v2/service/ecrpublic: v1.12.0 → v1.13.17
• github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.8.0 → v1.9.17
• github.com/aws/aws-sdk-go-v2/service/sso: v1.10.0 → v1.11.23
• github.com/aws/aws-sdk-go-v2/service/sts: v1.15.0 → v1.16.19
• github.com/aws/aws-sdk-go-v2: v1.14.0 → v1.16.16
• github.com/aws/smithy-go: v1.11.0 → v1.13.3
• github.com/awslabs/amazon-ecr-credential-helper/ecr-login: 396b203 → a250ad2
• github.com/chrismellard/docker-credential-acr-env: fe33c00 → e883f69
• github.com/containerd/stargz-snapshotter/estargz: v0.11.1 → v0.12.1
• github.com/cpuguy83/go-md2man/v2: v2.0.1 → v2.0.2
• github.com/danieljoos/wincred: v1.1.0 → v1.1.2
• github.com/docker/cli: v20.10.12+incompatible → v20.10.20+incompatible
• github.com/docker/distribution: v2.8.0+incompatible → v2.8.1+incompatible
• github.com/docker/docker-credential-helpers: v0.6.4 → v0.7.0
• github.com/docker/docker: v20.10.12+incompatible → v20.10.20+incompatible
• github.com/docker/go-units: v0.4.0 → v0.5.0
• github.com/emicklei/go-restful/v3: v3.8.0 → v3.9.0
• github.com/fsnotify/fsnotify: v1.5.1 → v1.4.9
• github.com/getkin/kin-openapi: v0.76.0 → v0.61.0
• github.com/go-openapi/jsonreference: v0.19.5 → v0.20.0
• github.com/go-openapi/swag: v0.19.15 → v0.22.3
• github.com/golang-jwt/jwt/v4: v4.3.0 → v4.4.2
• github.com/golangci/lint-1: 297bf36 → d2cdd8c
• github.com/google/gnostic: v0.5.7-v3refs → v0.6.9
• github.com/google/go-cmp: v0.5.8 → v0.5.9
• github.com/google/go-containerregistry/pkg/authn/k8schain: 570ba6c → 3624968
• github.com/google/go-containerregistry/pkg/authn/kubernetes: 892d7a8 → 3624968
• github.com/google/go-containerregistry: 892d7a8 → v0.13.0
• github.com/googleapis/gax-go/v2: v2.1.1 → v2.4.0
• github.com/gregjones/httpcache: 901d907 → 9cad4c3
• github.com/inconshreveable/mousetrap: v1.0.0 → v1.0.1
• github.com/kisielk/errcheck: v1.6.0 → v1.5.0
• github.com/klauspost/compress: v1.14.4 → v1.15.11
• github.com/magiconair/properties: v1.8.5 → v1.8.4
• github.com/mattn/go-colorable: v0.1.11 → v0.1.8
• github.com/mattn/go-isatty: v0.0.14 → v0.0.12
• github.com/mitchellh/mapstructure: v1.4.2 → v1.4.1
• github.com/opencontainers/image-spec: 8b9d41f → v1.1.0-rc2
• github.com/pelletier/go-toml: v1.9.4 → v1.8.1
• github.com/rogpeppe/go-internal: v1.6.2 → v1.3.0
• github.com/sirupsen/logrus: v1.8.1 → v1.9.0
• github.com/spf13/afero: v1.6.0 → v1.4.1
• github.com/spf13/cast: v1.4.1 → v1.3.1
• github.com/spf13/cobra: v1.4.0 → v1.6.0
• github.com/spf13/viper: v1.9.0 → v1.7.1
• github.com/stretchr/objx: v0.1.1 → v0.4.0
• golang.org/x/crypto: 3147a52 → v0.1.0
• golang.org/x/exp: e8c3332 → 6cc2880
• golang.org/x/mod: 86c51ed → v0.6.0
• golang.org/x/net: a158d28 → v0.7.0
• golang.org/x/oauth2: ee48083 → v0.1.0
• golang.org/x/sync: 886fb93 → v0.1.0
• golang.org/x/sys: 8c9f86f → v0.5.0
• golang.org/x/term: 03fcf44 → v0.5.0
• golang.org/x/text: v0.3.7 → v0.7.0
• golang.org/x/time: 0e9765c → v0.1.0
• golang.org/x/xerrors: 5ec99f8 → 65e6541
• google.golang.org/api: v0.70.0 → v0.96.0
• google.golang.org/genproto: c8bf987 → 7fd63a7
• google.golang.org/grpc: v1.47.0 → v1.48.0
• google.golang.org/protobuf: v1.28.0 → v1.28.1
• gopkg.in/ini.v1: v1.63.2 → v1.62.0
• honnef.co/go/tools: v0.2.1 → v0.0.1-2020.1.4
• k8s.io/kube-openapi: 67bda5d → 172d655
• knative.dev/caching: 7a31fde → 05a86ad
• knative.dev/control-protocol: cffe208 → d9cda76
• knative.dev/hack: c7cfcb0 → f591fea
• knative.dev/networking: db2bcbe → e5d04e8
• knative.dev/pkg: 247510c → dfad48e
• knative.dev/reconciler-test: 894bc70 → 6c21623

