github higress-group/higress v2.2.3
on GitHub

4 hours ago

Higress

๐Ÿ“‹ Overview of This Release

This release includes 48 updates, covering AI Gateway enhancements, multi-provider LLM protocol compatibility, gateway stability, Gateway API and Helm improvements, test coverage, and release maintenance.

Distribution of Updates

  • New Features: 11 items
  • Bug Fixes: 28 items
  • Documentation Updates: 1 item
  • Testing Improvements: 5 items
  • Release and Dependency Maintenance: 3 items

๐Ÿ“ Full Change Log

๐Ÿš€ New Features (Features)

  • Related PR: #3849
    Contributor: @GHX5T-SOL
    Change Log: Key Auth now supports multiple credentials for a single service.
    Feature Value: Simplifies migration and multi-client access scenarios where more than one key must be managed for the same service.

  • Related PR: #3838
    Contributor: @Betula-L
    Change Log: jwt-auth now supports remote JWKS.
    Feature Value: Makes centralized key management and key rotation easier for JWT-based authentication.

  • Related PR: #3894
    Contributor: @JianweiWang
    Change Log: ai-security-guard adds structured x_higress deny responses, error-path metrics, and AI logging.
    Feature Value: Improves observability and policy feedback for AI content safety enforcement.

  • Related PR: #3898
    Contributor: @zat366
    Change Log: ai-load-balancer adds a cluster_hash load balancing policy based on FNV-1a consistent hashing.
    Feature Value: Provides more stable routing across model backend clusters.

  • Related PR: #3895
    Contributor: @JianweiWang
    Change Log: ai-security-guard adds Embedding API content detection support.
    Feature Value: Extends AI content safety checks beyond chat/completion-style requests.

  • Related PR: #3916
    Contributor: @ponypony0123
    Change Log: model-router adds keepOriginalModelName to preserve the full original model name.
    Feature Value: Helps users keep downstream model identity semantics intact while still applying model routing rules.

  • Related PR: #3979
    Contributor: @EndlessSeeker
    Change Log: Helm now supports skipping IngressClass creation.
    Feature Value: Better supports clusters where IngressClass resources are pre-managed or controlled by platform teams.

  • Related PR: #3981
    Contributor: @EndlessSeeker
    Change Log: GatewayClass isolation is now configurable.
    Feature Value: Gives operators more control over resource boundaries in multi-GatewayClass environments.

  • Related PR: #3943
    Contributor: @zijiren233
    Change Log: Enhanced SSL passthrough support.
    Feature Value: Improves Higress support for TLS passthrough scenarios.

  • Related PR: #3989
    Contributor: @Rand01ph
    Change Log: AI Proxy adds vLLM passthrough support for Anthropic Messages and newer OpenAI endpoints.
    Feature Value: Improves compatibility for users running vLLM behind Higress as an AI gateway.

  • Related PR: #4000
    Contributor: @ponypony0123
    Change Log: Added the ai-context-limit WASM plugin for context window limit enforcement.
    Feature Value: Helps reduce failures and cost risks caused by requests that exceed model context limits.

๐Ÿ› Bug Fixes (Bug Fixes)

  • Related PR: #3864
    Contributor: @Jing-ze
    Change Log: ai-proxy re-anchors X-HI-ORIGINAL-AUTH on the first hop to fix cascaded-gateway 401 responses.
    Feature Value: Restores correct authentication behavior in cascaded gateway deployments.

  • Related PR: #3839
    Contributor: @zat366
    Change Log: ai-proxy uses HasSuffix instead of Contains in Claude API name detection.
    Feature Value: Avoids sub-path misidentification and improves Claude-compatible routing accuracy.

  • Related PR: #3870
    Contributor: @CH3CHO
    Change Log: Fixed descriptions for basePath-related fields in the ai-proxy plugin.
    Feature Value: Makes plugin configuration documentation clearer and less error-prone.

  • Related PR: #3869
    Contributor: @CH3CHO
    Change Log: Fixed test cases in registry/nacos/mcpserver/watcher_test.go.
    Feature Value: Improves reliability of registry and MCP server watcher tests.

  • Related PR: #3860
    Contributor: @Jing-ze
    Change Log: ai-proxy now routes Anthropic Messages natively to Vertex :rawPredict.
    Feature Value: Improves Vertex AI compatibility for Anthropic Messages requests.

  • Related PR: #3851
    Contributor: @JianweiWang
    Change Log: ai-statistics skips empty streaming model values.
    Feature Value: Prevents inaccurate or noisy model statistics for streaming requests.

  • Related PR: #3904
    Contributor: @Jing-ze
    Change Log: ai-proxy strips anthropic-beta and anthropic-version headers in Vertex passthrough mode.
    Feature Value: Avoids incompatible headers when routing Anthropic-style requests through Vertex.

