Dnevnik promjena

Objavljeno 23. lipnja 2026.

• +Premješta inherited global/vhost compression policy into the native HTTP/1 proxy profil profil and route proxy profil profil
• +Merges root/vhost/route header-policy inheritance into native route proxy profil profil construction
• +Premješta safe forwarded-client-IP ownership, trusted-chain append, regex rewrites, ACL, concurrency i rate limits na native path
• +Dodaje native ACME HTTP-01 challenge serving, traffic mirroring, auth-request, and route-scoped gRPC validation

Objavljeno 21. lipnja 2026.

• +Premješta route-level native response compression onto the HTTP/1 route proxy profil profil through fluxheim-compression
• +Premješta proxy profil profil.error_pages onto native HTTP/1 proxy profil profil fallback stranice podržane kroz fluxheim-web

Objavljeno 21. lipnja 2026.

• +Dodaje native HTTP/1 route static-web serving backed by fluxheim-web
• +Dodaje route request-header mutation, response rewrites, static upstream round-robin, and static upstream weights to the native route proxy profil profil

Objavljeno 21. lipnja 2026.

• +Dodaje native route redirect actions with safe {uri}, {path}, and {query} expansion
• +Premješta route body limits and response-header overlays onto native HTTP/1 route proxy profil profil responses

Objavljeno 21. lipnja 2026.

• +Dodaje native HTTP/1 route-proxy profil profil execution for exact, prefix, and fallback routes with method filters and safe rewrite handling
• +Dodaje native-http1-proxy profil profil-candidate redove u runtime cutover evidence kako bi preostali compatibility blockers bili eksplicitni

Objavljeno 20. lipnja 2026.

• +Promiče native HTTP/2 downstream safety preview u cutover-ready nakon fokusiranih parity test
• +Čini representative native runtime cutover report blocker-free za jednostavne HTTP/1, HTTP/2, admin, metrics, stream i UDP konfiguracije

Objavljeno 20. lipnja 2026.

• +Cuts stream and UDP proxy profil profil service startup over to Fluxheim-owned native task boundaries
• +Dodaje cancellation-safe native shutdown waiting and abort-on-cancel background task joins

Objavljeno 20. lipnja 2026.

• +Starts native admin and metrics serving behind Fluxheim-owned server primitives
• +Hardens native background handles tako da dropped critical handles abort umjesto tihog detach task

Objavljeno 20. lipnja 2026.

• +Dodaje NativeBackgroundSupervisor za Fluxheim-owned background task orchestration
• +Dodaje critical task watchdog support and hardens shutdown delivery edge cases

Objavljeno 20. lipnja 2026.

• +Dodaje native runtime cutover evidence gates and fluxheim-config-tester alat alat --runtime-cutover
• +Premješta remaining Pingora exception targets to a documented multi-release exit plan while keeping policy gates active

Objavljeno 19. lipnja 2026.

• +Dodaje eksplicitni pingora-compat feature gating za preostali compatibility runtime boundary
• +Premješta rustls/OpenSSL downstream TLS SNI, certificate storage, reload, PEM parsing, and native HTTP/1 TLS listener previews into Fluxheim-owned code

Objavljeno 19. lipnja 2026.

• +Nastavlja Pingora-exit slice smanjujući preostali root compatibility surface za proxy profil profil, cache profil profil i runtime paths
• +Dijeli native health checks u HTTP/gRPC, database, exec i TCP/TLS transport helper modules sa strožim probe bounds

Objavljeno 19. lipnja 2026.

• +Uklanja izravnu Pingora dependency iz fluxheim-load-balancer profil profil
• +Dodaje Fluxheim-owned bounded HTTP/1.1 i h2 gRPC active health checks s policy coverage za sprječavanje povratka Pingora

Objavljeno 19. lipnja 2026.

• +Dodaje native HTTP/1.1 proxy profil profil cutover readiness planning na ServerPlan
• +Fails closed za compatibility-only proxy profil profil features kao auth subrequests, mirroring, redirects, strip/rewrite transforms i advanced load-balancer profil profil policy

Objavljeno 18. lipnja 2026.

• +Dodaje Fluxheim-owned native HTTP/2 upstream client primitive s bounded headers, bodies, trailers i deadlines
• +Dodaje h2 client/server test za trailer preservation, oversized responses, stream resets i flow-control timeout behavior

Objavljeno 18. lipnja 2026.

• +Dodaje native rustls/OpenSSL upstream TLS i mTLS podršku u staged HTTP/1.1 proxy profil profil path
• +Dodaje ordered static upstream failover za safe methods plus bounded no-follow TLS material reads i hostname-policy coverage

Objavljeno 18. lipnja 2026.

• +Dodaje bounded native HTTP/1.1 upstream connection pooling za sigurne content-length i no-body origin responses
• +Dodaje keepalive pool sizing, upstream idle timeout handling, conservative no-reuse guards i real socket reuse/expiry tests

Objavljeno 18. lipnja 2026.

