Keitimų žurnalas

Paskelbta 2026 m. birželio 23 d.

• +Perkelia inherited global/vhost compression policy into the native HTTP/1 proxy profile profile and route proxy profile profile
• +Merges root/vhost/route header-policy inheritance into native route proxy profile profile construction
• +Perkelia safe forwarded-client-IP ownership, trusted-chain append, regex rewrites, ACL, concurrency ir rate limits į native path
• +Prideda native ACME HTTP-01 challenge serving, traffic mirroring, auth-request, and route-scoped gRPC validation

Paskelbta 2026 m. birželio 21 d.

• +Perkelia route-level native response compression onto the HTTP/1 route proxy profile profile through fluxheim-compression
• +Perkelia proxy profile profile.error_pages onto native HTTP/1 proxy profile profile fallback puslapiai paremti fluxheim-web

Paskelbta 2026 m. birželio 21 d.

• +Prideda native HTTP/1 route static-web serving backed by fluxheim-web
• +Prideda route request-header mutation, response rewrites, static upstream round-robin, and static upstream weights to the native route proxy profile profile

Paskelbta 2026 m. birželio 21 d.

• +Prideda native route redirect actions with safe {uri}, {path}, and {query} expansion
• +Perkelia route body limits and response-header overlays onto native HTTP/1 route proxy profile profile responses

Paskelbta 2026 m. birželio 21 d.

• +Prideda native HTTP/1 route-proxy profile profile execution for exact, prefix, and fallback routes with method filters and safe rewrite handling
• +Prideda native-http1-proxy profile profile-candidate eilutes į runtime cutover evidence, kad likę compatibility blockers būtų aiškūs

Paskelbta 2026 m. birželio 20 d.

• +Pakelia native HTTP/2 downstream safety preview į cutover-ready po tikslinių parity test
• +Padaro representative native runtime cutover report blocker-free paprastoms HTTP/1, HTTP/2, admin, metrics, stream ir UDP konfiguracijoms

Paskelbta 2026 m. birželio 20 d.

• +Cuts stream and UDP proxy profile profile service startup over to Fluxheim-owned native task boundaries
• +Prideda cancellation-safe native shutdown waiting and abort-on-cancel background task joins

Paskelbta 2026 m. birželio 20 d.

• +Starts native admin and metrics serving behind Fluxheim-owned server primitives
• +Hardens native background handles, kad dropped critical handles abortintų vietoj silent task detach

Paskelbta 2026 m. birželio 20 d.

• +Prideda NativeBackgroundSupervisor Fluxheim-owned background task orchestration
• +Prideda critical task watchdog support and hardens shutdown delivery edge cases

Paskelbta 2026 m. birželio 20 d.

• +Prideda native runtime cutover evidence gates and fluxheim-config-tester įrankis įrankis --runtime-cutover
• +Perkelia remaining Pingora exception targets to a documented multi-release exit plan while keeping policy gates active

Paskelbta 2026 m. birželio 19 d.

• +Prideda aiškų pingora-compat feature gating likusiam compatibility runtime boundary
• +Perkelia rustls/OpenSSL downstream TLS SNI, certificate storage, reload, PEM parsing, and native HTTP/1 TLS listener previews into Fluxheim-owned code

Paskelbta 2026 m. birželio 19 d.

• +Tęsia Pingora-exit slice mažindamas likusį root compatibility surface proxy profile profile, cache profile profile ir runtime paths
• +Padalija native health checks į HTTP/gRPC, database, exec ir TCP/TLS transport helper modules su griežtesniais probe bounds

Paskelbta 2026 m. birželio 19 d.

• +Pašalina tiesioginę Pingora dependency iš fluxheim-load-balancer profile profile
• +Prideda Fluxheim-owned bounded HTTP/1.1 ir h2 gRPC active health checks su policy coverage, kad Pingora negrįžtų

Paskelbta 2026 m. birželio 19 d.

• +Prideda native HTTP/1.1 proxy profile profile cutover readiness planning ServerPlan
• +Fails closed compatibility-only proxy profile profile features kaip auth subrequests, mirroring, redirects, strip/rewrite transforms ir advanced load-balancer profile profile policy

Paskelbta 2026 m. birželio 18 d.

• +Prideda Fluxheim-owned native HTTP/2 upstream client primitive su bounded headers, bodies, trailers ir deadlines
• +Prideda h2 client/server test trailer preservation, oversized responses, stream resets ir flow-control timeout behavior

Paskelbta 2026 m. birželio 18 d.

• +Prideda native rustls/OpenSSL upstream TLS ir mTLS palaikymą staged HTTP/1.1 proxy profile profile path
• +Prideda ordered static upstream failover safe methods bei bounded no-follow TLS material reads ir hostname-policy coverage

Paskelbta 2026 m. birželio 18 d.

• +Prideda bounded native HTTP/1.1 upstream connection pooling saugiems content-length ir no-body origin responses
• +Prideda keepalive pool sizing, upstream idle timeout handling, conservative no-reuse guards ir real socket reuse/expiry tests

Paskelbta 2026 m. birželio 18 d.

• +Prideda reusable native HTTP/2 connection primitives su bounded request-body collection ir response trailer support
• +Hardens HTTP/2 response lifetime, handler timeout, DATA capacity handling, prohibited headers/trailers ir request-body zeroization

Paskelbta 2026 m. birželio 17 d.

• +Prideda native HTTP/2 runtime preview gate ir h2 stack probe su bounded headers, URI, body, streams, frames, buffers ir rapid reset policy
• +Prideda HTTP/2 preview smoke coverage ir išplečia native HTTP/1 behavior coverage HTTP/1.0 keep-alive/close semantics

Paskelbta 2026 m. birželio 17 d.