  • Related PR: #3914
    Contributor: @Jing-ze
    Change Log: Bumped oauth2-proxy to fix a nil panic in the OIDC verifier callback.
    Feature Value: Improves OIDC authentication stability.

  • Related PR: #3923
    Contributor: @johnlanni
    Change Log: Removed request-count rebuild triggers in WASM.
    Feature Value: Reduces unnecessary rebuild behavior.

  • Related PR: #3922
    Contributor: @johnlanni
    Change Log: Rebuilds the MCP filter under high memory usage.
    Feature Value: Improves runtime stability under memory pressure.

  • Related PR: #3928
    Contributor: @Jing-ze
    Change Log: Fixed Set-Cookie header corruption during OIDC session refresh.
    Feature Value: Prevents broken sessions during OIDC refresh flows.

  • Related PR: #3964
    Contributor: @EndlessSeeker
    Change Log: Merges InferencePool route configs correctly during HTTPRoute merging.
    Feature Value: Fixes route config loss in Gateway API inference routing scenarios.

  • Related PR: #3971
    Contributor: @EndlessSeeker
    Change Log: Helm disables alpha Gateway API watches by default.
    Feature Value: Reduces default install risk from alpha API watchers.

  • Related PR: #3980
    Contributor: @EndlessSeeker
    Change Log: Sets Gateway status address type by value.
    Feature Value: Fixes Gateway status address reporting.

  • Related PR: #3956
    Contributor: @XinhhD
    Change Log: ai-proxy cleans client Authorization headers for API-key providers.
    Feature Value: Prevents client credentials from leaking into upstream API-key provider requests.

  • Related PR: #3973
    Contributor: @XinhhD
    Change Log: ai-proxy preserves Vertex thoughtSignature values in OpenAI tool calls.
    Feature Value: Improves Vertex tool-call compatibility.

  • Related PR: #3985
    Contributor: @XinhhD
    Change Log: ai-proxy includes tool call type in Claude stream deltas.
    Feature Value: Improves Claude stream compatibility for tool calls.

  • Related PR: #3924
    Contributor: @geekspeng
    Change Log: Helm moves imagePullPolicy from PodSpec to the gateway container level.
    Feature Value: Aligns rendered gateway manifests with Kubernetes container-level image pull policy semantics.

  • Related PR: #3905
    Contributor: @philo-x
    Change Log: Fixed golang-filter architecture mismatch during local gateway builds on arm64 macOS.
    Feature Value: Improves local build reliability on Apple Silicon machines.

  • Related PR: #3998
    Contributor: @yyyCode
    Change Log: Helm uses Chart.Version as the default plugin-server image tag.
    Feature Value: Keeps plugin-server image tag defaults aligned with chart versions.

  • Related PR: #3994
    Contributor: @EndlessSeeker
    Change Log: Preserves Ingress LoadBalancer hostnames.
    Feature Value: Avoids losing hostname-based load balancer addresses in Ingress status.

  • Related PR: #4002
    Contributor: @geekspeng
    Change Log: Helm applies imagePullPolicy to the controller container and promtail sidecar.
    Feature Value: Ensures rendered manifests apply image pull behavior consistently across containers.

  • Related PR: #3988
    Contributor: @enkilee
    Change Log: Fixed several typos.
    Feature Value: Improves repository documentation and code readability.

  • Related PR: #3962
    Contributor: @CH3CHO
    Change Log: ai-cache handles SSE first chunks that only contain a role, fixing #3953.
    Feature Value: Improves AI cache compatibility with streaming responses.

  • Related PR: #3990
    Contributor: @XinhhD
    Change Log: ai-proxy adds IDs for Vertex tool calls.
    Feature Value: Improves downstream tool-call correlation and compatibility.

  • Related PR: #4013
    Contributor: @EndlessSeeker
    Change Log: OIDC now fails closed when the verifier is unavailable.
    Feature Value: Avoids unsafe authentication behavior during verifier failures.

  • Related PR: #4012
    Contributor: @EndlessSeeker
    Change Log: Hardened cluster key rate-limit cookie parsing.
    Feature Value: Improves robustness for cluster-level rate-limit cookie handling.

  • Related PR: #4016
    Contributor: @EndlessSeeker
    Change Log: Reverted "Skip TLS certificate verification for HTTPS upstreams".
    Feature Value: Restores safer TLS verification behavior for HTTPS upstreams.

๐Ÿ“š Documentation Updates (Documentation)

  • Related PR: #3890
    Contributor: @FAUST-BENCHOU
    Change Log: Added the missing Chinese README for extensions.
    Feature Value: Improves documentation coverage for Chinese users.