• 4d63.com/gochecknoglobals: v0.1.0
• bitbucket.org/creachadair/shell: v0.0.6
• cloud.google.com/go/firestore: v1.6.0
• cloud.google.com/go/spanner: v1.7.0
• contrib.go.opencensus.io/exporter/stackdriver: v0.13.4
• github.com/Antonboom/errname: v0.1.5
• github.com/Antonboom/nilnil: v0.1.0
• github.com/Djarvur/go-err113: aea10b5
• github.com/Masterminds/goutils: v1.1.0
• github.com/Masterminds/semver: v1.5.0
• github.com/Masterminds/sprig: v2.22.0+incompatible
• github.com/OpenPeeDeeP/depguard: v1.0.1
• github.com/StackExchange/wmi: v1.2.1
• github.com/alexkohler/prealloc: v1.0.0
• github.com/andybalholm/brotli: v1.0.3
• github.com/aokoli/goutils: v1.0.1
• github.com/armon/circbuf: bbbad09
• github.com/armon/consul-api: eb2c6b5
• github.com/armon/go-metrics: f0300d1
• github.com/armon/go-radix: v1.0.0
• github.com/ashanbrown/forbidigo: v1.2.0
• github.com/ashanbrown/makezero: b626158
• github.com/aws/aws-sdk-go: v1.36.30
• github.com/bgentry/speakeasy: v0.1.0
• github.com/bketelsen/crypt: v0.0.4
• github.com/bkielbasa/cyclop: v1.2.0
• github.com/blizzy78/varnamelen: v0.3.0
• github.com/bombsimon/wsl/v3: v3.3.0
• github.com/breml/bidichk: v0.1.1
• github.com/butuzov/ireturn: v0.1.1
• github.com/charithe/durationcheck: v0.0.9
• github.com/chavacava/garif: e8a0a40
• github.com/cockroachdb/datadriven: 80d97fb
• github.com/containerd/containerd: v1.6.0
• github.com/coreos/bbolt: v1.3.2
• github.com/coreos/etcd: v3.3.13+incompatible
• github.com/coreos/go-etcd: v2.0.0+incompatible
• github.com/coreos/go-systemd: e64a0ec
• github.com/coreos/pkg: 399ea9e
• github.com/cpuguy83/go-md2man: v1.0.10
• github.com/daixiang0/gci: v0.2.9
• github.com/denis-tingajkin/go-header: v0.4.2
• github.com/dgryski/go-sip13: e10d5fe
• github.com/esimonov/ifshort: v1.0.3
• github.com/ettle/strcase: v0.1.1
• github.com/fatih/color: v1.13.0
• github.com/fatih/structtag: v1.2.0
• github.com/fullstorydev/grpcurl: v1.6.0
• github.com/fzipp/gocyclo: v0.3.1
• github.com/go-critic/go-critic: v0.6.1
• github.com/go-ole/go-ole: v1.2.6
• github.com/go-redis/redis: v6.15.8+incompatible
• github.com/go-sql-driver/mysql: v1.5.0
• github.com/go-toolsmith/astcast: v1.0.0
• github.com/go-toolsmith/astcopy: v1.0.0
• github.com/go-toolsmith/astequal: v1.0.1
• github.com/go-toolsmith/astfmt: v1.0.0
• github.com/go-toolsmith/astinfo: 9809ff7
• github.com/go-toolsmith/astp: v1.0.0
• github.com/go-toolsmith/pkgload: v1.0.0
• github.com/go-toolsmith/strparse: v1.0.0
• github.com/go-toolsmith/typep: v1.0.2
• github.com/go-xmlfmt/xmlfmt: d5b6f63
• github.com/gobwas/glob: v0.2.3
• github.com/godbus/dbus/v5: v5.0.4
• github.com/gofrs/flock: v0.8.1
• github.com/golangci/check: cfe4005
• github.com/golangci/dupl: 3e9179a
• github.com/golangci/go-misc: 927a3d8
• github.com/golangci/gofmt: 244bba7
• github.com/golangci/golangci-lint: v1.43.0
• github.com/golangci/maligned: b1d8939
• github.com/golangci/misspell: v0.3.5
• github.com/golangci/revgrep: c22e500
• github.com/golangci/unconvert: 28b1c44
• github.com/google/certificate-transparency-go: v1.1.1
• github.com/google/trillian: v1.3.11
• github.com/googleapis/gnostic: v0.5.5
• github.com/gookit/color: v1.4.2
• github.com/gopherjs/gopherjs: 0766667
• github.com/gordonklaus/ineffassign: 2e10b26
• github.com/gorhill/cronexpr: 88b0669
• github.com/gostaticanalysis/analysisutil: v0.7.1
• github.com/gostaticanalysis/comment: v1.4.2
• github.com/gostaticanalysis/forcetypeassert: 01d4955
• github.com/gostaticanalysis/nilerr: v0.1.1
• github.com/gostaticanalysis/testutil: v0.4.0
• github.com/hashicorp/consul/api: v1.10.1
• github.com/hashicorp/consul/sdk: v0.8.0
• github.com/hashicorp/errwrap: v1.0.0
• github.com/hashicorp/go-cleanhttp: v0.5.1
• github.com/hashicorp/go-hclog: v0.12.0
• github.com/hashicorp/go-immutable-radix: v1.0.0
• github.com/hashicorp/go-msgpack: v0.5.3
• github.com/hashicorp/go-multierror: v1.1.1
• github.com/hashicorp/go-rootcerts: v1.0.2
• github.com/hashicorp/go-sockaddr: v1.0.0
• github.com/hashicorp/go-syslog: v1.0.0
• github.com/hashicorp/go-version: v1.2.1
• github.com/hashicorp/go.net: v0.0.1
• github.com/hashicorp/logutils: v1.0.0
• github.com/hashicorp/mdns: v1.0.1
• github.com/hashicorp/memberlist: v0.2.2
• github.com/hashicorp/serf: v0.9.5
• github.com/huandu/xstrings: v1.2.0
• github.com/jgautheron/goconst: v1.5.1
• github.com/jhump/protoreflect: v1.6.1
• github.com/jingyugao/rowserrcheck: v1.1.1
• github.com/jirfag/go-printf-func-name: 7558a9e
• github.com/jmoiron/sqlx: v1.2.0
• github.com/josharian/txtarfs: 0702f00
• github.com/jtolds/gls: v4.20.0+incompatible
• github.com/juju/ratelimit: v1.0.1
• github.com/julz/importas: 841f0c0
• github.com/k0kubun/colorstring: 9440f19
• github.com/kr/fs: v0.1.0
• github.com/kulti/thelper: v0.4.0
• github.com/kunwardeep/paralleltest: v1.0.3
• github.com/kylelemons/godebug: v1.1.0
• github.com/kyoh86/exportloopref: v0.1.8
• github.com/ldez/gomoddirectives: v0.2.2
• github.com/ldez/tagliatelle: v0.2.0
• github.com/letsencrypt/pkcs11key/v4: v4.0.0
• github.com/lib/pq: v1.10.3
• github.com/logrusorgru/aurora: a7b3b31
• github.com/lufia/plan9stats: 39d0f17
• github.com/maratori/testpackage: v1.0.1
• github.com/matoous/godox: 6504466
• github.com/matryer/is: v1.4.0
• github.com/mattn/go-runewidth: v0.0.9
• github.com/mattn/go-sqlite3: v1.9.0
• github.com/mattn/goveralls: v0.0.2
• github.com/mbilski/exhaustivestruct: v1.2.0
• github.com/mgechev/dots: e955255
• github.com/mgechev/revive: v1.1.2
• github.com/miekg/pkcs11: v1.0.3
• github.com/mitchellh/cli: v1.1.0
• github.com/mitchellh/copystructure: v1.0.0
• github.com/mitchellh/go-ps: v1.0.0
• github.com/mitchellh/go-testing-interface: v1.0.0
• github.com/mitchellh/gox: v0.4.0
• github.com/mitchellh/iochan: v1.0.0
• github.com/mitchellh/reflectwalk: v1.0.1
• github.com/mohae/deepcopy: c48cc78
• github.com/moricho/tparallel: v0.2.1
• github.com/mozilla/scribe: fb71baf
• github.com/mozilla/tls-observatory: 7bc4285
• github.com/mwitkow/go-proto-validators: v0.2.0
• github.com/nakabonne/nestif: v0.3.1
• github.com/nbutton23/zxcvbn-go: fa2cb28
• github.com/nishanths/exhaustive: v0.2.3
• github.com/nishanths/predeclared: v0.2.1
• github.com/oklog/ulid: v1.3.1
• github.com/olekukonko/tablewriter: v0.0.5
• github.com/opentracing/opentracing-go: v1.1.0
• github.com/otiai10/copy: v1.2.0
• github.com/otiai10/curr: v1.0.0
• github.com/otiai10/mint: v1.3.1
• github.com/pascaldekloe/goe: 57f6aae
• github.com/pborman/uuid: v1.2.0
• github.com/phayes/checkstyle: bfd46e6
• github.com/pkg/sftp: v1.10.1
• github.com/polyfloyd/go-errorlint: 910bb79
• github.com/posener/complete: v1.2.3
• github.com/prometheus/tsdb: v0.7.1
• github.com/pseudomuto/protoc-gen-doc: v1.3.2
• github.com/pseudomuto/protokit: v0.2.0
• github.com/quasilyte/go-consistent: c6f3937
• github.com/quasilyte/go-ruleguard/dsl: v0.3.10
• github.com/quasilyte/go-ruleguard/rules: 545e0d2
• github.com/quasilyte/go-ruleguard: v0.3.13
• github.com/quasilyte/regex/syntax: 30656e2
• github.com/rs/cors: v1.7.0
• github.com/ryancurrah/gomodguard: v1.2.3
• github.com/ryanrolds/sqlclosecheck: v0.3.0
• github.com/ryanuber/columnize: 9b3edd6
• github.com/sagikazarmark/crypt: v0.1.0
• github.com/sanposhiho/wastedassign/v2: v2.0.6
• github.com/sean-/seed: e2103e2
• github.com/securego/gosec/v2: v2.9.1
• github.com/sergi/go-diff: v1.1.0
• github.com/shazow/go-diff: b6b7b67
• github.com/shirou/gopsutil/v3: v3.21.10
• github.com/shurcooL/go-goon: 37c2f52
• github.com/shurcooL/go: 9e1955d
• github.com/sivchari/tenv: v1.4.7
• github.com/smartystreets/assertions: b2de0cb
• github.com/smartystreets/goconvey: v1.6.4
• github.com/sonatard/noctx: v0.0.1
• github.com/sourcegraph/go-diff: v0.6.1
• github.com/ssgreg/nlreturn/v2: v2.2.1
• github.com/sylvia7788/contextcheck: v1.0.4
• github.com/tdakkota/asciicheck: e657995
• github.com/tenntenn/modver: v1.0.1
• github.com/tenntenn/text/transform: 7eef512
• github.com/tetafro/godot: v1.4.11
• github.com/timakin/bodyclose: cb62158
• github.com/tklauser/go-sysconf: v0.3.9
• github.com/tklauser/numcpus: v0.3.0
• github.com/tomarrell/wrapcheck/v2: v2.4.0
• github.com/tomasen/realip: f0c99a9
• github.com/tommy-muehle/go-mnd/v2: v2.4.0
• github.com/ugorji/go/codec: d75b2dc
• github.com/ugorji/go: v1.1.4
• github.com/ultraware/funlen: v0.0.3
• github.com/ultraware/whitespace: v0.0.4
• github.com/uudashr/gocognit: v1.0.5
• github.com/valyala/fasthttp: v1.30.0
• github.com/valyala/quicktemplate: v1.7.0
• github.com/valyala/tcplisten: v1.0.0
• github.com/viki-org/dnscache: c70c1f2
• github.com/xo/terminfo: ca9a967
• github.com/xordataexchange/crypt: b2862e3
• github.com/yeya24/promlinter: v0.1.0
• github.com/yudai/gojsondiff: v1.0.0
• github.com/yudai/golcs: ecda9a5
• github.com/yudai/pp: v2.0.1+incompatible
• go.etcd.io/etcd: e048e16
• go.mozilla.org/mozlog: 4bb1313
• go.uber.org/tools: 2cfd321
• gopkg.in/cheggaaa/pb.v1: v1.0.28
• gopkg.in/gcfg.v1: v1.2.3
• gopkg.in/resty.v1: v1.12.0
• gopkg.in/warnings.v0: v0.1.2
• mvdan.cc/gofumpt: v0.1.1
• mvdan.cc/interfacer: c200402
• mvdan.cc/lint: adc824a
• mvdan.cc/unparam: aac4ce9