• +Dodaje reusable native HTTP/2 connection primitives s bounded request-body collection i response trailer support
• +Hardens HTTP/2 response lifetime, handler timeout, DATA capacity handling, prohibited headers/trailers i request-body zeroization

Objavljeno 17. lipnja 2026.

• +Dodaje native HTTP/2 runtime preview gate i h2 stack probe s bounded headers, URI, body, streams, frames, buffers i rapid reset policy
• +Dodaje HTTP/2 preview smoke coverage i proširuje native HTTP/1 behavior coverage za HTTP/1.0 keep-alive/close semantics

Objavljeno 17. lipnja 2026.

• +Dodaje bounded native HTTP/1 upstream client i staged native proxy profil profil handler za plain static upstream
• +Dodaje native proxy profil profil candidate inventory, Fluxheim-owned proxy profil profil headers, privacy-mode behavior i fail-closed eligibility za unsupported policy layers

Objavljeno 17. lipnja 2026.

• +Dodaje native HTTP/1 connection/listener runtime preko Tokio IO i staged native static-file adapter
• +Mapira server limits u native HTTP/1 policy i dodaje socket tests za keep-alive, body framing, shutdown, static files, slow clients i connection caps

Objavljeno 17. lipnja 2026.

• +Dodaje Fluxheim-owned HTTP/1.0/HTTP/1.1 request-head parsing, request-body framing classification, Host validation, persistence handling i chunked decoding
• +Dodaje downstream HTTP/1 policy defaults i hardened native parser boundaries za budući runtime cutover work

Objavljeno 16. lipnja 2026.

• +Premješta server bootstrap planning, listener inventory, service intent, background-task intent, HTTP/2 policy, PROXY protocol policy, and private Unix socket planning into fluxheim-server
• +Drži trenutni runtime kao eksplicitni compatibility adapter dok se nastavlja native server/listener work

Objavljeno 16. lipnja 2026.

• +Dodaje fluxheim-tls kao downstream TLS listener planning i provider-policy boundary
• +Premješta TLS listener plans, SNI selection, wildcard matching, ALPN/cipher/curve policy, and rustls/OpenSSL provider checks into the TLS crate
• +Hardens TLS feature gates, SNI fallback behavior, PROXY v2 signature validation i trusted PROXY CIDR validation

Objavljeno 16. lipnja 2026.

• +Dodaje prvi namjenski fluxheim-headers boundary za header policy helpers
• +Premješta rewrite algorithms, forwarded-header handling, hop-by-hop request policy i repeated-header joining u Fluxheim-owned header code
• +Premješta stream PROXY protocol byte parsers u fluxheim-protocol and tightens privacy/proxy profil profil CIDR validation

Objavljeno 15. lipnja 2026.

• +Premješta shared background task lifecycle primitives u fluxheim-runtime
• +Premješta OTLP metrics export, ACME certificate reload control, admin snapshot validation state, and rollback decisions into Fluxheim-owned runtime/snapshot code
• +Hardens local certificate reload control socket i private backend filtering

Objavljeno 15. lipnja 2026.

• +Dodaje fluxheim-stream as the internal TCP stream proxy profil profil runtime boundary
• +Premješta stream upstream selection, PROXY protocol parsing/writing, source policy, DNS-rebinding guards, byte accounting i timeout handling iza Fluxheim-owned stream code

Objavljeno 14. lipnja 2026.

• +Premješta cache profil profil key identity, object envelopes, disk index management, storage-bin helpers, tag handling, and cache profil profil storage interfaces into fluxheim-cache profil profil
• +Dodaje test i release gates koji enforced Pingora dependency removal targets tijekom normalnog cargo test izvođenja

Objavljeno 14. lipnja 2026.

• +Pokreće prvo konkretno 1.6.x implementation release nakon foundation tag
• +Uklanja pingora-load-balancing/pingora-ketama from puni and load-balancer profil profil image profiles, restores 1.6 load-balancer profil profil image builds, and moves TCP health checks plus request-key extraction behind Fluxheim-owned boundaries

Objavljeno 14. lipnja 2026.

• +Pokrenuta 1.6.x Pingora-exit foundation linija uz nepromijenjen runtime behavior
• +Dodana modularity policy validation, legacy oversized-file exceptions, runtime baseline capture i performance evidence capture
• +Dodane release-gated Pingora dependency exceptions, runtime parity fixtures i extraction dependency graph
• +Dodano početno fluxheim-runtime and fluxheim-server boundary crates uz tipizirane policy proof primitive

lipanj 2026.

• +Introduced the enterprise HTTP/TCP load-balancer profil profil line with focused binaries, images, runtime member and weight controls, persistence, health checks, queueing, and migration docs
• +Expanded Fluxheim-owned runtime boundaries across HTTP, stream proxy profil profiling, load balancing, background tasks, cache profil profil interfaces, observability, config, and shared crates
• +Dodani managed affinity cookies, service discovery, active i protocol-aware health checks, restart-persistent state i runtime backend mutation controls
• +Added UDP beta guardrails, cache profil profil origin-protection budgets, ARM/Linux and macOS developer assets, config tester archives, and broad proxy profil profil/cache profil profil/PHP-FPM security hardening

Objavljeno 25. svibnja 2026.