๐Ÿงช Testing Improvements (Testing)

  • Related PR: #3871
    Contributor: @Jing-ze
    Change Log: Expanded unit test coverage for the wasm-go/mcp mcp-server framework.
    Feature Value: Improves confidence in MCP server framework behavior.

  • Related PR: #3873
    Contributor: @Jing-ze
    Change Log: Added end-to-end transformer coverage and fixed silent error wrapping.
    Feature Value: Improves transformer reliability and error visibility.

  • Related PR: #3875
    Contributor: @Jing-ze
    Change Log: Covered the hmac-auth-apisix algorithm matrix, clock skew, and authentication edge cases.
    Feature Value: Strengthens authentication plugin reliability.

  • Related PR: #3878
    Contributor: @Jing-ze
    Change Log: Covered traffic-tag operators, weight CDF boundaries, and parser rejection paths.
    Feature Value: Improves confidence in traffic tagging behavior under edge conditions.

  • Related PR: #3879
    Contributor: @Jing-ze
    Change Log: Increased unit test coverage to at least 90% across 9 WASM plugins.
    Feature Value: Improves plugin quality and regression protection.

๐Ÿ”ง Release and Dependency Maintenance

  • Related PR: #3987
    Contributor: @johnlanni
    Change Log: Updated the Envoy submodule.
    Feature Value: Keeps the gateway data-plane dependency aligned with the release baseline.

  • Related PR: #4017
    Contributor: @johnlanni
    Change Log: Updated the Envoy submodule.
    Feature Value: Pulls in the latest Envoy dependency updates for the release.

  • Related PR: #4019
    Contributor: @EndlessSeeker
    Change Log: Released v2.2.3.
    Feature Value: Updates release metadata and versioned dependencies for Higress v2.2.3.

๐Ÿ“Š Release Statistics

  • ๐Ÿš€ New Features: 11 items
  • ๐Ÿ› Bug Fixes: 28 items
  • ๐Ÿ“š Documentation Updates: 1 item
  • ๐Ÿงช Testing Improvements: 5 items
  • ๐Ÿ”ง Release and Dependency Maintenance: 3 items

Total: 48 changes

Thank you to all contributors for your hard work! ๐ŸŽ‰

Higress Console

๐Ÿ“‹ Overview of This Release

This release includes 8 updates, covering MCP configuration fixes, LLM provider usability improvements, route and service stability, YAML cleanup, and workflow maintenance.

Distribution of Updates

  • New Features: 1 item
  • Bug Fixes: 7 items

๐Ÿ“ Full Change Log

๐Ÿš€ New Features (Features)

  • Related PR: #722
    Contributor: @CH3CHO
    Change Log: Added support for collapsing token lists for LLM providers.
    Feature Value: Improves readability and usability when configuring providers with many tokens.

๐Ÿ› Bug Fixes (Bug Fixes)

  • Related PR: #724
    Contributor: @JayLi52
    Change Log: Fixed parsing when MCP service names contain colons.
    Feature Value: Prevents MCP service configuration failures caused by service-name parsing.

  • Related PR: #733
    Contributor: @CH3CHO
    Change Log: Fixed stale state in ServiceWeightTable.
    Feature Value: Keeps service weight display and edits aligned with the current state.

  • Related PR: #729
    Contributor: @CH3CHO
    Change Log: Fixed a possible NPE in SystemServiceImpl.
    Feature Value: Improves backend stability for system service operations.

  • Related PR: #730
    Contributor: @CH3CHO
    Change Log: Trims trailing whitespace in higress-config YAML data before submission.
    Feature Value: Avoids configuration noise and accidental YAML formatting issues.

  • Related PR: #734
    Contributor: @CH3CHO
    Change Log: Improved SSE transport path concatenation in DirectRoutingDetailStrategy.
    Feature Value: Prevents incorrect direct-routing paths for SSE transport.

  • Related PR: #735
    Contributor: @JayLi52
    Change Log: Preserves same-name routes when deleting MCP servers.
    Feature Value: Avoids deleting unrelated routes that share a name with the MCP server.

  • Related PR: #737
    Contributor: @CH3CHO
    Change Log: Fixed deploy-to-OSS workflow failures caused by Node.js 20 deprecation.
    Feature Value: Restores release and deployment automation reliability.

๐Ÿ“Š Release Statistics

  • ๐Ÿš€ New Features: 1 item
  • ๐Ÿ› Bug Fixes: 7 items

Total: 8 changes

Thanks to all contributors for their hard work! ๐ŸŽ‰

New Contributors

Full Changelog:

Contributors

Check out latest releases or
releases around higress-group/higress v2.2.3

Don't miss a new higress release

NewReleases is sending notifications on new releases.

Get notifications