apisix/CHANGELOG.md at master · apache/apisix

title	Changelog

3.16.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ set default value of ssl_verify in openid-connect plugin to true #13010
⚠️ make tencent-cloud-cls scheme configurable with default set to https #13009

Core

feat(standalone): reject configurations when configured with unknown plugin #13046
feat: allow fetching stream healthcheck data through control api #12996
feat: support set default value in resolve_var #12963
feat(eureka): allow domain named nodes #12993
fix(admin): allow bidirectional format conversion for upstream.nodes in PATCH requests #13065
fix: use shdict instead of events module for nodes data exchange #13066
fix: preserve uri args if path has not been modified #13080
fix: avoid initialising stream plugins in http subsystem #13064
fix(schema): correct minLength type for anonymous consumer #13022
fix: use apisix_request_id only in http subsystem log format #13006
fix: treat default value in variable as resolved #13007
fix(plugin): merge consumer group plugins when consumer has no direct plugins #12998
fix: control api return wrong status data for passive health check #12975
chore: upgrade lua-resty-prometheus #13058
chore: update version of dependency lua-casbin to 1.46.0 #12985
chore: add ngx.flush after ngx.print #12988

Plugins

feat: allow to use secrets in clickhouse-logger plugin #12951
feat: added max/resp_body_bytes attr to logger plugins #13034
feat(jwt): support more algorithms #12944
feat(openidc): support redis for session storage #12986
feat(limit-count): support configuring multiple rules #12977
feat: support configuring variables in limit-conn, limit-count and ai-rate-limiting #12967
feat: support rules in limit-conn and ai-rate-limiting #13000
feat: support header prefix in limit-count rules #13004
feat: support authentication via headers #12994
feat: add more spans to opentelemetry plugin #12686
fix(fw-auth): disallow control characters in headers #13057
fix(limit-req): use parent resource key for consumer isolation #13019
fix: correct span handling in tracing logic #13008
fix: remove redundant field for rate limit plugins #12959
refactor(limit-count): throw panic error upon invalid parent #13030

Bugfixes

fix(docker): support valid YAML variations in standalone mode #12949
fix(conf): correct AI plugin priority comments in config.yaml.example #12926

3.15.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ fix: disallow creating duplicate plugins in global rules #12800

Core

feat: kubernetes discovery readiness check #12852
feat: standalone mode status api #12810
feat: add validate API to standalone mode #12718
feat: add dependency protocol checking and deletion checking for stream routing #12794
feat: relax resource name length restriction to 256 #11822
feat: add support for wildcard on SNIs for SSL #12668
refactor: use secret URI as key for cache and refactor lrucache #12682
fix: maintain node_version for independent upstream #12856
fix: request failure during reload after any Eureka node fails #12906
fix: nacos service discovery request lacks retries after failure #12734
fix: load full data during init_worker phase require a new apisix-runtime #12678
chore: upgrade lua-resty-logger-socket #12898
chore: upgrade lua-resty-dns-client to 7.1.0 #12851
change: remove lua-resty-worker-events from the core dependencies #12930

Plugins

feat: rate limiting plugins support setting keepalive for redis policy #12861
feat: support apisix_request_id variable with request-id plugin #12931
feat: support vertex-ai #12933
feat: support gemini openai api #12883
feat: support anthropic openai api #12881
feat: add support for openrouter #12878
feat: auth plugins respond with www-authenticate header with realm #12864
feat: allow grpc web in non prefix based routes #12830
feat(file-logger): add path properties to file-logger plugin metadata #12825
feat(log): add nested log format support for logger plugins #12697
feat: add max pending entries to all logger plugins #12709
feat(kafka-logger): add support for scram for authentication #12693
fix(limit-conn): implement configurable redis key expiry #12872
fix(skywalking): start timer when route is hit #12855
fix: eliminate deepcopy when destroying prometheus #12905
fix(limit-req): ensure safe eviction of keys in redis #12911
fix(limit-count): use meta parent to identify plugin source #12900
fix: Make protocol_name optional and default to 'MQTT' for mqtt plugin #12831
fix(batch-requests): the number of sub-responses does not match that of sub-requests #12779
fix(ai-proxy): correct logging schema key in ai-proxy-multi #12795
fix(plugin_metadata): ensure enable_data_encryption initialization & querying issue #12624

Bugfixes

fix: correct handling of endpointSlices in Kubernetes service discovery #12634
fix: Adding request-id header in case of empty header value in request #12837
fix(docker): adjust permissions for apisix directory to run in openshift without anyuid command #12824
fix: correct pre/post hook typos in Kubernetes discovery and improve cleanup safety #12288
fix(performance): move the ipv6 check to schema validation #12714
fix(authz-keycloak): strip query string when resolving resources with lazy_load_paths #12914

3.14.1

Bugfixes

fix: port conflict in worker process for prometheus port #12667

Core

fix: add warning log when skipping check for disabled plugin #12655
chore: add test for verifying lua-resty-openssl bug fix #12656

Doc improvements

docs: remove unnecessary sentence in opentelemetry plugin doc #12660

3.14.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ feat: admin api no longer populates default values when writing #12603
⚠️ change(jwt-auth): when algorithm is not RS256 or ES256, require the user to fill in secret #12611
⚠️ change(openid-connect): when bearer_only is false, require the user to fill in session.secret #12609

Bugfixes

fix: redact encrypted fields from error log #12629
fix: run init_worker of apisix.admin module in stream subsystem #12632
fix(ai-proxy-multi): inconsistent resolved nodes for healthcheck #12594
fix: only trust X-Forwarded-* headers from trusted_addresses #12551
fix(plugin/redirect): ensure redirect when scheme is not https #12561
fix: fix ui redirect error when behind proxy #12566
fix(secret): refresh stale lru cache item in background #12614
fix: healthcheck manager missing runtime information #12607
fix(standalone): support stream route in admin api mode #12604
fix: only log response body when include_resp_body is enabled #12599
fix: correct spelling error in get_healthcheck_events_module function name #12587
fix: typo in ai-proxy-multi #12601
fix(ai-proxy-multi): panic when instance dont have custom endpoint #12584
fix(ai-prompt-decorator): prevent message accumulation across requests #12582
fix: docker entrypoint remove stream_worker_events.sock if exists #12546
fix: add exptime to ewma shared dict items #12557
fix(ai-proxy): catch malformed override endpoint in schema validation #12563
fix: missing ctx.llm_raw_usage in non-stream mode #12564
fix(ai-proxy): set llm variables default value to 0 #12549
fix(ai-proxy): check type of choices/usage/content fields before use it #12548
fix(discovery/kubernetes): adjust id length #12536
fix: basic auth scheme supports case insensitivity #12539
fix: when only tls.verify, skip the logic of judging client cert #12527
fix(etcd): load full data from etcd while worker restart #12523
fix(etcd): upgrade revision when watch request timeout #12514
fix: enable issue of endpointslices for k8s discovery #11654
fix(grpc-web): missing trailers when empty resp body #12490
fix: can not get hostname in redhat #12267
fix: batch processor cache not working when configure plugin in service #12474
fix(forward-auth): extra_headers not resolving variable on $post_arg. #12435
fix: skipped failing bailedout tests in CI #12462
fix(api-breaker): inconsistent circuit breaking due to premature breaker_time increment #12451
fix(standalone): lack of configuration validation in api #12424
fix(log-rotate): skip access log when enable_access_log is set to false #11310
fix(opentelemetry): remove plugin attr set_ngx_var #12411
fix: broken mcp-bridge test cases #12425
fix(request-validation): support Content-Type header with charset for urlencoded data #12406
fix: zipkin trace_id and span_id format in ngx_var #12403
fix(consumer): missed consumer update due to wrong version in cache #12413
revert: fix: forward-auth request body too large #12404
fix: get_keys only return first 1024 items in shared dict by default #12380

Core

ci: migrate docker image for testing to bitnamilegacy repo #12562
chore: remove redundant profile.apisix_home assignment in start #12529
chore: upgrade deps to solve vulnerability alerts #12473
refactor: add healthcheck manager to decouple upstream #12426
feat: add last modified and digest metadata to standalone API #12526
feat: support ctx.var.post_arg for vars based route matching on request body #12388
feat: add a global switch to disable upstream health check #12407
feat: support multiple json.delay_encode objects in single log #12395

Plugins

feat: support OIDC claim validator #11824
feat: support traffic split plugin for stream routes #12630
feat: add ksuid algorithm on request-id plugin #12573
feat: add fallback mechanism for specific error codes in ai-proxy-multi #12571
feat(ai-proxy): add upstream_response_time in access log #12555
feat(ai-proxy): add new ctx variable for request llm model #12554
feat: add support for azure-ai driver #12565
feat(ai-proxy): add support for pushing logs in ai-proxy plugins #12515
feat: add ai-aliyun-content-moderation plugin #12530
feat: allow to use environment variables for openid-connect plugin #11451
feat(ai-proxy-multi): add support for healthcheck #12509
feat(ai-proxy): add latency and usage in access log and prometheus metrics #12518
feat: support limit-conn in workflow plugin #12465
feat(datadog): Improve Datadog plugin tag support #11943
feat: decoupled prometheus exporter's calculation and output #12383
feat: add support for extra_headers in forward-auth plugin #12405
feat: Add AIMLAPI provider support to AI plugins #12379

Doc improvements

docs: update admin api documentation for plugin metadata list endpoint #12621
docs: add new dashboard documentation #12616
docs: update note for API-drive standalone mode #12612
docs: Improve chaitin-waf plugin docs and remove unintended highlights #12608
docs: remove outdate dashboard doc #12596
docs: update apisix_upstream_response_time and request_llm_model in access log info #12583
docs: remove LLM variable in access log examples #12503
docs: update jwt-auth docs #12450
docs: update rpm installation guide #12460
docs: fix typo in credentials doc #12434
docs: add dashboard ui tips #12420
docs: correct minor typo for openwhisk #12401
docs: update changelog with breakchange notices #12396
docs: improve openid-connect plugin doc and add keycloak OIDC tutorial #11889

3.13.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ mark server-info plugin as deprecated #12244
⚠️ fill in the metadata of resource schema #12224. This PR sets additionalProperties to false for consumer credentials.

