- Go 1.25 is now required to build Yggdrasil
Added
- The
GroupPasswordoption can be used to form closed overlays on top of Yggdrasil- When set, session traffic can only be exchanged with other nodes that have the same
GroupPasswordset (however, services on the public testnet will be unreachable as a result) - Peering connections are not affected by this option and traffic forwarding continues to operate as normal
- When set, session traffic can only be exchanged with other nodes that have the same
- The
-notifyfdcommand line argument can be used for S6-style process readiness notifications - The
?origin=query URI parameter can be added to WebSocket peer URIs to configure theOriginHTTP header
Changed
- Upgrade dependencies
- The UNIX domain admin socket ownership is now updated before dropping permissions
- The packet queues are now capped at 1MB, preventing unbounded memory growth under certain traffic load patterns
Fixed
- Some panics that could be caused by malformed packets have been fixed