Changes since 1.8.5

• Queue Proxy now performs a graceful shutdown (https://github.com/knative/serving/pull/13836, @dprotaso)

Changes since 1.9.2

• Our queue proxy shutdown now performs a graceful shutdown (https://github.com/knative/serving/pull/13829, @dprotaso)

🚨 Notable

• Min K8s Version is v1.24+ - see our release schedule for EOL dates

Changes since 1.8.4

Rebuilt with go1.19.6 to address CVEs

• https://github.com/golang/go/issues?q=milestone%3AGo1.19.6+label%3ACherryPickApproved

Changes since 1.9.1

Rebuilt with go1.19.6 to address CVEs

• https://github.com/golang/go/issues?q=milestone%3AGo1.19.6+label%3ACherryPickApproved

🚨 Notable

• Min K8s Version is v1.24+ - see our release schedule for EOL dates

tags: Release Notes Serving

Changes since 1.8.3

Bumped dependencies to address CVEs

• https://pkg.go.dev/vuln/GO-2023-1571
• https://pkg.go.dev/vuln/GO-2023-1495
• https://pkg.go.dev/vuln/GO-2022-1144

Changes since 1.8.2

• Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU

Changes since 1.8.1

• Bump apiVersion of the webhook's HorizontalPodAutoscaler to autoscaling/v2 (https://github.com/knative/serving/pull/13521, @psschwei)

Changes since 1.8.0

• Upgrade HPA webhook to autoscaling/v2 API version (#13411, @psschwei)
• We reverted #13376 - SettingSeccompProfile to RunTimeDefault on the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.
  • See gVisor/GKE issue (https://github.com/google/gvisor/issues/8248, https://issuetracker.google.com/issues/260968397) to allow this value
• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changelog since 1.7

🚨 Breaking or Notable

• Uses the cluster domain suffix svc.cluster.local as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei)
• Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
• Services may now set seccompProfile in SecurityContext to allow users to comply with the restricted Pod Security Standards best-practice (#13401, @evankanderson)
• Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
• Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)

💫 New Features & Changes

• Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
• EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
• Save data from perf tests to create a dashboard. (#13192, @nader-ziada)

Bug or Regression

• Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
• ConfigMap config-defaults property revision-response-start-timeout-seconds now defaults to revision-timeout-seconds. This should unblock upgrades who set revision-timeout-seconds lower than the default value of 300 (#13255, @dprotaso)
• Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)

Dependencies

• github.com/armon/go-socks5: e753329
• github.com/cyberdelia/templates: ca7fffd
• github.com/deepmap/oapi-codegen: v1.8.2
• github.com/emicklei/go-restful/v3: v3.8.0
• github.com/go-chi/chi/v5: v5.0.0
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/influxdata/influxdb-client-go/v2: v2.9.0
• github.com/influxdata/line-protocol: 2487e72
• github.com/labstack/echo/v4: v4.2.1
• github.com/labstack/gommon: v0.3.0
• github.com/matryer/moq: 6cfb055
• github.com/onsi/ginkgo/v2: v2.1.6
• github.com/valyala/fasttemplate: v1.2.1

• github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
• github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
• github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
• github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
• github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
• github.com/cockroachdb/datadriven: bf6692d → 80d97fb
• github.com/creack/pty: v1.1.11 → v1.1.9
• github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/cel-go: v0.9.0 → v0.12.5
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/onsi/gomega: v1.16.0 → v1.20.1
• github.com/prometheus/client_golang: v1.11.1 → v1.12.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.8.0
• github.com/yuin/goldmark: v1.4.1 → v1.4.13
• go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 3147a52
• golang.org/x/mod: v0.5.1 → 86c51ed
• golang.org/x/net: 27dd868 → a158d28
• golang.org/x/sys: 4e6760a → 8c9f86f
• golang.org/x/tools: v0.1.9 → v0.1.12
• google.golang.org/genproto: 1ac2ace → c8bf987
• google.golang.org/grpc: v1.44.0 → v1.47.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.9 → v0.25.2
• k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
• k8s.io/apimachinery: v0.23.9 → v0.25.2
• k8s.io/apiserver: v0.23.9 → v0.25.2
• k8s.io/client-go: v0.23.9 → v0.25.2
• k8s.io/code-generator: v0.23.9 → v0.25.2
• k8s.io/component-base: v0.23.9 → v0.25.2
• k8s.io/kube-openapi: 4241196 → 67bda5d
• k8s.io/utils: 3a6ce19 → ee6ede2
• knative.dev/caching: 9df7bb7 → ce26e92
• knative.dev/control-protocol: f18dbde → 3e2f878
• knative.dev/hack: 8d1e4cc → 3fdc50b
• knative.dev/networking: e51df7c → 58f3e62
• knative.dev/pkg: 4a03844 → 714b763
• knative.dev/reconciler-test: 177f826 → 090970c
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
• sigs.k8s.io/json: 9f7c6b3 → f223a00
• sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3