Bugfixes

fix: running stale healthchecker when new node count <= 1 #12118
fix: release healthchecker on 0 nodes #12126
fix: only parse and validate apisix.yaml in cli when startup #12216
fix(standalone): API-driven mode does not properly handle consumer schema #12256
fix: added restriction for TLSv1.3 cross-SNI session resumption #12366
fix: flaky t/admin/filter.t due to url encoding for query params #12370
fix(workflow/push-dev-image-on-commit): remove already defined uses #12365
fix(workflow): use runners with different architectures instead of QEMU #12322
fix: kubernetes service discovery single mode data dump #12284
fix: handle consul nil port cases by defaulting to port 80 #12304
fix: check if config contains duplicate resources in API-driven standalone mode #12317
fix: original key being modified causing cache inconsistency #12299
fix: access to the apisix dashboard in dev returns 404 #12376

Core

feat(consumer): consumer username allows - in it #12296
chore: change log level to debug to avoid unnecessary logs #12361
chore: change log level from warn to info for stale batch processor removal #12297
feat(standalone): allow more characters in credential_id for API-driven mode #12295
feat: add standalone admin api #12179
feat: support health checker for stream subsystem #12180
feat(standalone): support revision in API-driven standalone mode like etcd #12214
feat: add healthcheck for sync configuration #12200
perf: compare service discovery nodes by address #12258
feat: fill in the metadata of resource schema #12224
feat: add embedded apisix dashboard ui #12276
feat: add apisix dashboard to dev image #12369
feat: add max pending entries option to batch-processor #12338
feat(standalone): support JSON format #12333
feat: enhance admin api filter #12291
feat: add warning for data plane writing to etcd #12241
chore: upgrade openresty version to v1.27.1.2 #12307
chore: upgrade luarocks version to 3.12.0 #12305

Plugins

refactor(ai-proxy): move read_response into ai_driver.request function #12101
refactor: mcp server framework implementation #12168
feat: add mcp-bridge plugin #12151
feat: add lago plugin #12196
feat: add headers attribute for loki-logger #12243
feat: expose apisix version in prometheus node info metric #12367

Doc improvements

docs: update stream proxy doc for proxy_mode and some formatting #12108
docs: improve loki-logger plugin docs #11921
docs: improve ua-restriction plugin docs #11956
docs: improve elasticsearch-logger plugin docs #11922
fix file logger example wrong data structure #12125
docs: improve limit-req plugin docs #11873
docs: improve body-transformer plugin docs #11856
docs: update ai-rate-limiting and ai-rag docs #12107
docs: improve basic-auth docs and update docs for anonymous consumer #11859
docs: improve key-auth docs and update docs for anonymous consumer #11860
docs: improve hmac-auth plugin docs and update docs for anonymous consumer #11867
docs: improve jwt-auth plugin docs and update docs for anonymous consumer #11865
docs: improve request-validation plugin docs #11853
docs: update variable in building apisix from source #11640
docs: update readme with APISIX AI Gateway product link and MCP feature #12166
docs: improve plugin-develop docs #12242
docs: fix typo in real-ip.md #12236
docs: the configuration type of the WASM plugin can be an object. #12251

Developer productivity

feat: support devcontainer for containerized development of APISIX #11765

3.12.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ replace plugin attribute with plugin metadata in opentelemetry plugin #11940
⚠️ refactor: ai-content-moderation to ai-aws-content-moderation #12010
add expiration time for all Prometheus metrics #11838
allow workflow config without case #11787
unify google-cloud-oauth.lua file #11596
⚠️ ai-proxy remove passthrough #12014
⚠️ remove model options' stream default value #12013
⚠️ grpc-web response contains two trailer chunks #11988. This PR returns 405 Method not allowed instead of 400 Bad Request when request HTTP method errors.
⚠️ disallow empty key configuration attributes #11852
⚠️ set default value of ssl_trusted_certificate to system #11993

Bugfixes

Fix: timeout risk in usages of lua-resty-aws #12070
Fix: ai-rate-limiting not allowed to limit to a single instance #12061
Fix: update watch_ctx.revision to avoid multiple resyncs #12021
Fix: ai-proxy remove passthrough #12014
Fix: ai-proxy dead loop when retrying #12012
Fix: error while trying to log table in ai-content-moderation plugin #11994
Fix: resync etcd when a lower revision is found #12015
Fix: remove model options' stream default value #12013
Fix: grpc-web response contains two trailer chunks #11988
Fix: event_id is nil in chaitin-waf #11651
Fix: race condition problem while update upstream.nodes #11916
Fix: upstream_obj.upstream should not be a string #11932
Fix: query params in override.endpoint not being sent to LLMs #11863
Fix: add support for ignoring "load" global variable #11862
Fix: corrupt data in routes() response due to healthchecker data #11844
Fix: deepcopy should copy same table exactly only once #11861
Fix: disallow empty key configuration attributes #11852
Fix: etcd watch restart when receive invalid revision #11833
Fix: missing parsed_url nil check #11637
Fix: use plugin.get to fetch plugin configured in multi-auth plugin #11794
Fix: allow special characters in uri params #11788
Fix: add nil check to conf in body-transformer #11768
Fix: use max_req_body_bytes field in custom_format #11771
Fix: health checker can't be released due to health parent being released early #11760
Fix: use right modifiedIndex for consumer when use credential #11649

Core

set default value of ssl_trusted_certificate to system #11993
upgrade openresty version to v1.27.11 #11936
Support the use of system-provided CA certs in ssl_trusted_certificate #11809
support _meta.pre_function to execute custom logic before execution of each phase #11793
support anonymous consumer #11917
accelerate the creation of the consumer cache #11840
replace 'string.find' with 'core.string.find' #11886
workflow plugin registration #11832

Plugins

refactor ai-proxy and ai-proxy-multi #12030
support embeddings API #12062
implement rate limiting based fallback strategy #12047
ai-rate-limiting plugin #12037
add valid_issuers field in openid-connect plugin #12002
add ai-prompt-guard plugin #12008
add jwt audience validator #11987
store JWT in the request context #11675
support proxying openai compatible LLMs #12004
add ai-proxy-multi plugin #11986 #12030
make rate limiting response header names configurable #11831
support mulipart content-type in body-transformer #11767
plugins in multi-auth returns error instead of logging it #11775
support configuring key_claim_name #11772
add Total request per second panel in grafana dashboard #11692
add ai-rag plugin #11568
add ai-content-moderation plugin #11541
use setmetatable to set hidden variables without effecting serialisation #11770

3.11.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ remove JWT signing endpoint and no longer require a private key to be uploaded in the jwt-auth plugin. #11597
⚠️ rewrite hmac-auth plugin for usability #11581

Plugins

allow configuring keepalive_timeout in splunk-logger #11611
add plugin attach-consmer-label #11604
ai-proxy plugin #11499
ai-prompt-decorator plugin #11515
ai-prompt-template plugin #11517

Bugfixes

Fix: adjust the position of enums in pb_option_def #11448
Fix: encryption/decryption for non-auth plugins in consumer #11600
Fix: confusion when substituting ENV in config file #11545

Core

support gcp secret manager #11436
support aws secret manager #11417
add credential resource and include X-Consumer-Username, X-Credential-Identifier, and X-Consumer-Custom-ID headers in requests to upstream services #11601

3.10.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ remove core.grpc module #11427
add max req/resp body size attributes #11133
⚠️ autogenerate admin api key if not passed #11080
⚠️ enable sensitive fields encryption by default #11076
support more sensitive fields for encryption #11095
⚠️ avoid overwriting Access-Control-Expose-Headers response header #11136 This change removes the default * value for expose_headers and only sets the header when explicitly configured.
⚠️ add a default limit of 100 for get_headers() #11140
⚠️ core.request.header return strings instead of table #11127 This function now always returns strings, previously it returned tables when duplicate headers existed.

Plugins

allow set headers in introspection request #11090

Bugfixes

Fix: add libyaml-dev dependency for apt #11291
Fix: etcd sync data checker should work #11457
Fix: plugin metadata add id value for etcd checker #11452
Fix: allow trailing period in SNI and CN for SSL #11414
Fix: filter out illegal INT(string) formats #11367
Fix: make the message clearer when API key is missing #11370
Fix: report consumer username tag in datadog #11354
Fix: after updating the header, get the old value from the ctx.var #11329
Fix: ssl key rotation caused request failure #11305
Fix: validation fails causing etcd events not to be handled correctly #11268
Fix: stream route matcher is nil after first match #11269
Fix: rectify the way to fetch secret resource by id #11164
Fix: multi-auth raise 500 error when use default conf #11145
Fix: avoid overwriting Access-Control-Expose-Headers response header #11136
Fix: close session in case of error to avoid blocked session #11089
Fix: restore pb.state appropriately #11135
Fix: add a default limit of 100 for get_headers() #11140
Fix: disable features when prometheus plugin is turned off #11117
Fix: add post request headers only if auth request method is POST #11021
Fix: core.request.header return strings instead of table #11127
Fix: brotli partial response #11087
Fix: the port value greater than 65535 should not be allowed #11043

Core

upgrade openresty version to 1.25.3.2 #11419
move config-default.yaml to hardcoded lua file #11343
warn log when sending requests to external services insecurely #11403
update casbin to 1.41.9 #11400
update lua-resty-t1k to 1.1.5 #11391
support store ssl.keys ssl.certs in secrets mamager #11339
move tinyyaml to lyaml #11312
support hcv namespace #11277
add discovery k8s dump data interface #11111
make fetch_secrets use cache for performance #11201
replace 'string.len' with '#' #11078

