Changelog
(Note there was no 2.10.13 version 🙂)
Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.
Go Version
- 1.21.9 (#5300)
Dependencies
Improved
Auth
- Improve clone behavior to prevent unintended references (#5246) Thanks to Trail Of Bits for the report!
- Apply constant-time evaluation of non-bcrypt passwords (#5247) Thanks to Trail Of Bits for the report!
JetStream
- Reduce lock contention when looking up stream metadata (#5223)
- Optimize matching a subject when applying per subject message limits (#5228)
- Optimize waiting queue for pull consumers to reduce excessive memory and GC pressure (#5233)
- Improve error handling in filestore to prevent duplicate nonces being used and ignored errors (#5248) Thanks to Trail Of Bits for the report!
- Improve interest and workqueue state tracking to prevent stranded messages during concurrent consumer acks and stream deletes (#5270)
- Introduce store method to push down and optimize multi-filter subject matching used by consumers (#5274) Thanks to @svenfoo for the report!
- Various improvements and fixes for clustered interest-based streams and associated consumers (#5287)
- Return errors and/or adding logging for rare filestore conditions (#5298)
- When explicitly syncing to the filesystem, hold the message block lock to prevent possible downstream corruption (#5301, #5303)
Fixed
OS
- Fix for race checkptr panic on macOS/Darwin on Go 1.22 (#5265)
Connections
- Address possible memory leak due to connections not be released (#5244) Thanks to @davidzhao for the report!
JetStream
- Fix incorrect subject overlapping checks that could lead to multiple consumers or streams bound to the same subjects (#5224)
- Improve situations that could result in orphan messages in streams (#5227)
- Protect against corrupt message block when doing indexing (#5238) Thanks to @kylemcc for the report!
- Fix consumer config check of max deliver when backoff is set (#5242)
- Ignore Nats-Expected-* headers from source stream (#5256) Thanks to @ramonberrutti for the report and contribution!
- Add missing check that could result an extended purge or compact to fail in memory-based streams (#5264)
- Fix issue that could result in skipping valid messages when loading them from the filestore (#5266)
- Use cluster-scoped lock when processing a leader change (#5267)
- Fix missing unlocks in filestore and streams in certain error conditions (#5276) Thanks to Trail Of Bits for the report!
- Ensure lock is held for the duration of a filestore truncate (#5279)
- Fix race condition when checking for the stream interest state (#5290)
- Ensure dangling NRG directories are cleaned up when the in-memory stream/consumer are deleted (#5291)
- Perform a standard stream purge when ack floor is higher than the last known state (#5293)
- Handle concurrent creation of workqueue consumers that could result in overlapping interest (#5295) Thanks to @LautaroJayat for the report!
- Fix possible case of multiple deliveries of the same message that cause the delivery count decreasing (#5305)
Monitoring
- Fix JSZ account filtering behavior when requesting stream details (#5229)
OCSP
- Fix stapling during gateway reconnect and configuration reload (#5208)
Chores
- Fix incorrect function names in comments (#5237, #5289) Thanks to @depthlending and @needsure for the contributions!
- Improve workqueue stream sourcing tests (#5112)
- Speed-up tests and fixup lint reports (#5258)
- Improve hardened systemd configuration example (#5272)
- Refactor LoadNextMsgMulti store tests to guard against drift (#5275, #5277)
- Rename orphan messages and replicas test cases (#5292)