• github.com/Azure/go-ansiterm: d185dfc
• github.com/blang/semver: v3.5.1+incompatible
• github.com/certifi/gocertifi: 2c3bb06
• github.com/cockroachdb/errors: v1.2.4
• github.com/cockroachdb/logtags: eb05cc2
• github.com/coreos/go-oidc: v2.1.0+incompatible
• github.com/emicklei/go-restful: v2.9.5+incompatible
• github.com/getsentry/raven-go: v0.2.0
• github.com/go-logr/zapr: v1.2.0
• github.com/google/cel-spec: v0.6.0
• github.com/moby/term: 9d4ed18
• github.com/pquerna/cachecontrol: 0dec1b3
• go.opentelemetry.io/otel/oteltest: v0.20.0
• gopkg.in/square/go-jose.v2: v2.2.2

Changes since 1.9.0

Bumped dependencies to address CVEs

• https://pkg.go.dev/vuln/GO-2023-1571
• https://pkg.go.dev/vuln/GO-2023-1495
• https://pkg.go.dev/vuln/GO-2022-1144

🚨 Notable

• Min K8s Version is v1.24+ - see our release schedule for EOL dates

Release notes for Serving 1.9

tags: Release Notes Serving

Changelog since 1.8

🚨 Breaking or Notable

• Min K8s Version is v1.24+ - see our release schedule for EOL dates

💫 New Features & Changes

• Knative will now warn (but not error) when creating or updating a PodSpec
  where containers have additional privilege due to unset SecurityContext values.
  Explicitly setting these values to any setting, including high-privilege ones,
  will disable this warning.

  These fields are:

  • runAsNonRoot (empty means false)
  • allowPrivilegeEscalation (empty means true)
  • seccompProfile.type (empty string means Unconfined)
  • capabilities.drop (default maintains privileges, use ALL to drop unneeded linux capabilities) (#13399, @evankanderson)

• Adds the secure-pod-defaults feature, which is defaulted to Disabled in
  this release.

  When enabled, containers described by users will have best-practice
  SecurityContext features enabled unless insecure settings are specifically
  requested. (#13398, @evankanderson)

• Work around for cert-manager not allowing us to create certs for 64+ bytes name ksvc (#13569, @KauzClay)

• Autoscaler now runs a single leader election go routine (#13585, @dprotaso)

Small fixes

• Add app label to Service selector for webhook and domainmapping-webhook. (#13265, @a7i)
• Upgrade tests now stream logs from user and system namespace. The logs are printed on failure. (#13587, @mgencur)

Bug or Regression

• Changes to Pod or Revision-level defaults during Knative upgrades will no longer be attempted (and failed) when supplying your own Revision name. (#13565, @evankanderson)

Dependencies

Added

Nothing has changed.

Changed

• go.uber.org/goleak: v1.1.12 → v1.2.0
• k8s.io/api: v0.25.2 → v0.25.4
• k8s.io/apiextensions-apiserver: v0.25.2 → v0.25.4
• k8s.io/apimachinery: v0.25.2 → v0.25.4
• k8s.io/apiserver: v0.25.2 → v0.25.4
• k8s.io/client-go: v0.25.2 → v0.25.4
• k8s.io/code-generator: v0.25.2 → v0.25.4
• k8s.io/component-base: v0.25.2 → v0.25.4
• k8s.io/gengo: 397b4ae → fad74ee
• k8s.io/klog/v2: 0990e81 → 9ae4992
• k8s.io/utils: ee6ede2 → 8e77b1f
• knative.dev/caching: ce26e92 → 7a31fde
• knative.dev/control-protocol: 3e2f878 → cffe208
• knative.dev/hack: 3fdc50b → c7cfcb0
• knative.dev/networking: 58f3e62 → db2bcbe
• knative.dev/pkg: b78020c → 247510c
• knative.dev/reconciler-test: 090970c → 894bc70
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.32 → v0.0.33

Removed

Nothing has changed.

tags: Release Notes Serving

Changes since 1.8.2

• Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU

Changes since 1.8.1

• Bump apiVersion of the webhook's HorizontalPodAutoscaler to autoscaling/v2 (https://github.com/knative/serving/pull/13521, @psschwei)

Changes since 1.8.0

• Upgrade HPA webhook to autoscaling/v2 API version (#13411, @psschwei)
• We reverted #13376 - SettingSeccompProfile to RunTimeDefault on the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.
  • See gVisor/GKE issue (https://github.com/google/gvisor/issues/8248, https://issuetracker.google.com/issues/260968397) to allow this value
• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changelog since 1.7

🚨 Breaking or Notable

• Uses the cluster domain suffix svc.cluster.local as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei)
• Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
• Services may now set seccompProfile in SecurityContext to allow users to comply with the restricted Pod Security Standards best-practice (#13401, @evankanderson)
• Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
• Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)

💫 New Features & Changes

• Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
• EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
• Save data from perf tests to create a dashboard. (#13192, @nader-ziada)

Bug or Regression

• Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
• ConfigMap config-defaults property revision-response-start-timeout-seconds now defaults to revision-timeout-seconds. This should unblock upgrades who set revision-timeout-seconds lower than the default value of 300 (#13255, @dprotaso)
• Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)

Dependencies

• github.com/armon/go-socks5: e753329
• github.com/cyberdelia/templates: ca7fffd
• github.com/deepmap/oapi-codegen: v1.8.2
• github.com/emicklei/go-restful/v3: v3.8.0
• github.com/go-chi/chi/v5: v5.0.0
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/influxdata/influxdb-client-go/v2: v2.9.0
• github.com/influxdata/line-protocol: 2487e72
• github.com/labstack/echo/v4: v4.2.1
• github.com/labstack/gommon: v0.3.0
• github.com/matryer/moq: 6cfb055
• github.com/onsi/ginkgo/v2: v2.1.6
• github.com/valyala/fasttemplate: v1.2.1

• github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
• github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
• github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
• github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
• github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
• github.com/cockroachdb/datadriven: bf6692d → 80d97fb
• github.com/creack/pty: v1.1.11 → v1.1.9
• github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/cel-go: v0.9.0 → v0.12.5
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/onsi/gomega: v1.16.0 → v1.20.1
• github.com/prometheus/client_golang: v1.11.1 → v1.12.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.8.0
• github.com/yuin/goldmark: v1.4.1 → v1.4.13
• go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 3147a52
• golang.org/x/mod: v0.5.1 → 86c51ed
• golang.org/x/net: 27dd868 → a158d28
• golang.org/x/sys: 4e6760a → 8c9f86f
• golang.org/x/tools: v0.1.9 → v0.1.12
• google.golang.org/genproto: 1ac2ace → c8bf987
• google.golang.org/grpc: v1.44.0 → v1.47.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.9 → v0.25.2
• k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
• k8s.io/apimachinery: v0.23.9 → v0.25.2
• k8s.io/apiserver: v0.23.9 → v0.25.2
• k8s.io/client-go: v0.23.9 → v0.25.2
• k8s.io/code-generator: v0.23.9 → v0.25.2
• k8s.io/component-base: v0.23.9 → v0.25.2
• k8s.io/kube-openapi: 4241196 → 67bda5d
• k8s.io/utils: 3a6ce19 → ee6ede2
• knative.dev/caching: 9df7bb7 → ce26e92
• knative.dev/control-protocol: f18dbde → 3e2f878
• knative.dev/hack: 8d1e4cc → 3fdc50b
• knative.dev/networking: e51df7c → 58f3e62
• knative.dev/pkg: 4a03844 → 714b763
• knative.dev/reconciler-test: 177f826 → 090970c
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
• sigs.k8s.io/json: 9f7c6b3 → f223a00
• sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3