3.9.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ use apisix.enable_http2 to enable HTTP/2 in APISIX #11032
⚠️ unify the keyring and key_encrypt_salt fields #10771

Core

🌅 Support HTTP3/QUIC
- #10989
- #11010
- #11027
🌅 add plugins/reload to control api #10905
🌅 consul deduplicate and sort #10941
🌅 support uri_arg_ when use radixtree_uri_with_parameter #10645

Plugins

🌅 add session.cookie configuration #10919
🌅 support endpointslices in kubernetes discovery #10916
🌅 add redis and redis-cluster in limit-req #10874
🌅 support expire prometheus metrics #10869
🌅 add redis and redis-cluster in limit-conn #10866
🌅 allow configuring allow-headers in grpc-web plugin #10904
🌅 Add forward-auth plugin exception configuration status_on_error #10898
🌅 add option to include request body and response body in log util #10888
🌅 support compressed responses in loggers #10884
🌅 add http-dubbo plugin #10703
🌅 support built-in variables in response_headers in mocking plugin #10872
🌅 support other data formats without warnings #10862
🌅 add ocsp-stapling plugin #10817

Bug Fixes

Fix: keep different strategy response header consistency #11048
Fix: add apisix/plugin/limit-req to makefile #10955
Fix: wrong namespace related endpoint in k8s #10917
Fix: when delete the secret cause 500 error #10902
Fix: jwe-decrypt secret length restriction #10928
Fix: unnecessary YAML Config reloads #9065
Fix: real_payload was overridden by malicious payload #10982
Fix: all origins could pass when allow_origins_by_metadata is set #10948
Fix: add compatibility headers #10828
Fix: missing trailers issue #10851
Fix: decryption failure #10843
Fix: linux-install-luarocks are not compatible with the openresty environment #10813
Fix: server-side sessions locked by not calling explicit session:close() #10788
Fix: skip brotli compression for upstream compressed response #10740
Fix: use_jwks breaking authentication header #10670
Fix: authz_keycloak plugin giving 500 error #10763

3.8.0

Core

🌅 Support the use of lua-resty-events module for better performance:
- #10550
- #10558
🌅 Upgrade OpenSSL 1.1.1 to OpenSSL 3: #10724

Plugins

🌅 Add jwe-decrypt plugin: #10252
🌅 Support brotli when use filters.regex option (response-rewrite): #10733
🌅 Add multi-auth plugin: #10482
🌅 Add required scopes configuration property to openid-connect plugin: #10493
🌅 Support for the Timing-Allow-Origin header (cors): #9365
🌅 Add brotli plugin: #10515
🌅 Body-transformer plugin enhancement(#10472): #10496
🌅 Set minLength of redis_cluster_nodes to 1 for limit-count plugin: #10612
🌅 Allow to use environment variables for limit-count plugin settings: #10607

Bugfixes

Fix: When the upstream nodes are of array type, the port should be an optional field: #10477
Fix: Incorrect variable extraction in fault-injection plugin: #10485
Fix: All consumers should share the same counter (limit-count): #10541
Fix: Safely remove upstream when sending route to opa plugin: #10552
Fix: Missing etcd init_dir and unable to list resource: #10569
Fix: Forward-auth request body is too large: #10589
Fix: Memory leak caused by timer that never quit: #10614
Fix: Do not invoke add_header if value resolved as nil in proxy-rewrite plugin: #10619
Fix: Frequent traversal of all keys in etcd leads to high CPU usage: #10671
Fix: For prometheus upstream_status metrics, mostly_healthy is healthy: #10639
Fix: Avoid getting a nil value in log phase in zipkin: #10666
Fix: Enable openid-connect plugin without redirect_uri got 500 error: #7690
Fix: Add redirect_after_logout_uri for ODIC that do not have an end_session_endpoint: #10653
Fix: Response-rewrite filters.regex does not apply when content-encoding is gzip: #10637
Fix: The leak of prometheus metrics: #10655
Fix: Authz-keycloak add return detail err: #10691
Fix: upstream nodes was not updated correctly by service discover: #10722
Fix: apisix restart failed: #10696

3.7.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ Creating core resources does not allow passing in create_time and update_time: #10232
⚠️ Remove self-contained info fields exptime and validity_start and validity_end from ssl schema: 10323
⚠️ Replace route with apisix.route_name, service with apisix.service_name in the attributes of opentelemetry plugin to follow the standards for span name and attributes: #10393

Core

🌅 Added token to support access control for consul discovery: #10278
🌅 Support configuring service_id in stream_route to reference service resources: #10298
🌅 Using apisix-runtime as the apisix runtime:
- #10415
- #10427

Plugins

🌅 Add tests for authz-keycloak with apisix secrets: #10353
🌅 Add authorization params to openid-connect plugin: #10058
🌅 Support set variable in zipkin plugin: #10361
🌅 Support Nacos ak/sk authentication: #10445

Bugfixes

Fix: Use warn log for get healthcheck target status failure:
- #10156
Fix: Keep healthcheck target state when upstream changes:
- #10312
- #10307
Fix: Add name field in plugin_config schema for consistency: #10315
Fix: Optimize tls in upstream_schema and wrong variable: #10269
Fix(consul): Failed to exit normally: #10342
Fix: The request header with Content-Type: application/x-www-form-urlencoded;charset=utf-8 will cause vars condition post_arg_xxx matching to failed: #10372
Fix: Make install failed on mac: #10403
Fix(log-rotate): Log compression timeout caused data loss: #8620
Fix(kafka-logger): Remove 0 from enum of required_acks: #10469

3.6.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ Remove gRPC support between APISIX and etcd and remove etcd.use_grpc configuration option: #10015
⚠️ Remove conf server. The data plane no longer supports direct communication with the control plane, and the configuration should be adjusted from config_provider: control_plane to config_provider: etcd: #10012
⚠️ Enforce strict schema validation on the properties of the core APISIX resources: #10233

Core

🌅 Support configuring the buffer size of the access log: #10225
🌅 Support the use of local DNS resolvers in service discovery by configuring resolv_conf: #9770
🌅 Remove Rust dependency for installation: #10121
🌅 Support Dubbo protocol in xRPC #9660

Plugins

🌅 Support https in traffic-split plugin: #9115
🌅 Support rewrite request body in external plugin:#9990
🌅 Support set nginx variables in opentelemetry plugin: #8871
🌅 Support unix sock host pattern in the chaitin-waf plugin: #10161

Bugfixes

Fix GraphQL POST request route matching exception: #10198
Fix error on array of multiline string in apisix.yaml: #10193
Add error handlers for invalid cache_zone configuration in the proxy-cache plugin: #10138

3.5.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ remove snowflake algorithm in the request-id plugin: #9715
⚠️ No longer compatible with OpenResty 1.19, it needs to be upgraded to 1.21+: #9913
⚠️ Remove the configuration item apisix.stream_proxy.only, the L4/L7 proxy needs to be enabled through the configuration item apisix.proxy_mode: #9607
⚠️ The admin-api /apisix/admin/plugins?all=true marked as deprecated: #9580
⚠️ allowlist and denylist can't be enabled at the same time in ua-restriction plugin: #9841

Core

🌅 Support host level dynamic setting of tls protocol version: #9903
🌅 Support force delete resource: #9810
🌅 Support pulling env vars from yaml keys: #9855
🌅 Add schema validate API in admin-api: #10065

Plugins

🌅 Add chaitin-waf plugin: #9838
🌅 Support vars for file-logger plugin: #9712
🌅 Support adding response headers for mock plugin: #9720
🌅 Support regex_uri with unsafe_uri for proxy-rewrite plugin: #9813
🌅 Support set client_email field for google-cloud-logging plugin: #9813
🌅 Support sending headers upstream returned by OPA server for opa plugin: #9710
🌅 Support configuring proxy server for openid-connect plugin: #9948

Bugfixes

Fix(log-rotate): the max_kept configuration doesn't work when using custom name: #9749
Fix(limit_conn): do not use the http variable in stream mode: #9816
Fix(loki-logger): getting an error with log_labels: #9850
Fix(limit-count): X-RateLimit-Reset shouldn't be set to 0 after request be rejected: #9978
Fix(nacos): attempt to index upvalue 'applications' (a nil value): #9960
Fix(etcd): can't sync etcd data if key has special character: #9967
Fix(tencent-cloud-cls): dns parsing failure: #9843
Fix(reload): worker not exited when executing quit or reload command #9909
Fix(traffic-split): upstream_id validity verification #10008

3.4.0

Core

🌅 Support route-level MTLS #9322
🌅 Support id schema for global_rules #9517
🌅 Support use a single long http connection to watch all resources for etcd #9456
🌅 Support max len 256 for ssl label #9301

Plugins

🌅 Support multiple regex pattern matching for proxy_rewrite plugin #9194
🌅 Add loki-logger plugin #9399
🌅 Allow user configure DEFAULT_BUCKETS for prometheus plugin #9673

Bugfixes

Fix(body-transformer): xml2lua: replace empty table with empty string #9669
Fix: opentelemetry and grpc-transcode plugins cannot work together #9606
Fix(skywalking-logger, error-log-logger): support $hostname in skywalking service_instance_name #9401
Fix(admin): fix secrets do not support to update attributes by PATCH #9510
Fix(http-logger): default request path should be '/' #9472
Fix: syslog plugin doesn't work #9425
Fix: wrong log format for splunk-hec-logging #9478
Fix(etcd): reuse cli and enable keepalive #9420
Fix: upstream key config add mqtt_client_id support #9450
Fix: body-transformer plugin return raw body anytime #9446
Fix(wolf-rbac): other plugin in consumer not effective when consumer used wolf-rbac plugin #9298
Fix: always parse domain when host is domain name #9332
Fix: response-rewrite plugin can't add only one character #9372
Fix(consul): support to fetch only health endpoint #9204

3.3.0

The changes marked with ⚠️ are not backward compatible.