• +Production proxy profil profil parity release with trusted-proxy profil profil-aware ACLs, local rate limits, concurrency limits, bounded queues, and edge policy metrics
• +gzip, Zstandard, and Brotli response compression with vhost/route overrides and cache profil profil-safe Vary handling
• +Load-balancer resilience, TLS/protocol parity, PROXY protocol v1/v2, upstream mTLS, HTTP/2 controls i gRPC pass-through

Objavljeno 23. svibnja 2026.

• +Managed php profil profil-fpm process supervision under the existing php profil profil-fpm feature, while external php profil profil-fpm remains the default
• +Respawn watchdog, bounded backoff, SIGTERM-before-SIGKILL teardown, sanitized environment i private generated pool state
• +Auditabilno [vhosts.php profil profil.fpm] mode = "managed" config surface za private sockets, worker counts, process manager modes, slowlog, temp paths i pool files
• +Proširen WordPress PHP-FPM smoke coverage preko external, managed-static, managed-dynamic, managed-ondemand i managed-respawn modes
• +Recommended Wolfi PHP image now installs php profil profil-8.5-fpm and uses managed php profil profil-fpm container config by default

Objavljeno 23. svibnja 2026.

• +FIPS/ISO-required configs fail closed for unsupported internal cryptography, managed ACME, and local cache profil profil encryption
• +Provider-backed admin auth, numeric-local-loopback OTLP exception, and OpenBao Transit cache profil profil encryption evidence boundary
• +New compliance evidence template and release evidence package sections for regulated reviews

Objavljeno 22. svibnja 2026.

• +rustls/AWS-LC FIPS-capable candidate backend kroz tls-rustls-fips
• +FIPS i ISO/IEC 19790 rustls profile aliases, config examples, diagnostics i validation script

Objavljeno 21. svibnja 2026.

• +OpenSSL FIPS/ISO-capable TLS validation kroz tls-openssl-fips i provider diagnostics
• +FIPS deployment guide, config fixtures, validation script, release evidence i OWASP Top 10 2025 baseline

Objavljeno 20. svibnja 2026.

• +PHP-FPM keepalive pooling, upstream retry/failover i request body disk spooling za sigurniji rad pod opterećenjem
• +WordPress routing/cache profil profil preset plus PHP application recipes for common framework and forum deployments
• +PHP metrics i OpenTelemetry attributes, X-Accel-Redirect, X-Sendfile i X-Accel-Expires support

Objavljeno 18. svibnja 2026.

• +fluxheim-acme standalone companion binary za certificate renewal, status i ACME reload socket signalling
• +fluxheim-config-tester alat alat standalone binary za config validation u CI i container entrypoint bez pokretanja gateway
• +ACME reload Unix socket — live certificate pickup bez gateway restart
• +Novi profile-php profil profil build profile — proxy profil profil + web + php profil profil-fpm + tls-rustls + security
• +Security hardening improvements across the request pipeline

Objavljeno 16. svibnja 2026.

• +Opt-in PHP-FPM FastCGI bridge for WordPress-style front-controller applications
• +Strict script resolution i bounded FastCGI request/response handling
• +Browser-validated WordPress proxy profil profil/PHP cookie compatibility fixes
• +PHP-FPM može posluživati static assets iz istog root dok route PHP prema FPM
• +New php profil profil-fpm Cargo feature (implicira proxy profil profil and web)

Objavljeno 14. svibnja 2026.

• +Shared ingress/TLS feature-graph split — focused cache profil profil and proxy profil profil profiles are now TLS/ACME-capable
• +New profile-cache profil profil-edge — cache profil profil without static web module
• +New profile-proxy profil profil-edge — focused reverse proxy profil profil edge
• +Official focused container images for cache profil profil and proxy profil profil profiles

May 2026

2026

• + TLS policy profili
• + Multi-certificate rustls SNI
• + Managed ACME certificate issuance i renewal
• + EAB-capable issuers (Actalis i drugi)
• + File-backed TLS secret
• + acme-init guided issuer bootstrap alat
• + Paketirani certificate renewal systemd units

2026

• + Virtual host routing po Host header s default-vhost fallback
• + Route-level static, proxy profil profil, and redirect actions
• + Static file serving with MIME detection, ETag, conditional 304, byte ranges
• + Whole-vhost and route-level reverse proxy profil profiling
• + rustls TLS with SNI, static/bought certificate support
• + Siguran ACME HTTP-01 challenge forwarding
• + Admin control-plane with bearer-token auth and brute-force throttling
• + Secure request/response header policy pravila pravila
• + Optional HTTP → HTTPS redirect with safe Host validation
• + Systemd unit i RPM packaging
• + Rootless Podman container images