• github.com/Azure/go-ansiterm: d185dfc
• github.com/blang/semver: v3.5.1+incompatible
• github.com/certifi/gocertifi: 2c3bb06
• github.com/cockroachdb/errors: v1.2.4
• github.com/cockroachdb/logtags: eb05cc2
• github.com/coreos/go-oidc: v2.1.0+incompatible
• github.com/emicklei/go-restful: v2.9.5+incompatible
• github.com/getsentry/raven-go: v0.2.0
• github.com/go-logr/zapr: v1.2.0
• github.com/google/cel-spec: v0.6.0
• github.com/moby/term: 9d4ed18
• github.com/pquerna/cachecontrol: 0dec1b3
• go.opentelemetry.io/otel/oteltest: v0.20.0
• gopkg.in/square/go-jose.v2: v2.2.2

Changes since 1.7.3

• Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU

Changes since 1.7.2

• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changes since 1.6

🚨 Notable

Prior RevisionSpec.TimeoutSeconds would cause a request to timeout if the user container returned no response in the allotted time. This would allow for apps to return some data and then remain open forever indefinitely. This prior behaviour was not conformant to the Knative Serving API specification.

In this release we've fixed this behaviour and provided additional knobs to allow users greater control of various timings.

• Revision timeouts now has three knobs for users to control (#12970, @nader-ziada)
  • TimeoutSeconds represents the max duration a request can take
  • ResponseStartTimeoutSeconds is the timeout allowed before a request starts responding
  • IdleTimeoutSeconds is the max duration a request can remain open without getting any data.

💫 New Features & Changes

• Adds a autoscaling.knative.dev/activation-scale annotation that allows the user to set a minimum number of replicas when not scaled to zero. Note that the initial target scale for a revision is still handled by initial-scale; activation-scale will only apply on subsequent scales from zero. (#13161, @psschwei)

🐞Bug Fixes

• Allow upgrades if you revision-timeout-seconds in the ConfigMap config-defaults is configured below 300 (@dprotaso)
• Readiness probes no longer fail if the user container is restarted (due to a liveness probe failure) (#13229, @dprotaso)

🧹 Cleanup

• Building Knative Serving requires go v1.18 (#13169, @psschwei)
• Build commit SHA is no longer under kodata in our containers it is now embedded in the binary since we build with go1.18. Use go version -m [binary] to get the same information (#13130, @dprotaso)

Dependencies

Nothing has changed.

• golang.org/x/sync: 036812b → 886fb93
• k8s.io/api: v0.23.8 → v0.23.9
• k8s.io/apiextensions-apiserver: v0.23.8 → v0.23.9
• k8s.io/apimachinery: v0.23.8 → v0.23.9
• k8s.io/apiserver: v0.23.8 → v0.23.9
• k8s.io/client-go: v0.23.8 → v0.23.9
• k8s.io/code-generator: v0.23.8 → v0.23.9
• k8s.io/component-base: v0.23.8 → v0.23.9
• k8s.io/gengo: 4627b89 → 397b4ae
• k8s.io/klog/v2: 43cc75f → 0990e81
• knative.dev/caching: 9c3c19f → 9df7bb7
• knative.dev/control-protocol: 827b25d → f18dbde
• knative.dev/hack: 65c463a → 8d1e4cc
• knative.dev/networking: f087178 → e51df7c
• knative.dev/pkg: e60d250 → 4a03844
• knative.dev/reconciler-test: f05db88 → 177f826

Nothing has changed.

Changes since 1.6.2

• Rebuilt with go1.19.4 - see CVE details https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU

Changes since 1.6.1

• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)

Changes since 1.5

Features

• API conformance no longer checks for scaling to zero in the presence of runtime probes (#13025, @mattmoor)
• CRD schemas have been updated and x-kubernetes-preserve-unknown-fields is now only specified for attributes behind feature flags (#13095, @dprotaso)
• HTTPRedirect feature is marked as stable. (#13084, @nak3)
• Our webhooks no longer reject unknown fields since they're pruned by the K8s API server (#13111, @dprotaso)
• Remove internal Prometheus stat reporter from queue-proxy (#12961, @nader-ziada)

Dependencies

• github.com/cloudevents/sdk-go/v2: v2.4.1
• knative.dev/control-protocol: 827b25d
• knative.dev/reconciler-test: f05db88

• gopkg.in/yaml.v3: 496545a → v3.0.1
• k8s.io/api: v0.23.5 → v0.23.8
• k8s.io/apiextensions-apiserver: v0.23.4 → v0.23.8
• k8s.io/apimachinery: v0.23.5 → v0.23.8
• k8s.io/apiserver: v0.23.4 → v0.23.8
• k8s.io/client-go: v0.23.5 → v0.23.8
• k8s.io/code-generator: v0.23.5 → v0.23.8
• k8s.io/component-base: v0.23.4 → v0.23.8
• knative.dev/caching: c7b5b7d → 9c3c19f
• knative.dev/hack: 12d3e2a → 65c463a
• knative.dev/networking: 22d1b93 → f087178
• knative.dev/pkg: 19adf79 → e60d250
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.27 → v0.0.30

Nothing has changed.

tags: Release Notes Serving

Changes since 1.8.1

• Bump apiVersion of the webhook's HorizontalPodAutoscaler to autoscaling/v2 (https://github.com/knative/serving/pull/13521, @psschwei)

Changes since 1.8.0

• Upgrade HPA webhook to autoscaling/v2 API version (#13411, @psschwei)
• We reverted #13376 - SettingSeccompProfile to RunTimeDefault on the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.
  • See gVisor/GKE issue (https://github.com/google/gvisor/issues/8248, https://issuetracker.google.com/issues/260968397) to allow this value
• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changelog since 1.7

🚨 Breaking or Notable

• Uses the cluster domain suffix svc.cluster.local as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei)
• Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
• Services may now set seccompProfile in SecurityContext to allow users to comply with the restricted Pod Security Standards best-practice (#13401, @evankanderson)
• Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
• Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)

💫 New Features & Changes

• Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
• EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
• Save data from perf tests to create a dashboard. (#13192, @nader-ziada)

Bug or Regression

• Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
• ConfigMap config-defaults property revision-response-start-timeout-seconds now defaults to revision-timeout-seconds. This should unblock upgrades who set revision-timeout-seconds lower than the default value of 300 (#13255, @dprotaso)
• Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)

Dependencies

• github.com/armon/go-socks5: e753329
• github.com/cyberdelia/templates: ca7fffd
• github.com/deepmap/oapi-codegen: v1.8.2
• github.com/emicklei/go-restful/v3: v3.8.0
• github.com/go-chi/chi/v5: v5.0.0
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/influxdata/influxdb-client-go/v2: v2.9.0
• github.com/influxdata/line-protocol: 2487e72
• github.com/labstack/echo/v4: v4.2.1
• github.com/labstack/gommon: v0.3.0
• github.com/matryer/moq: 6cfb055
• github.com/onsi/ginkgo/v2: v2.1.6
• github.com/valyala/fasttemplate: v1.2.1