Change

⚠️ Change the default router from radixtree_uri to radixtree_host_uri: #9047
⚠️ CORS plugin will add Vary: Origin header when allow_origin is not *: #9010

Core

🌅 Support store route's cert in secrets manager: #9247
🌅 Support bypassing Admin API Auth by configuration: #9147

Plugins

🌅 Support header injection for fault-injection plugin: #9039
🌅 Support variable when rewrite header in proxy-rewrite plugin: #9112
🌅 limit-count plugin supports username and ssl for redis policy: #9185

Bugfixes

Fix etcd data sync exception: #8493
Fix invalidate cache in core.request.add_header and fix some calls: #8824
Fix the high CPU and memory usage cause by healthcheck impl: #9015
Consider using allow_origins_by_regex only when it is not nil: #9028
Check upstream reference in traffic-split plugin when delete upstream: #9044
Fix failing to connect to etcd at startup: #9077
Fix health checker leak for domain nodes: #9090
Prevent non 127.0.0.0/24 to access admin api with empty admin_key: #9146
Ensure hold_body_chunk should use separate buffer for each plugin in case of pollution: #9266
Ensure batch-requests plugin read trailer headers if existed: #9289
Ensure proxy-rewrite should set ngx.var.uri: #9309

3.2.1

This is an LTS maintenance release and you can see the CHANGELOG in release/3.2 branch.

https://github.com/apache/apisix/blob/release/3.2/CHANGELOG.md#321

3.2.0

Change

Deprecated separate Vault configuration in jwt-auth. Users can use secret to achieve the same function: #8660

Core

🌅 Support Vault token to configure secret through environment variables: #8866
🌅 Supports service discovery on stream subsystem:
- #8583
- #8593
- #8584
- #8640
- #8633
- #8696
- #8826

Plugins

🌅 Add RESTful to graphQL conversion plugin: #8959
🌅 Supports setting the log format on each log plugin:
- #8806
- #8643
🌅 Add request body/response body conversion plugin: #8766
🌅 Support sending error logs to Kafka: #8693
🌅 limit-count plugin supports X-RateLimit-Reset: #8578
🌅 limit-count plugin supports setting TLS to access Redis cluster: #8558
🌅 consumer-restriction plugin supports permission control via consumer_group_id: #8567

Bugfixes

Fix mTLS protection when the host and SNI mismatch: #8967
The proxy-rewrite plugin should escape URI parameter parts if they do not come from user config: #8888
Admin API PATCH operation should return 200 status code after success: #8855
Under certain conditions, the reload after etcd synchronization failure does not take effect: #8736
Fix the problem that the nodes found by the Consul service discovery are incomplete: #8651
Fix grpc-transcode plugin's conversion of Map data: #8731
External plugins should be able to set the content-type response header: #8588
When hotloading plugins, redundant timers may be left behind if the request-id plugin initializes the snowflake generator incorrectly: #8556
Close previous proto synchronizer for grpc-transcode when hotloading plugins: #8557

3.1.0

Core

🌅 Support for etcd configuration synchronization via gRPC:
- #8485
- #8450
- #8411
🌅 Support for configuring encrypted fields in plugins:
- #8487
- #8403
🌅 Support for placing partial fields in Vault or environment variable using secret resources:
- #8448
- #8421
- #8412
- #8394
- #8390
🌅 Allows upstream configuration in the stream subsystem as a domain name: #8500
🌅 Support Consul service discovery: #8380

Plugin

🌅 Optimize resource usage for prometheus collection: #8434
🌅 Add inspect plugin for easy debugging: #8400
🌅 jwt-auth plugin supports parameters to hide authentication token from upstream : #8206
🌅 proxy-rewrite plugin supports adding new request headers without overwriting existing request headers with the same name: #8336
🌅 grpc-transcode plugin supports setting the grpc-status-details-bin response header into the response body: #7639
🌅 proxy-mirror plugin supports setting the prefix: #8261

Bugfix

Fix the problem that the plug-in configured under service object cannot take effect in time under some circumstances: #8482
Fix an occasional 502 problem when http and grpc share the same upstream connection due to connection pool reuse: #8364
file-logger should avoid buffer-induced log truncation when writing logs: #7884
max_kept parameter of log-rotate plugin should take effect on compressed files: #8366
Fix userinfo not being set when use_jwks is true in the openid-connect plugin: #8347
Fix an issue where x-forwarded-host cannot be changed in the proxy-rewrite plugin: #8200
Fix a bug where disabling the v3 admin API resulted in missing response bodies under certain circumstances: #8349
In zipkin plugin, pass trace ID even if there is a rejected sampling decision: #8099
Fix _meta.filter in plugin configuration not working with variables assigned after upstream response and custom variables in APISIX.
- #8162
- #8256

3.0.0

Change

enable_cpu_affinity is disabled by default to avoid this configuration affecting the behavior of APSISIX deployed in the container: #8074

Core

🌅 Added Consumer Group entity to manage multiple consumers: #7980
🌅 Supports configuring the order in which DNS resolves domain name types: #7935
🌅 Support configuring multiple key_encrypt_salt for rotation: #7925

Plugin

🌅 Added ai plugin to dynamically optimize the execution path of APISIX according to the scene:
- #8102
- #8113
- #8120
- #8128
- #8130
- #8149
- #8157
🌅 Support session_secret in openid-connect plugin to resolve the inconsistency of session_secret among multiple workers: #8068
🌅 Support sasl config in kafka-logger plugin: #8050
🌅 Support set resolve domain in proxy-mirror plugin: #7861
🌅 Support brokers property in kafka-logger plugin, which supports different broker to set the same host: #7999
🌅 Support get response body in ext-plugin-post-resp: #7947
🌅 Added cas-auth plugin to support CAS authentication: #7932

Bugfix

Conditional expressions of workflow plugin should support operators: #8121
Fix loading problem of batch processor plugin when prometheus plugin is disabled: #8079
When APISIX starts, delete the old conf server sock file if it exists: #8022
Disable core.grpc when gRPC-client-nginx-module module is not compiled: #8007

3.0.0-beta

Here we use 2.99.0 as the version number in the source code instead of the code name 3.0.0-beta for two reasons:

avoid unexpected errors when some programs try to compare the version, as 3.0.0-beta contains 3.0.0 and is longer than it.
some package system might not allow package which has a suffix after the version number.

Change

Moves the config_center, etcd and Admin API configuration to the deployment

We've adjusted the configuration in the static configuration file, so you need to update the configuration in config.yaml as well:

The config_center function is now implemented by config_provider under deployment: #7901
The etcd field is moved to deployment: #7860
The following Admin API configuration is moved to the admin field under deployment: #7823
- admin_key
- enable_admin_cors
- allow_admin
- admin_listen
- https_admin
- admin_api_mtls
- admin_api_version

You can refer to the latest config-default.yaml for details.

Removing multiple deprecated configurations

With the new 3.0 release, we took the opportunity to clean out many configurations that were previously marked as deprecated.

In the static configuration, we removed several fields as follows:

Removed enable_http2 and listen_port from apisix.ssl: #7717
Removed apisix.port_admin: #7716
Removed etcd.health_check_retry: #7676
Removed nginx_config.http.lua_shared_dicts: #7677
Removed apisix.real_ip_header: #7696

In the dynamic configuration, we made the following adjustments:

Moved disable of the plugin configuration under _meta: #7707
Removed service_protocol from the Route: #7701

There are also specific plugin level changes:

Removed audience field from authz-keycloak: #7683
Removed upstream field from mqtt-proxy: #7694
tcp-related configuration placed under the tcp field in error-log-logger: #7700
Removed max_retry_times and retry_interval fields from syslog: #7699
The scheme field has been removed from proxy-rewrite: #7695

New Admin API response format

We have adjusted the response format of the Admin API in several PRs as follows:

#7630
#7622

The new response format is shown below:

Returns a single configuration:

{
  "modifiedIndex": 2685183,
  "value": {
    "id": "1",
    ...
  },
  "key": "/apisix/routes/1",
  "createdIndex": 2684956
}

Returns multiple configurations:

{
  "list": [
    {
      "modifiedIndex": 2685183,
      "value": {
        "id": "1",
        ...
      },
      "key": "/apisix/routes/1",
      "createdIndex": 2684956
    },
    {
      "modifiedIndex": 2685163,
      "value": {
        "id": "2",
        ...
      },
      "key": "/apisix/routes/2",
      "createdIndex": 2685163
    }
  ],
  "total": 2
}

Other

Port of Admin API changed to 9180: #7806
We only support OpenResty 1.19.3.2 and above: #7625
Adjusted the priority of the Plugin Config object so that the priority of a plugin configuration with the same name changes from Consumer > Plugin Config > Route > Service to Consumer > Route > Plugin Config > Service: #7614

Core

Integrating grpc-client-nginx-module to APISIX: #7917
k8s service discovery support for configuring multiple clusters: #7895

Plugin

Support for injecting header with specified prefix in opentelemetry plugin: #7822
Added openfunction plugin: #7634
Added elasticsearch-logger plugin: #7643
response-rewrite plugin supports adding response bodies: #7794
log-rorate supports specifying the maximum size to cut logs: #7749
Added workflow plug-in.
- #7760
- #7771
Added Tencent Cloud Log Service plugin: #7593
jwt-auth supports ES256 algorithm: #7627
ldap-auth internal implementation, switching from lualdap to lua-resty-ldap: #7590
http request metrics within the prometheus plugin supports setting additional labels via variables: #7549
The clickhouse-logger plugin supports specifying multiple clickhouse endpoints: #7517