• github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
• github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
• github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
• github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
• github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
• github.com/cockroachdb/datadriven: bf6692d → 80d97fb
• github.com/creack/pty: v1.1.11 → v1.1.9
• github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/cel-go: v0.9.0 → v0.12.5
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/onsi/gomega: v1.16.0 → v1.20.1
• github.com/prometheus/client_golang: v1.11.1 → v1.12.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.8.0
• github.com/yuin/goldmark: v1.4.1 → v1.4.13
• go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 3147a52
• golang.org/x/mod: v0.5.1 → 86c51ed
• golang.org/x/net: 27dd868 → a158d28
• golang.org/x/sys: 4e6760a → 8c9f86f
• golang.org/x/tools: v0.1.9 → v0.1.12
• google.golang.org/genproto: 1ac2ace → c8bf987
• google.golang.org/grpc: v1.44.0 → v1.47.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.9 → v0.25.2
• k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
• k8s.io/apimachinery: v0.23.9 → v0.25.2
• k8s.io/apiserver: v0.23.9 → v0.25.2
• k8s.io/client-go: v0.23.9 → v0.25.2
• k8s.io/code-generator: v0.23.9 → v0.25.2
• k8s.io/component-base: v0.23.9 → v0.25.2
• k8s.io/kube-openapi: 4241196 → 67bda5d
• k8s.io/utils: 3a6ce19 → ee6ede2
• knative.dev/caching: 9df7bb7 → ce26e92
• knative.dev/control-protocol: f18dbde → 3e2f878
• knative.dev/hack: 8d1e4cc → 3fdc50b
• knative.dev/networking: e51df7c → 58f3e62
• knative.dev/pkg: 4a03844 → 714b763
• knative.dev/reconciler-test: 177f826 → 090970c
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
• sigs.k8s.io/json: 9f7c6b3 → f223a00
• sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3

• github.com/Azure/go-ansiterm: d185dfc
• github.com/blang/semver: v3.5.1+incompatible
• github.com/certifi/gocertifi: 2c3bb06
• github.com/cockroachdb/errors: v1.2.4
• github.com/cockroachdb/logtags: eb05cc2
• github.com/coreos/go-oidc: v2.1.0+incompatible
• github.com/emicklei/go-restful: v2.9.5+incompatible
• github.com/getsentry/raven-go: v0.2.0
• github.com/go-logr/zapr: v1.2.0
• github.com/google/cel-spec: v0.6.0
• github.com/moby/term: 9d4ed18
• github.com/pquerna/cachecontrol: 0dec1b3
• go.opentelemetry.io/otel/oteltest: v0.20.0
• gopkg.in/square/go-jose.v2: v2.2.2

Changes since 1.6.1

• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)

Changes since 1.5

Features

• API conformance no longer checks for scaling to zero in the presence of runtime probes (#13025, @mattmoor)
• CRD schemas have been updated and x-kubernetes-preserve-unknown-fields is now only specified for attributes behind feature flags (#13095, @dprotaso)
• HTTPRedirect feature is marked as stable. (#13084, @nak3)
• Our webhooks no longer reject unknown fields since they're pruned by the K8s API server (#13111, @dprotaso)
• Remove internal Prometheus stat reporter from queue-proxy (#12961, @nader-ziada)

Dependencies

• github.com/cloudevents/sdk-go/v2: v2.4.1
• knative.dev/control-protocol: 827b25d
• knative.dev/reconciler-test: f05db88

• gopkg.in/yaml.v3: 496545a → v3.0.1
• k8s.io/api: v0.23.5 → v0.23.8
• k8s.io/apiextensions-apiserver: v0.23.4 → v0.23.8
• k8s.io/apimachinery: v0.23.5 → v0.23.8
• k8s.io/apiserver: v0.23.4 → v0.23.8
• k8s.io/client-go: v0.23.5 → v0.23.8
• k8s.io/code-generator: v0.23.5 → v0.23.8
• k8s.io/component-base: v0.23.4 → v0.23.8
• knative.dev/caching: c7b5b7d → 9c3c19f
• knative.dev/hack: 12d3e2a → 65c463a
• knative.dev/networking: 22d1b93 → f087178
• knative.dev/pkg: 19adf79 → e60d250
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.27 → v0.0.30

Nothing has changed.

Changes since 1.7.2

• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changes since 1.6

🚨 Notable

Prior RevisionSpec.TimeoutSeconds would cause a request to timeout if the user container returned no response in the allotted time. This would allow for apps to return some data and then remain open forever indefinitely. This prior behaviour was not conformant to the Knative Serving API specification.

In this release we've fixed this behaviour and provided additional knobs to allow users greater control of various timings.

• Revision timeouts now has three knobs for users to control (#12970, @nader-ziada)
  • TimeoutSeconds represents the max duration a request can take
  • ResponseStartTimeoutSeconds is the timeout allowed before a request starts responding
  • IdleTimeoutSeconds is the max duration a request can remain open without getting any data.

💫 New Features & Changes

• Adds a autoscaling.knative.dev/activation-scale annotation that allows the user to set a minimum number of replicas when not scaled to zero. Note that the initial target scale for a revision is still handled by initial-scale; activation-scale will only apply on subsequent scales from zero. (#13161, @psschwei)

🐞Bug Fixes

• Allow upgrades if you revision-timeout-seconds in the ConfigMap config-defaults is configured below 300 (@dprotaso)
• Readiness probes no longer fail if the user container is restarted (due to a liveness probe failure) (#13229, @dprotaso)

🧹 Cleanup

• Building Knative Serving requires go v1.18 (#13169, @psschwei)
• Build commit SHA is no longer under kodata in our containers it is now embedded in the binary since we build with go1.18. Use go version -m [binary] to get the same information (#13130, @dprotaso)

Dependencies

Nothing has changed.

• golang.org/x/sync: 036812b → 886fb93
• k8s.io/api: v0.23.8 → v0.23.9
• k8s.io/apiextensions-apiserver: v0.23.8 → v0.23.9
• k8s.io/apimachinery: v0.23.8 → v0.23.9
• k8s.io/apiserver: v0.23.8 → v0.23.9
• k8s.io/client-go: v0.23.8 → v0.23.9
• k8s.io/code-generator: v0.23.8 → v0.23.9
• k8s.io/component-base: v0.23.8 → v0.23.9
• k8s.io/gengo: 4627b89 → 397b4ae
• k8s.io/klog/v2: 43cc75f → 0990e81
• knative.dev/caching: 9c3c19f → 9df7bb7
• knative.dev/control-protocol: 827b25d → f18dbde
• knative.dev/hack: 65c463a → 8d1e4cc
• knative.dev/networking: f087178 → e51df7c
• knative.dev/pkg: e60d250 → 4a03844
• knative.dev/reconciler-test: f05db88 → 177f826

Nothing has changed.

tags: Release Notes Serving

Changes since 1.8.0

• We reverted #13376 - SettingSeccompProfile to RunTimeDefault on the queue-proxy sidecar. This seems to break older OpenShift versions and GKE workloads running on gVisor. We will make this option configurable in the future.
  • See gVisor/GKE issue (https://github.com/google/gvisor/issues/8248, https://issuetracker.google.com/issues/260968397) to allow this value
• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)
• Fix a nil pointer panic in the queue proxy when draining (https://github.com/knative/pkg/pull/2645, @dprotaso)

Changelog since 1.7

🚨 Breaking or Notable

• Uses the cluster domain suffix svc.cluster.local as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei)
• Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
• Services may now set seccompProfile in SecurityContext to allow users to comply with the restricted Pod Security Standards best-practice (#13401, @evankanderson)
• Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
• Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)