Bugfix

gRPC proxy sets :authority request header to configured upstream Host: #7939
response-rewrite writing to an empty body may cause AIPSIX to fail to respond to the request: #7836
Fix the problem that when using Plugin Config and Consumer at the same time, there is a certain probability that the plugin configuration is not updated: #7965
Only reopen log files once when log cutting: #7869
Passive health checks should not be enabled by default: #7850
The zipkin plugin should pass trace IDs upstream even if it does not sample: #7833
Correction of opentelemetry span kind to server: #7830
in limit-count plugin, different routes with the same configuration should not share the same counter: #7750
Fix occasional exceptions thrown when removing clean_handler: #7648
Allow direct use of IPv6 literals when configuring upstream nodes: #7594
The wolf-rbac plugin adjusts the way it responds to errors:
- #7561
- #7497
the phases after proxy didn't run when 500 error happens before proxy: #7703
avoid error when multiple plugins associated with consumer and have rewrite phase: #7531
upgrade lua-resty-etcd to 1.8.3 which fixes various issues: #7565

2.15.3

This is an LTS maintenance release and you can see the CHANGELOG in release/2.15 branch.

https://github.com/apache/apisix/blob/release/2.15/CHANGELOG.md#2153

2.15.2

This is an LTS maintenance release and you can see the CHANGELOG in release/2.15 branch.

https://github.com/apache/apisix/blob/release/2.15/CHANGELOG.md#2152

2.15.1

This is an LTS maintenance release and you can see the CHANGELOG in release/2.15 branch.

https://github.com/apache/apisix/blob/release/2.15/CHANGELOG.md#2151

2.15.0

Change

We now map the grpc error code OUT_OF_RANGE to http code 400 in grpc-transcode plugin: #7419
Rename health_check_retry configuration in etcd section of config-default.yaml to startup_retry: #7304
Remove upstream.enable_websocket which is deprecated since 2020: #7222

Core

Support running plugins conditionally: #7453
Allow users to specify plugin execution priority: #7273
Support getting upstream certificate from ssl object: #7221
Allow customizing error response in the plugin: #7128
Add metrics to xRPC Redis proxy: #7183
Introduce deployment role to simplify the deployment of APISIX:
- #7405
- #7417
- #7392
- #7365
- #7249

Plugin

Add ngx.shared.dict statistic in promethues plugin: #7412
Allow using unescaped raw URL in proxy-rewrite plugin: #7401
Add PKCE support to the openid-connect plugin: #7370
Support custom log format in sls-logger plugin: #7328
Export some params for kafka-client in kafka-logger plugin: #7266
Add support for capturing OIDC refresh tokens in openid-connect plugin: #7220
Add prometheus plugin in stream subsystem: #7174

Bugfix

clear remain state from the latest try before retrying in Kubernetes discovery: #7506
the query string was repeated twice when enabling both http_to_https and append_query_string in the redirect plugin: #7433
don't send empty Authorization header by default in http-logger: #7444
ensure both group and disable configurations can be used in limit-count: #7384
adjust the execution priority of request-id so the tracing plugins can use the request id: #7281
correct the transcode of repeated Message in grpc-transcode: #7231
var missing in proxy-cache cache key should be ignored: #7168
reduce memory usage when abnormal weights are given in chash: #7103
cache should be bypassed when the method mismatch in proxy-cache: #7111
Upstream keepalive should consider TLS param: - #7054 - #7466
The redirect plugin sets a correct port during redirecting HTTP to HTTPS: - #7065

2.14.1

Bugfix

The "unix:" in the real_ip_from configuration should not break the batch-requests plugin: #7106

2.14.0

Change

To adapt the change of OpenTelemetry spec, the default port of OTLP/HTTP is changed to 4318: #7007

Core

Introduce an experimental feature to allow subscribing Kafka message via APISIX. This feature is based on the pubsub framework running above websocket:
- #7028
- #7032
Introduce an experimental framework called xRPC to manage non-HTTP L7 traffic:
- #6885
- #6901
- #6919
- #6960
- #6965
- #7040
Now we support adding delay according to the command & key during proxying Redis traffic, which is built above xRPC:
- #6999
Introduce an experimental support to configure APISIX via xDS:
- #6614
- #6759
Add normalize_uri_like_servlet option to normalize uri like servlet: #6984
Zookeeper service discovery via apisix-seed: #6751

Plugin

The real-ip plugin supports recursive IP search like real_ip_recursive: #6988
The api-breaker plugin allows configuring response: #6949
The response-rewrite plugin supports body filters: #6750
The request-id plugin adds nanoid algorithm to generate ID: #6779
The file-logger plugin can cache & reopen file handler: #6721
Add casdoor plugin: #6382
The authz-keycloak plugin supports password grant: #6586

Bugfix

Upstream keepalive should consider TLS param: #7054
Do not expose internal error message to the client:
- #6982
- #6859
- #6854
- #6853
- #6846
DNS supports SRV record with port 0: #6739
client mTLS was ignored sometimes in TLS session reuse: #6906
The grpc-web plugin doesn't override Access-Control-Allow-Origin header in response: #6842
The syslog plugin's default timeout is corrected: #6807
The authz-keycloak plugin's access_denied_redirect_uri was bypassed sometimes: #6794
Handle USR2 signal properly: #6758
The redirect plugin set a correct port during redirecting HTTP to HTTPS:
- #7065
- #6686
Admin API rejects unknown stream plugin: #6813

2.13.3

This is an LTS maintenance release and you can see the CHANGELOG in release/2.13 branch.

https://github.com/apache/apisix/blob/release/2.13/CHANGELOG.md#2133

2.13.2

This is an LTS maintenance release and you can see the CHANGELOG in release/2.13 branch.

https://github.com/apache/apisix/blob/release/2.13/CHANGELOG.md#2132

2.13.1

This is an LTS maintenance release and you can see the CHANGELOG in release/2.13 branch.

https://github.com/apache/apisix/blob/release/2.13/CHANGELOG.md#2131

2.13.0

Change

change(syslog): correct the configuration #6551
change(server-info): use a new approach(keepalive) to report DP info #6202
change(admin): empty nodes should be encoded as array #6384
change(prometheus): replace wrong apisix_nginx_http_current_connections{state="total"} label #6327
change: don't expose public API by default & remove plugin interceptor #6196

Core

🌅 feat: add delayed_body_filter phase #6605
🌅 feat: support for reading environment variables from yaml configuration files #6505
🌅 feat: rerun rewrite phase for newly added plugins in consumer #6502
🌅 feat: add config to control write all status to x-upsream-apisix-status #6392
🌅 feat: add kubernetes discovery module #4880
🌅 feat(graphql): support http get and post json request #6343

Plugin

🌅 feat: jwt-auth support custom parameters #6561
🌅 feat: set cors allow origins by plugin metadata #6546
🌅 feat: support post_logout_redirect_uri config in openid-connect plugin #6455
🌅 feat: mocking plugin #5940
🌅 feat(error-log-logger): add clickhouse for error-log-logger #6256
🌅 feat: clickhouse logger #6215
🌅 feat(grpc-transcode): support .pb file #6264
🌅 feat: development of Loggly logging plugin #6113
🌅 feat: add opentelemetry plugin #6119
🌅 feat: add public api plugin #6145
🌅 feat: add CSRF plugin #5727

Bugfix

fix(skywalking,opentelemetry): trace request rejected by auth #6617
fix(log-rotate): should rotate logs strictly hourly(or minutely) #6521
fix: deepcopy doesn't copy the metatable #6623
fix(request-validate): handle duplicate key in JSON #6625
fix(prometheus): conflict between global rule and route configure #6579
fix(proxy-rewrite): when conf.headers are missing,conf.method can make effect #6300
fix(traffic-split): failed to match rule when the first rule failed #6292
fix(config_etcd): skip resync_delay while etcd watch timeout #6259
fix(proto): avoid sharing state #6199
fix(limit-count): keep the counter if the plugin conf is the same #6151
fix(admin): correct the count field of plugin-metadata/global-rule #6155
fix: add missing labels after merging route and service #6177

2.12.1

This is an LTS maintenance release and you can see the CHANGELOG in release/2.12 branch.

https://github.com/apache/apisix/blob/release/2.12/CHANGELOG.md#2121

2.12.0

Change

change(serverless): rename "balancer" phase to "before_proxy" #5992
change: don't promise to support Tengine #5961
change: enable HTTP when stream proxy is set and enable_admin is true #5867

Core

🌅 feat(L4): support TLS over TCP upstream #6030
🌅 feat: support registering custom variable #5941
🌅 feat(vault): vault lua module, integration with jwt-auth authentication plugin #5745
🌅 feat: enable L4 stream logging #5768
🌅 feat: add http_server_location_configuration_snippet configuration #5740
🌅 feat: support resolve default value when environment not set #5675
🌅 feat(wasm): run in http header_filter #5544

Plugin

🌅 feat: support hide the authentication header in basic-auth with a config #6039
🌅 feat: set proxy_request_buffering dynamically #6075
🌅 feat(mqtt): balance by client id #6079
🌅 feat: add forward-auth plugin #6037
🌅 feat(grpc-web): support gRPC-Web Proxy #5964
🌅 feat(limit-count): add constant key type #5984
🌅 feat(limit-count): allow sharing counter #5881
🌅 feat(splunk): support splunk hec logging plugin #5819
🌅 feat: basic support OPA plugin #5734
🌅 feat: rocketmq logger #5653
🌅 feat(mqtt-proxy): support using route's upstream #5666
🌅 feat(ext-plugin): support to get request body #5600
🌅 feat(plugins): aws lambda serverless #5594
🌅 feat(http/kafka-logger): support to log response body #5550
🌅 feat: Apache OpenWhisk plugin #5518
🌅 feat(plugin): support google cloud logging service #5538

Bugfix

fix: the prometheus labels are inconsistent when error-log-logger is enabled #6055
fix(ipv6): allow disabling IPv6 resolve #6023
fix(mqtt): handle properties for MQTT 5 #5916
fix(sls-logger): unable to get millisecond part of the timestamp #5820
fix(mqtt-proxy): client id can be empty #5816
fix(ext-plugin): don't use stale key #5782
fix(log-rotate): race between reopen log & compression #5715
fix(batch-processor): we didn't free stale object actually #5700
fix: data pollution after passive health check is changed #5589

2.11.0

Change

change(wolf-rbac): change default port number and add authType parameter to documentation #5477

Core

🌅 feat: support advanced matching based on post form #5409
🌅 feat: initial wasm support #5288
🌅 feat(control): expose services#5271
🌅 feat(control): add dump upstream api #5259
🌅 feat: etcd cluster single node failure APISIX startup failure #5158
🌅 feat: support specify custom sni in etcd conf #5206

Plugin

🌅 feat(plugin): azure serverless functions #5479
🌅 feat(kafka-logger): supports logging request body #5501
🌅 feat: provide skywalking logger plugin #5478
🌅 feat(plugins): Datadog for metrics collection #5372
🌅 feat(limit-* plugin): fallback to remote_addr when key is missing #5422
🌅 feat(limit-count): support multiple variables as key #5378
🌅 feat(limit-conn): support multiple variables as key #5354
🌅 feat(proxy-rewrite): rewrite method #5292
🌅 feat(limit-req): support multiple variables as key #5302
🌅 feat(proxy-cache): support memory-based strategy #5028
🌅 feat(ext-plugin): avoid sending conf request more times #5183
🌅 feat: Add ldap-auth plugin #3894

2.10.5

This is an LTS maintenance release and you can see the CHANGELOG in release/2.10 branch.

https://github.com/apache/apisix/blob/release/2.10/CHANGELOG.md#2105

2.10.4

This is an LTS maintenance release and you can see the CHANGELOG in release/2.10 branch.

https://github.com/apache/apisix/blob/release/2.10/CHANGELOG.md#2104

2.10.3

This is an LTS maintenance release and you can see the CHANGELOG in release/2.10 branch.

https://github.com/apache/apisix/blob/release/2.10/CHANGELOG.md#2103

2.10.2

This is an LTS maintenance release and you can see the CHANGELOG in release/2.10 branch.

https://github.com/apache/apisix/blob/release/2.10/CHANGELOG.md#2102

2.10.1

This is an LTS maintenance release and you can see the CHANGELOG in release/2.10 branch.

https://github.com/apache/apisix/blob/release/2.10/CHANGELOG.md#2101

2.10.0

Change

change(debug): move 'enable_debug' form config.yaml to debug.yaml #5046
change: use a new name to customize lua_shared_dict in nginx.conf #5030
change: drop the support of shell script installation #4985

Core

🌅 feat(debug-mode): add dynamic debug mode #5012
🌅 feat: allow injecting logic to APISIX's method #5068
🌅 feat: allow configuring fallback SNI #5000
🌅 feat(stream_route): support CIDR in ip match #4980
🌅 feat: allow route to inherit hosts from service #4977
🌅 feat: support configurating the node listening address#4856

Plugin

🌅 feat(hmac-auth): Add validate request body for hmac auth plugin #5038
🌅 feat(proxy-mirror): support mirror requests sample_ratio #4965
🌅 feat(referer-restriction): add blacklist and message #4916
🌅 feat(kafka-logger): add cluster name support #4876
🌅 feat(kafka-logger): add required_acks option #4878
🌅 feat(uri-blocker): add case insensitive switch #4868

Bugfix

fix(radixtree_host_uri): correct matched host #5124
fix(radixtree_host_uri): correct matched path #5104
fix(nacos): distinguish services that has same name but in different groups or namespaces #5083
fix(nacos): continue to process other services when request failed #5112
fix(ssl): match sni in case-insensitive way #5074
fix(upstream): should not override default keepalive value #5054
fix(DNS): prefer SRV in service discovery #4992
fix(consul): retry connecting after a delay #4979
fix: avoid copying unwanted data when the domain's IP changed #4952
fix(plugin_config): recover plugin when plugin_config changed #4888

2.9.0

Change

change: rename plugin's balancer method to before_proxy #4697

Core

🌅 feat: increase timers limitation #4843
🌅 feat: make A/B test APISIX easier by removing "additionalProperties = false" #4797
🌅 feat: support dash in args (#4519) #4676
🌅 feat(admin): reject invalid proto #4750

Plugin

🌅 feat(ext-plugin): support ExtraInfo #4835
🌅 feat(gzip): support special * to match any type #4817
🌅 feat(real-ip): implement the first version #4813
🌅 feat(limit-*): add custom reject-message for traffic control #4808
🌅 feat: Request-ID plugin add snowflake algorithm #4559
🌅 feat: Added authz-casbin plugin and doc and tests for it #4710
🌅 feat: add error log skywalking reporter #4633
🌅 feat(ext-plugin): send the idempotent key when preparing conf #4736

Bugfix

fix: the issue that plugins in global rule may be cached to route #4867
fix(grpc-transcode): support converting nested message #4859
fix(authz-keycloak): set permissions as empty table when lazy_load_path is false #4845
fix(proxy-cache): keep cache_method same with nginx's proxy_cache_methods #4814
fix(admin): inject updatetime when the request is PATCH with sub path #4765
fix(admin): check username for updating consumer #4756
fix(error-log-logger): avoid sending stale error log #4690
fix(grpc-transcode): handle enum type #4706
fix: when a request caused a 500 error, the status was converted to 405 #4696

2.8.0

Change

change: enable stream proxy only by default #4580

Core

🌅 feat: allow user-defined balancer with metadata in node #4605
🌅 feat: Add option retry_timeout that like nginx's proxy_next_upstream_timeout #4574
🌅 feat: enable balancer phase for plugins #4549
🌅 feat: allow setting separate keepalive pool #4506
🌅 feat: enable etcd health-check #4191

Plugin

🌅 feat: add gzip plugin #4640
🌅 feat(plugin): Add new plugin ua-restriction for bot spider restriction #4587
🌅 feat(stream): add ip-restriction #4602
🌅 feat(stream): add limit-conn #4515
🌅 feat: increase ext-plugin timeout to 60s #4557
🌅 feat(key-auth): supporting key-auth plugin to get key from query string #4490
🌅 feat(kafka-logger): support for specified the log formats via admin API. #4483

Bugfix

fix(stream): sni router is broken when session reuses #4607
fix: the limit-conn plugin cannot effectively intercept requests in special scenarios #4585
fix: ref check while deleting proto via Admin API #4575
fix(skywalking): handle conflict between global rule and route #4589
fix: ctx.var.cookie_* cookie not found log #4564
fix(request-id): we can use different ids with the same request #4479

2.7.0

Change

change: check metadata_schema with check_schema like the other schema #4381
change(echo): remove odd auth_value #4055
fix(admin): correct the resources' count field and change its type to integer #4385

Core

🌅 feat(stream): support client certificate verification #4445
🌅 feat(stream): accept tls over tcp #4409
🌅 feat(stream): support domain in the upstream #4386
🌅 feat(cli): wrap nginx quit cmd #4360
🌅 feat: allow to set custom timeout for route #4340
🌅 feat: nacos discovery support group #4325
🌅 feat: nacos discovery support namespace #4313

Plugin

🌅 feat(client-control): set client_max_body_size dynamically #4423
🌅 feat(ext-plugin): stop the runner with SIGTERM #4367
🌅 feat(limit-req) support nodelay #4395
🌅 feat(mqtt-proxy): support domain #4391
🌅 feat(redirect): support appending query string #4298

Bugfix

fix: solve memory leak when the client aborts #4405
fix(etcd): check res.body.error before accessing the data #4371
fix(ext-plugin): when token is stale, refresh token and try again #4345
fix(ext-plugin): pass environment variables #4349
fix: ensure the plugin is always reloaded #4319

2.6.0

Change

change(prometheus): redesign the latency metrics & update grafana #3993
change(prometheus): don't expose metrics to internet #3994
change(limit-count): ensure redis cluster name is set correctly #3910
change: drop support of OpenResty 1.15 #3960

Core

🌅 feat: support passing different host headers in multiple nodes #4208
🌅 feat: add 50x html for error page #4164
🌅 feat: support to use upstream_id in stream_route #4121
🌅 feat: support client certificate verification #4034
🌅 feat: add nacos support #3820
🌅 feat: patch tcp.sock.connect to use our DNS resolver #4114

Plugin

🌅 feat(redirect): support uri encoding #4244
🌅 feat(key-auth): allow customizing header #4013
🌅 feat(response-rewrite): allow using variable in the header #4194
🌅 feat(ext-plugin): APISIX can support Java, Go and other languages to implement custom plugin #4183

Bugfix

fix(DNS): support IPv6 resolver #4242
fix(healthcheck): only one_loop is needed in the passive health check report #4116
fix(traffic-split): configure multiple "rules", the request will be confused between upstream #4092
fix: ensure upstream with domain is cached #4061
fix: be compatible with the router created before 2.5 #4056
fix(standalone): the conf should be available during start #4027
fix: ensure atomic operation in limit-count plugin #3991

2.5.0

The changes marked with ⚠️ are not backward compatible. Please upgrade your data accordingly before upgrading to this version. #3809 Means that empty vars will make the route fail to match any requests.