💫 New Features & Changes

• Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
• EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
• Save data from perf tests to create a dashboard. (#13192, @nader-ziada)

Bug or Regression

• Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
• ConfigMap config-defaults property revision-response-start-timeout-seconds now defaults to revision-timeout-seconds. This should unblock upgrades who set revision-timeout-seconds lower than the default value of 300 (#13255, @dprotaso)
• Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)

Dependencies

• github.com/armon/go-socks5: e753329
• github.com/cyberdelia/templates: ca7fffd
• github.com/deepmap/oapi-codegen: v1.8.2
• github.com/emicklei/go-restful/v3: v3.8.0
• github.com/go-chi/chi/v5: v5.0.0
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/influxdata/influxdb-client-go/v2: v2.9.0
• github.com/influxdata/line-protocol: 2487e72
• github.com/labstack/echo/v4: v4.2.1
• github.com/labstack/gommon: v0.3.0
• github.com/matryer/moq: 6cfb055
• github.com/onsi/ginkgo/v2: v2.1.6
• github.com/valyala/fasttemplate: v1.2.1

• github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
• github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
• github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
• github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
• github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
• github.com/cockroachdb/datadriven: bf6692d → 80d97fb
• github.com/creack/pty: v1.1.11 → v1.1.9
• github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/cel-go: v0.9.0 → v0.12.5
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/onsi/gomega: v1.16.0 → v1.20.1
• github.com/prometheus/client_golang: v1.11.1 → v1.12.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.8.0
• github.com/yuin/goldmark: v1.4.1 → v1.4.13
• go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 3147a52
• golang.org/x/mod: v0.5.1 → 86c51ed
• golang.org/x/net: 27dd868 → a158d28
• golang.org/x/sys: 4e6760a → 8c9f86f
• golang.org/x/tools: v0.1.9 → v0.1.12
• google.golang.org/genproto: 1ac2ace → c8bf987
• google.golang.org/grpc: v1.44.0 → v1.47.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.9 → v0.25.2
• k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
• k8s.io/apimachinery: v0.23.9 → v0.25.2
• k8s.io/apiserver: v0.23.9 → v0.25.2
• k8s.io/client-go: v0.23.9 → v0.25.2
• k8s.io/code-generator: v0.23.9 → v0.25.2
• k8s.io/component-base: v0.23.9 → v0.25.2
• k8s.io/kube-openapi: 4241196 → 67bda5d
• k8s.io/utils: 3a6ce19 → ee6ede2
• knative.dev/caching: 9df7bb7 → ce26e92
• knative.dev/control-protocol: f18dbde → 3e2f878
• knative.dev/hack: 8d1e4cc → 3fdc50b
• knative.dev/networking: e51df7c → 58f3e62
• knative.dev/pkg: 4a03844 → 714b763
• knative.dev/reconciler-test: 177f826 → 090970c
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
• sigs.k8s.io/json: 9f7c6b3 → f223a00
• sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3

• github.com/Azure/go-ansiterm: d185dfc
• github.com/blang/semver: v3.5.1+incompatible
• github.com/certifi/gocertifi: 2c3bb06
• github.com/cockroachdb/errors: v1.2.4
• github.com/cockroachdb/logtags: eb05cc2
• github.com/coreos/go-oidc: v2.1.0+incompatible
• github.com/emicklei/go-restful: v2.9.5+incompatible
• github.com/getsentry/raven-go: v0.2.0
• github.com/go-logr/zapr: v1.2.0
• github.com/google/cel-spec: v0.6.0
• github.com/moby/term: 9d4ed18
• github.com/pquerna/cachecontrol: 0dec1b3
• go.opentelemetry.io/otel/oteltest: v0.20.0
• gopkg.in/square/go-jose.v2: v2.2.2

Changes since 1.5.0

• Scaling to zero now works when target-burst-capacity is zero. (https://github.com/knative/serving/pull/13503, @dprotaso)

Changes since 1.4

💫 New Features & Changes

• Allows dnsConfig and dnsPolicy to be specified on pod specs when the feature is enabled in the config-features config map. (#12897, @stevenchen-db)
• Enabling the container freezer will disable the readiness probe defaulted in by Knative. (#12967, @psschwei)
• All hops encrypted epic - (alpha) TLS between activator and queue proxy (#12815, @nak3)

🐞 Bug Fixes

• Support for parsing name and namespace in activator from a request when 'Host' header or host name contains a port (#12974, @Mgla96)
• The value of panicRPSM was set as observedStableValue, but it should have been observedPanicValue as part of the metric collection. (#12910, @Nalin28)
• Reduce the chance of 503s when rolling out a new revision (#12842, @dprotaso)

Dependencies

• github.com/miekg/dns: v1.1.35 → v1.1.41
• github.com/prometheus/procfs: v0.6.0 → v0.7.3
• go.uber.org/goleak: 6911603 → v1.1.12
• knative.dev/caching: 8b5c244 → c7b5b7d
• knative.dev/hack: 6ffd841 → 12d3e2a
• knative.dev/networking: 1145ec5 → 22d1b93
• knative.dev/pkg: e325df6 → 19adf79

tags: Release Notes Serving

Changelog since 1.7

🚨 Breaking or Notable

• Uses the cluster domain suffix svc.cluster.local as the default domain. As routes using the cluster domain suffix are not exposed through Ingress, users will need to configure DNS in order to expose their services (most users probably already are). (#13259, @psschwei)
• Upgrade HorizontalPodAutoscaler to autoscaling/v2 API version (#13337, @nader-ziada)
• Services may now set seccompProfile in SecurityContext to allow users to comply with the restricted Pod Security Standards best-practice (#13401, @evankanderson)
• Bump min-version to k8s 1.23, so removing kind 1.22 testing (#13357, @nader-ziada)
• Increase the outbound context deadline in reconcilers to 30s (from 10s) to match the maximum K8s webhook timeout. (#13323, @mattmoor)

💫 New Features & Changes

• Add timeout handling in Activator when processing a request for a revision (#13261, @nader-ziada)
• EmptyDir volumes feature flag is now enabled by default (#13405, @dprotaso)
• Queue proxy explicit set SeccompProfile to RunTimeDefault to be able to run under restricted PSP policy by default. (#13376, @skonto)
• Save data from perf tests to create a dashboard. (#13192, @nader-ziada)

Bug or Regression

• Knative services can now specify securityContext.allowPrivilegeEscalation (#13395, @mattmoor)
• ConfigMap config-defaults property revision-response-start-timeout-seconds now defaults to revision-timeout-seconds. This should unblock upgrades who set revision-timeout-seconds lower than the default value of 300 (#13255, @dprotaso)
• Fix LatestReadyRevision semantics so it only advances forward. When a Revision fails the Configuration & Route will no longer fall back to older revision. The exception is when you rollback to a Revision that is explicitly named. (#13239, @dprotaso)

Dependencies

Added

• github.com/armon/go-socks5: e753329
• github.com/cyberdelia/templates: ca7fffd
• github.com/deepmap/oapi-codegen: v1.8.2
• github.com/emicklei/go-restful/v3: v3.8.0
• github.com/go-chi/chi/v5: v5.0.0
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/influxdata/influxdb-client-go/v2: v2.9.0
• github.com/influxdata/line-protocol: 2487e72
• github.com/labstack/echo/v4: v4.2.1
• github.com/labstack/gommon: v0.3.0
• github.com/matryer/moq: 6cfb055
• github.com/onsi/ginkgo/v2: v2.1.6
• github.com/valyala/fasttemplate: v1.2.1