Change

⚠️ change: remove unused consumer.id #3868
⚠️ change: remove deprecated upstream.enable_websocket #3854
change(zipkin): rearrange the child span #3877

Core

🌅 feat: support mTLS with etcd #3905
⚠️ feat: upgrade lua-resty-expr/radixtree to support logical expression #3809
🌅 feat: load etcd configuration when apisix starts #3799
🌅 feat: let balancer support priority #3755
🌅 feat: add control api for discovery module #3742

Plugin

🌅 feat(skywalking): allow destroy and configure report interval for reporter #3925
🌅 feat(traffic-split): the upstream pass_host needs to support IP mode #3870
🌅 feat: Add filter on HTTP methods for consumer-restriction plugin #3691
🌅 feat: add allow_origins_by_regex to cors plugin #3839
🌅 feat: support conditional response rewrite #3577

Bugfix

fix(error-log-logger): the logger should be run in each process #3912
fix: use the builtin server by default #3907
fix(traffic-split): binding upstream via upstream_id is invalid #3842
fix: correct the validation for ssl_trusted_certificate #3832
fix: don't override cache relative headers #3789
fix: fail to run make deps on macOS #3718

2.4.0

Change

change: global rules should not be executed on the internal api by default #3396
change: default to cache DNS record according to the TTL #3530

Core

🌅 feat: support SRV record #3686
🌅 feat: add dns discovery #3629
🌅 feat: add consul kv discovery module #3615
🌅 feat: support to bind plugin config by plugin_config_id #3567
🌅 feat: support listen http2 with plaintext #3547
🌅 feat: support DNS AAAA record #3484

Plugin

🌅 feat: the traffic-split plugin supports upstream_id #3512
🌅 feat(zipkin): support b3 req header #3551

Bugfix

fix(chash): ensure retry can try every node #3651
fix: script does not work when the route is bound to a service #3678
fix: use openssl111 in openresty dir in precedence #3603
fix(zipkin): don't cache the per-req sample ratio #3522

For more changes, please refer to Milestone

2.3.0

Change

fix: use luajit by default when run apisix #3335
feat: use luasocket instead of curl in etcd.lua #2965

Core

🌅 feat: support to communicate with etcd by TLS without verification in command line #3415
🌅 feat: chaos test on route could still works when etcd is down #3404
🌅 feat: ewma use p2c to improve performance #3300
🌅 feat: support specifying https in upstream to talk with https backend #3430
🌅 feat: allow customizing lua_package_path & lua_package_cpath #3417
🌅 feat: allow to pass SNI in HTTPS proxy #3420
🌅 feat: support gRPCS #3411
🌅 feat: allow getting upstream health check status via control API #3345
🌅 feat: support dubbo #3224
🌅 feat: load balance by least connections #3304

Plugin

🌅 feat: kafka-logger implemented reuse kafka producer #3429
🌅 feat(authz-keycloak): dynamic scope and resource mapping. #3308
🌅 feat: proxy-rewrite host support host with port #3428
🌅 feat(fault-injection): support conditional fault injection using nginx variables #3363

Bugfix

fix(standalone): require consumer's id to be the same as username #3394
fix: support upstream_id & consumer with grpc #3387
fix: set conf info when global rule is hit without matched rule #3332
fix: avoid caching outdated discovery upstream nodes #3295
fix: create the health checker in access phase #3240
fix: make set_more_retries() work when upstream_type is chash #2676

For more changes, please refer to Milestone

2.2.0

Change

disable node-status plugin by default #2968
k8s_deployment_info is no longer allowed in upstream #3098
don't treat route segment with ':' as parameter by default #3154

Core

🌅 allow create consumers with multiple auth plugins #2898
🌅 increase the delay before resync etcd #2977
🌅 support enable/disable route #2943
🌅 route according to the graphql attributes #2964
🌅 share etcd auth token #2932
🌅 add control API #3048

Plugin

🌅 feat(limt-count): use 'remote_addr' as default key #2927
🌅 feat(fault-injection): support Nginx variable in abort.body #2986
🌅 feat: implement new plugin server-info #2926
🌅 feat: add batch process metrics #3070
🌅 feat: Implement traffic splitting plugin #2935
🌅 feat: the proxy-rewrite plugin support pass nginx variable within header #3144
🌅 feat: Make headers to add to request in openid-connect plugin configurable #2903
🌅 feat: support var in upstream_uri on proxy-rewrite plugin #3139

Bugfix

basic-auth plugin should run in rewrite phases. #2905
fixed the non effective config update in http/udp-logger #2901
always necessary to save the data of the limit concurrency, and release the statistical status in the log phase #2465
avoid duplicate auto-generated id #3003
fix: ctx being contaminated due to a new feature of openresty 1.19. For openresty 1.19 users, it is recommended to upgrade the APISIX version as soon as possible. #3105
fix: correct the validation of route.vars #3124

For more changes, please refer to Milestone

2.1.0

Core

🌅 support ENV variable in configuration. #2743
🌅 support TLS connection with etcd. #2548
generate create/update_time automatically. #2740
add a deprecate log for enable_websocket in upstream.#2691
add a deprecate log for consumer id.#2829
Added X-APISIX-Upstream-Status header to distinguish 5xx errors from upstream or APISIX itself. #2817
support Nginx configuration snippet. #2803

Plugin

🌅 Upgrade protocol to support Apache Skywalking 8.0#2389. So this version only supports skywalking 8.0 protocol. This plugin is disabled by default, you need to modify config.yaml to enable, which is not backward compatible.
🌅 add aliyun sls logging plugin.#2169
proxy-cache: the cache_zone field in the schema should be optional.#2776
fix: validate plugin configuration in the DP #2856

Bugfix

🐛 fix(etcd): handle etcd compaction.#2687
fix: move conf/cert to t/certs and disable ssl by default, which is not backward compatible. #2112
fix: check decrypt key to prevent lua thread aborted #2815

Not downward compatible features in future versions

-In the 2.3 release, the consumer will only support user names and discard the id. The consumer needs to manually clean up the id field in etcd, otherwise the schema verification will report an error during use -In the 2.3 release, opening websocket on upstream will no longer be supported -In version 3.0, the data plane and control plane will be separated into two independent ports, that is, the current port 9080 will only process data plane requests, and no longer process admin API requests

For more changes, please refer to Milestone

2.0.0

This is release candidate.

Core

🌅 Migrate from etcd v2 to v3 protocol, which is not backward compatible. Apache APISIX only supports etcd 3.4 and above versions. #2036
add labels for upstream object.#2279
add managed fields in json schema for resources, such as create_time and update_time.#2444
use interceptors to protect plugin's route#2416
support multiple ports for http and https listen.#2409
implement core.sleep.#2397

Plugin

🌅 add AK/SK(HMAC) auth plugin.#2192
🌅 add referer-restriction plugin.#2352
limit-count support to use redis cluster.#2406
feat(proxy-cache): store the temporary file under cache directory. #2317
feat(http-logger): support for specified the log formats via admin API #2309

Bugfix

🐛 high priority When the data plane receives an instruction to delete a resource(router or upstream etc.), it does not properly clean up the cache, resulting in the existing resources cannot be found. This problem only occurs in the case of long and frequent deletion operations.#2168
fix routing priority does not take effect.#2447
set random seed for each worker process at init_worker phase, only init phase is not enough.#2357
remove unsupported algorithm in jwt plugin.#2356
return correct response code when http_to_https enabled in redirect plugin.#2311

For more changes, please refer to Milestone

CVE

Fixed Admin API default access token vulnerability

1.5.0

Core

Admin API: support authentication with SSL certificates. 1747
Admin API: support both standard PATCH and sub path PATCH. 1930
HealthCheck: supports custom host port. 1914
Upstream: supports turning off the default retry mechanism. 1919
URI: supports delete the '/' at the end of the URI. 1766

New Plugin

🌅 Request Validator 1709

Improvements

change: nginx worker_shutdown_timeout is changed from 3s to recommended value 240s. 1883
change: the healthcheck timeout time type changed from integer to number. 1892
change: the request-validation plugin input parameter supports Schema validation. 1920
change: add comments for Makefile install command. 1912
change: update comment for config.yaml etcd.timeout configuration. 1929
change: add more prometheus metrics. 1888
change: add more configuration options for cors plugin. 1963

Bugfix

fixed: failed to get host in health check configuration. 1871
fixed: should not save the runtime data of plugin into etcd. 1910
fixed: run apisix start several times will start multi nginx processes. 1913
fixed: read the request body from the temporary file if it was cached. 1863
fixed: batch processor name and error return type. 1927
fixed: failed to read redis.ttl in limit-count plugin. 1928
fixed: passive health check seems never provide a healthy report. 1918
fixed: avoid to modify the original plugin conf. 1958
fixed: the test case of invalid-upstream is unstable and sometimes fails to run. 1925

Doc

doc: added APISIX Lua Coding Style Guide. 1874
doc: fixed link syntax in README.md. 1894
doc: fixed image links in zh-cn benchmark. 1896
doc: fixed typos in FAQ、admin-api、architecture-design、discovery、prometheus、proxy-rewrite、redirect、http-logger documents. 1916
doc: added improvements for OSx unit tests and request validation plugin. 1926
doc: fixed typos in architecture-design document. 1938
doc: added the default import path of Nginx for unit testing in Linux and macOS systems in the how-to-build document. 1936
doc: add request-validation plugin chinese document. 1932
doc: fixed file path of gRPC transcoding in README. 1945
doc: fixed uri-blocker plugin path error in README. 1950
doc: fixed grpc-transcode plugin path error in README. 1946
doc: removed unnecessary configurations for k8s document. 1891

1.4.1

Bugfix

Fix: multiple SSL certificates are configured, but only one certificate working fine. 1818

1.4.0

Core

Admin API: Support unique names for routes 1655
Optimization of log buffer size and flush time 1570

New plugins

🌅 Apache Skywalking plugin 1241
🌅 Keycloak Identity Server Plugin 1701
🌅 Echo Plugin 1632
🌅 Consume Restriction Plugin 1437

Improvements

Batch Request : Copy all headers to every request 1697
SSL private key encryption 1678
Improvement of docs for multiple plugins

1.3.0

The 1.3 version is mainly for security update.

Security

reject invalid header#1462 and uri safe encode#1461
only allow 127.0.0.1 access admin API and dashboard by default. #1458

Plugin

🌅 add batch request plugin. #1388
implemented plugin sys logger. #1414

1.2.0

The 1.2 version brings many new features, including core and plugins.

Core

🌅 support etcd cluster. #1283
using the local DNS resolver by default, which is friendly for k8s. #1387
support to run header_filter, body_filter and log phases for global rules. #1364
changed the lua/apisix dir to apisix(not backward compatible). #1351
add dashboard as submodule. #1360
allow adding custom shared dict. #1367

Plugin

🌅 add Apache Kafka plugin. #1312
🌅 add CORS plugin. #1327
🌅 add TCP logger plugin. #1221
🌅 add UDP logger plugin. 1070
🌅 add proxy mirror plugin. #1288
🌅 add proxy cache plugin. #1153
drop websocket enable control in proxy-rewrite plugin(not backward compatible). 1332
Adding support to public key based introspection for OAuth plugin. #1266
response-rewrite plugin support binary data to client by base64. #1381
plugin grpc-transcode supports grpc deadline. #1149
support password auth for limit-count-redis. #1150
Zipkin plugin add service name and report local server IP. #1386
add change_pwd and user_info for Wolf-Rbac plugin. #1204

Admin API

🌅 support key-based authentication for Admin API(not backward compatible). #1169
hide SSL private key in admin API. #1240

Bugfix

missing clear table before to reuse table (will cause memory leak). #1134
print warning error message if the yaml route file is invalid. #1141
the balancer IP may be nil, use an empty string instead. #1166
plugin node-status and heartbeat don't have schema. #1249
the plugin basic-auth needs required field. #1251
check the count of upstream valid node. #1292

1.1.0

This release is mainly to strengthen the stability of the code and add more documentation.

Core

always specify perl include path when running test cases. #1097
Feature: Add support for PROXY Protocol. #1113
enhancement: add verify command to verify apisix configuration(nginx.conf). #1112
feature: increase the default size of the core file. #1105
feature: make the number of file is as configurable as the connections. #1098
core: improve the core.log module. #1093
Modify bin/apisix to support the SO_REUSEPORT. #1085

Doc

doc: add link to download grafana meta data. #1119
doc: Update README.md. #1118
doc: doc: add wolf-rbac plugin. #1116
doc: update the download link of rpm. #1108
doc: add more english article. #1092
Adding contribution guidelines for the documentation. #1086
doc: getting-started.md check. #1084
Added additional information and refactoring sentences. #1078
Update admin-api-cn.md. #1067
Update architecture-design-cn.md. #1065

CI

ci: remove patch which is no longer necessary and removed in the upst. #1090
fix path error when install with luarocks. #1068
travis: run a apisix instance which intalled by luarocks. #1063

Plugins

feature: Add wolf rbac plugin. #1095
Adding UDP logger plugin. #1070
enhancement: using internal request instead of external request in node-status plugin. #1109

1.0.0

This release is mainly to strengthen the stability of the code and add more documentation.

Core

🌅 Support routing priority. You can match different upstream services based on conditions such as header, args, priority, etc. under the same URI. #998
When no route is matched, an error message is returned. To distinguish it from other 404 requests. #1013
The address of the dashboard /apisix/admin supports CORS. #982
The jsonschema validator returns a clearer error message. #1011
Upgrade the ngx_var module to version 0.5. #1005
Upgrade the lua-resty-etcd module to version 0.8. #980
In development mode, the number of workers is automatically adjusted to 1. #926
Remove the nginx.conf file from the code repository. It is automatically generated every time and cannot be modified manually. #974

Doc

Added documentation on how to customize development plugins. #909
fixed example's bugs in the serverless plugin documentation. #1006
Added documentation for using the Oauth plugin. #987
Added dashboard compiled documentation. #985
Added documentation on how to perform a/b testing. #957
Added documentation on how to enable the MQTT plugin. #916

Test case

Add test cases for key-auth plugin under normal circumstances. #964
Added tests for gRPC transcode pb options. #920

0.9.0

This release brings many new features, such as support for running APISIX with Tengine, an advanced debugging mode that is more developer friendly, and a new URI redirection plugin.

Core

🌅 Supported to run APISIX with tengine. #683
🌅 Enabled HTTP2 and supported to set ssl_protocols. #663
🌅 Advanced Debug Mode, Target module function's input arguments or returned value would be printed once this option is enabled. #614
Support to install APISIX without dashboard. #686
Removed router R3 #725

Plugins

Redirect URI: Redirect URI plugin. #732
Proxy Rewrite: Supported remove header feature. #658
Limit Count: Supported global limit count with Redis Server.#624

lua-resty-*

lua-resty-radixtree
- Support for host + uri as an index.
lua-resty-jsonschema
- This extension is a JSON data validator that replaces the existing lua-rapidjson extension.

Bugfix

key-auth plugin cannot run accurately in the case of multiple consumers. #826
Exported schema for plugin serverless. #787
Discard args of uri when using proxy-write plugin #642
Zipkin plugin not set tracing data to request header. #715
Skipped check cjson for luajit environment in apisix CLI. #652
Skipped to init etcd if use local file as config center. #737
Support more built-in parameters when set chash balancer. #775

Dependencies

Replace the lua-rapidjson module with lua-resty-jsonschema global, lua-resty-jsonschema is faster and easier to compile.

0.8.0

Released on 2019/09/30

This release brings many new features, such as stream proxy, support MQTT protocol proxy, and support for ARM platform, and proxy rewrite plugin.

Core

🌅 support standalone mode: using yaml to update configurations of APISIX, more friendly to kubernetes. #464
🌅 support stream proxy. #513
🌅 support consumer bind plugins. #544
support domain name in upstream, not only IP. #522
ignored upstream node when it's weight is 0. #536

Plugins

🌅 MQTT Proxy: support to load balance MQTT by client_id, both support MQTT 3.1 and 5.0. #513
proxy-rewrite: rewrite uri, schema, host for upstream. #594

ARM

🌅 APISIX can run normally under Ubuntu 18.04 of ARM64 architecture, so you can use APISIX as IoT gateway with MQTT plugin.

lua-resty-*

lua-resty-ipmatcher
- support IPv6
- IP white/black list, route.
lua-resty-radixtree
- allow to specify multiple host, remote_addr and uri.
- allow to define user-function to filter request.
- use lua-resty-ipmatcher instead of lua-resty-iputils, lua-resty-ipmatcher matches fast and support IPv6.

Bugfix

healthcheck: the checker name is wrong if APISIX works under multiple processes. #568

Dependencies

removed lua-tinyyaml from source code base, and install through Luarocks.

0.7.0

Released on 2019/09/06

This release brings many new features, such as IP black and white list, gPRC protocol transcoding, IPv6, IdP (identity provider) services, serverless, Change the default route to radix tree (not downward compatible), and more.

Core

🌅 gRPC transcoding: supports protocol transcoding so that clients can access your gRPC API by using HTTP/JSON. #395
🌅 radix tree router: The radix tree is used as the default router implementation. It supports the uri, host, cookie, request header, request parameters, Nginx built-in variables, etc. as the routing conditions, and supports common operators such as equal, greater than, less than, etc., more powerful and flexible.IMPORTANT: This change is not downward compatible. All users who use historical versions need to manually modify their routing to work properly. #414
Dynamic upstream supports more parameters, you can specify the upstream uri and host, and whether to enable websocket. #451
Support for get values from cookies directly from ctx.var. #449
Routing support IPv6. #331

Plugins

🌅 serverless: With serverless support, users can dynamically run any Lua function on a gateway node. Users can also use this feature as a lightweight plugin.#86
🌅 support IdP: Support external authentication services, such as Auth0, okta, etc., users can use this to connect to Oauth2.0 and other authentication methods. #447
rate limit: Support for more restricted keys, such as X-Forwarded-For and X-Real-IP, and allows users to use Nginx variables, request headers, and request parameters as keys. #228
IP black and white list Support IP black and white list for security. #398

CLI

Add the version directive to get the version number of APISIX. #420

Admin

The PATCH API is supported and can be modified individually for a configuration without submitting the entire configuration. #365

Dashboard

🌅 Add the online version of the dashboard，users can experience APISIX without install. #374

Back to TOC

0.6.0

Released on 2019/08/05

This release brings many new features such as health check and circuit breaker, debug mode, opentracing and JWT auth. And add built-in dashboard.

Core

🌅 Health Check and Circuit Breaker: Enable health check on the upstream node, and will automatically filter unhealthy nodes during load balancing to ensure system stability. #249
Anti-ReDoS(Regular expression Denial of Service). #252
supported debug mode. #319
allowed to use different router. #364
supported to match route by host + uri. #325
allowed plugins to handler balance phase. #299
added desc for upstream and service in schema. #289

Plugins

🌅 OpenTracing: support Zipkin and Apache SkyWalking. #304
JWT auth. #303

CLI

support multiple ips of allow. #340
supported real_ip configure in nginx.conf and added functions to get ip and remote ip. #236

Dashboard

🌅 add built-in dashboard. #327

Test

support OSX in Travis CI. #217
installed all of the dependencies to deps folder. #248

Back to TOC

FilesExpand file tree

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Table of Contents

3.16.0

Change

Core

Plugins

Bugfixes

3.15.0

Change

Core

Plugins

Bugfixes

3.14.1

Bugfixes

Core

Doc improvements

3.14.0

Change

Bugfixes

Core

Plugins

Doc improvements

3.13.0

Change

Bugfixes

Core

Plugins

Doc improvements

Developer productivity

3.12.0

Change

Bugfixes

Core

Plugins

3.11.0

Change

Plugins

Bugfixes

Core

3.10.0

Change

Plugins

Bugfixes

Core

3.9.0

Change

Core

Plugins

Bug Fixes

3.8.0

Core

Plugins

Bugfixes

3.7.0

Change

Core

Plugins

Bugfixes

3.6.0

Change

Core

Plugins

Bugfixes

3.5.0

Change

Core

Plugins

Bugfixes

3.4.0

Core

Plugins

Bugfixes

3.3.0

Change

Core