Changed

• github.com/Azure/go-autorest/autorest/adal: v0.9.18 → v0.9.20
• github.com/Azure/go-autorest/autorest/mocks: v0.4.1 → v0.4.2
• github.com/Azure/go-autorest/autorest: v0.11.24 → v0.11.27
• github.com/antlr/antlr4/runtime/Go/antlr: b48c857 → f25a4f6
• github.com/cloudevents/sdk-go/v2: v2.4.1 → v2.12.0
• github.com/cockroachdb/datadriven: bf6692d → 80d97fb
• github.com/creack/pty: v1.1.11 → v1.1.9
• github.com/envoyproxy/go-control-plane: cf90f65 → 49ff273
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/cel-go: v0.9.0 → v0.12.5
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/onsi/gomega: v1.16.0 → v1.20.1
• github.com/prometheus/client_golang: v1.11.1 → v1.12.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.8.0
• github.com/yuin/goldmark: v1.4.1 → v1.4.13
• go.etcd.io/etcd/api/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.0 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/raft/v3: v3.5.0 → v3.5.4
• go.etcd.io/etcd/server/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 3147a52
• golang.org/x/mod: v0.5.1 → 86c51ed
• golang.org/x/net: 27dd868 → a158d28
• golang.org/x/sys: 4e6760a → 8c9f86f
• golang.org/x/tools: v0.1.9 → v0.1.12
• google.golang.org/genproto: 1ac2ace → c8bf987
• google.golang.org/grpc: v1.44.0 → v1.47.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.9 → v0.25.2
• k8s.io/apiextensions-apiserver: v0.23.9 → v0.25.2
• k8s.io/apimachinery: v0.23.9 → v0.25.2
• k8s.io/apiserver: v0.23.9 → v0.25.2
• k8s.io/client-go: v0.23.9 → v0.25.2
• k8s.io/code-generator: v0.23.9 → v0.25.2
• k8s.io/component-base: v0.23.9 → v0.25.2
• k8s.io/kube-openapi: 4241196 → 67bda5d
• k8s.io/utils: 3a6ce19 → ee6ede2
• knative.dev/caching: 9df7bb7 → ce26e92
• knative.dev/control-protocol: f18dbde → 3e2f878
• knative.dev/hack: 8d1e4cc → 3fdc50b
• knative.dev/networking: e51df7c → 58f3e62
• knative.dev/pkg: 4a03844 → 714b763
• knative.dev/reconciler-test: 177f826 → 090970c
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
• sigs.k8s.io/json: 9f7c6b3 → f223a00
• sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3

Removed

• github.com/Azure/go-ansiterm: d185dfc
• github.com/blang/semver: v3.5.1+incompatible
• github.com/certifi/gocertifi: 2c3bb06
• github.com/cockroachdb/errors: v1.2.4
• github.com/cockroachdb/logtags: eb05cc2
• github.com/coreos/go-oidc: v2.1.0+incompatible
• github.com/emicklei/go-restful: v2.9.5+incompatible
• github.com/getsentry/raven-go: v0.2.0
• github.com/go-logr/zapr: v1.2.0
• github.com/google/cel-spec: v0.6.0
• github.com/moby/term: 9d4ed18
• github.com/pquerna/cachecontrol: 0dec1b3
• go.opentelemetry.io/otel/oteltest: v0.20.0
• gopkg.in/square/go-jose.v2: v2.2.2

Changes by Kind

Features

• API conformance no longer checks for scaling to zero in the presence of runtime probes (#13025, @mattmoor)
• CRD schemas have been updated and x-kubernetes-preserve-unknown-fields is now only specified for attributes behind feature flags (#13095, @dprotaso)
• HTTPRedirect feature is marked as stable. (#13084, @nak3)
• Our webhooks no longer reject unknown fields since they're pruned by the K8s API server (#13111, @dprotaso)
• Remove internal Prometheus stat reporter from queue-proxy (#12961, @nader-ziada)

Dependencies

Added

• github.com/cloudevents/sdk-go/v2: v2.4.1
• knative.dev/control-protocol: 827b25d
• knative.dev/reconciler-test: f05db88

Changed

• gopkg.in/yaml.v3: 496545a → v3.0.1
• k8s.io/api: v0.23.5 → v0.23.8
• k8s.io/apiextensions-apiserver: v0.23.4 → v0.23.8
• k8s.io/apimachinery: v0.23.5 → v0.23.8
• k8s.io/apiserver: v0.23.4 → v0.23.8
• k8s.io/client-go: v0.23.5 → v0.23.8
• k8s.io/code-generator: v0.23.5 → v0.23.8
• k8s.io/component-base: v0.23.4 → v0.23.8
• knative.dev/caching: c7b5b7d → 9c3c19f
• knative.dev/hack: 12d3e2a → 65c463a
• knative.dev/networking: 22d1b93 → f087178
• knative.dev/pkg: 19adf79 → e60d250
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.27 → v0.0.30

Removed

Nothing has changed.

Changes

🚨 Notable

Prior RevisionSpec.TimeoutSeconds would cause a request to timeout if the user container returned no response in the allotted time. This would allow for apps to return some data and then remain open forever indefinitely. This prior behaviour was not conformant to the Knative Serving API specification.

In this release we've fixed this behaviour and provided additional knobs to allow users greater control of various timings.

• Revision timeouts now has three knobs for users to control (#12970, @nader-ziada)
  • TimeoutSeconds represents the max duration a request can take
  • ResponseStartTimeoutSeconds is the timeout allowed before a request starts responding
  • IdleTimeoutSeconds is the max duration a request can remain open without getting any data.

💫 New Features & Changes

• Adds a autoscaling.knative.dev/activation-scale annotation that allows the user to set a minimum number of replicas when not scaled to zero. Note that the initial target scale for a revision is still handled by initial-scale; activation-scale will only apply on subsequent scales from zero. (#13161, @psschwei)

🐞Bug Fixes

• Allow upgrades if you revision-timeout-seconds in the ConfigMap config-defaults is configured below 300 (@dprotaso)
• Readiness probes no longer fail if the user container is restarted (due to a liveness probe failure) (#13229, @dprotaso)

🧹 Cleanup

• Building Knative Serving requires go v1.18 (#13169, @psschwei)
• Build commit SHA is no longer under kodata in our containers it is now embedded in the binary since we build with go1.18. Use go version -m [binary] to get the same information (#13130, @dprotaso)

Dependencies

Added

Nothing has changed.

Changed

• golang.org/x/sync: 036812b → 886fb93
• k8s.io/api: v0.23.8 → v0.23.9
• k8s.io/apiextensions-apiserver: v0.23.8 → v0.23.9
• k8s.io/apimachinery: v0.23.8 → v0.23.9
• k8s.io/apiserver: v0.23.8 → v0.23.9
• k8s.io/client-go: v0.23.8 → v0.23.9
• k8s.io/code-generator: v0.23.8 → v0.23.9
• k8s.io/component-base: v0.23.8 → v0.23.9
• k8s.io/gengo: 4627b89 → 397b4ae
• k8s.io/klog/v2: 43cc75f → 0990e81
• knative.dev/caching: 9c3c19f → 9df7bb7
• knative.dev/control-protocol: 827b25d → f18dbde
• knative.dev/hack: 65c463a → 8d1e4cc
• knative.dev/networking: f087178 → e51df7c
• knative.dev/pkg: e60d250 → 4a03844
• knative.dev/reconciler-test: f05db88 → 177f826

Removed

Nothing has changed.