• +Prideda bounded native HTTP/1 upstream client ir staged native proxy profile profile handler plain static upstream
• +Prideda native proxy profile profile candidate inventory, Fluxheim-owned proxy profile profile headers, privacy-mode behavior ir fail-closed eligibility unsupported policy layers

Paskelbta 2026 m. birželio 17 d.

• +Prideda native HTTP/1 connection/listener runtime virš Tokio IO ir staged native static-file adapter
• +Mapina server limits į native HTTP/1 policy ir prideda socket tests keep-alive, body framing, shutdown, static files, slow clients ir connection caps

Paskelbta 2026 m. birželio 17 d.

• +Prideda Fluxheim-owned HTTP/1.0/HTTP/1.1 request-head parsing, request-body framing classification, Host validation, persistence handling ir chunked decoding
• +Prideda downstream HTTP/1 policy defaults ir hardened native parser boundaries būsimam runtime cutover work

Paskelbta 2026 m. birželio 16 d.

• +Perkelia server bootstrap planning, listener inventory, service intent, background-task intent, HTTP/2 policy, PROXY protocol policy, and private Unix socket planning into fluxheim-server
• +Laiko dabartinį runtime kaip aiškų compatibility adapter, kol tęsiasi native server/listener work

Paskelbta 2026 m. birželio 16 d.

• +Prideda fluxheim-tls kaip downstream TLS listener planning ir provider-policy boundary
• +Perkelia TLS listener plans, SNI selection, wildcard matching, ALPN/cipher/curve policy, and rustls/OpenSSL provider checks into the TLS crate
• +Hardens TLS feature gates, SNI fallback behavior, PROXY v2 signature validation ir trusted PROXY CIDR validation

Paskelbta 2026 m. birželio 16 d.

• +Prideda pirmą dedikuotą fluxheim-headers boundary header policy helpers
• +Perkelia rewrite algorithms, forwarded-header handling, hop-by-hop request policy ir repeated-header joining į Fluxheim-owned header code
• +Perkelia stream PROXY protocol byte parsers į fluxheim-protocol and tightens privacy/proxy profile profile CIDR validation

Paskelbta 2026 m. birželio 15 d.

• +Perkelia shared background task lifecycle primitives į fluxheim-runtime
• +Perkelia OTLP metrics export, ACME certificate reload control, admin snapshot validation state, and rollback decisions into Fluxheim-owned runtime/snapshot code
• +Hardens local certificate reload control socket ir private backend filtering

Paskelbta 2026 m. birželio 15 d.

• +Prideda fluxheim-stream as the internal TCP stream proxy profile profile runtime boundary
• +Perkelia stream upstream selection, PROXY protocol parsing/writing, source policy, DNS-rebinding guards, byte accounting ir timeout handling už Fluxheim-owned stream code

Paskelbta 2026 m. birželio 14 d.

• +Perkelia cache profile profile key identity, object envelopes, disk index management, storage-bin helpers, tag handling, and cache profile profile storage interfaces into fluxheim-cache profile profile
• +Prideda test ir release gates, kurie enforced Pingora dependency removal targets per normalias cargo test vykdymo eigas

Paskelbta 2026 m. birželio 14 d.

• +Pradeda pirmą konkrečią 1.6.x implementation release po foundation tag
• +Pašalina pingora-load-balancing/pingora-ketama from pilnas and load-balancer profile profile image profiles, restores 1.6 load-balancer profile profile image builds, and moves TCP health checks plus request-key extraction behind Fluxheim-owned boundaries

Paskelbta 2026 m. birželio 14 d.

• +Pradėta 1.6.x Pingora-exit foundation linija išlaikant runtime behavior nepakitusį
• +Pridėta modularity policy validation, legacy oversized-file exceptions, runtime baseline capture ir performance evidence capture
• +Pridėtos release-gated Pingora dependency exceptions, runtime parity fixtures ir extraction dependency graph
• +Pridėta pradinė fluxheim-runtime and fluxheim-server boundary crates ir typed policy proof primitives

2026 m. birželis

• +Introduced the enterprise HTTP/TCP load-balancer profile profile line with focused binaries, images, runtime member and weight controls, persistence, health checks, queueing, and migration docs
• +Expanded Fluxheim-owned runtime boundaries across HTTP, stream proxy profile profileing, load balancing, background tasks, cache profile profile interfaces, observability, config, and shared crates
• +Pridėti managed affinity cookies, service discovery, active ir protocol-aware health checks, restart-persistent state ir runtime backend mutation controls
• +Added UDP beta guardrails, cache profile profile origin-protection budgets, ARM/Linux and macOS developer assets, config tester archives, and broad proxy profile profile/cache profile profile/PHP-FPM security hardening

Paskelbta 2026 m. gegužės 25 d.

• +Production proxy profile profile parity release with trusted-proxy profile profile-aware ACLs, local rate limits, concurrency limits, bounded queues, and edge policy metrics
• +gzip, Zstandard, and Brotli response compression with vhost/route overrides and cache profile profile-safe Vary handling
• +Load-balancer resilience, TLS/protocol parity, PROXY protocol v1/v2, upstream mTLS, HTTP/2 controls ir gRPC pass-through

Paskelbta 2026 m. gegužės 23 d.

• +Managed php profile profile-fpm process supervision under the existing php profile profile-fpm feature, while external php profile profile-fpm remains the default
• +Respawn watchdog, bounded backoff, SIGTERM-before-SIGKILL teardown, sanitized environment ir private generated pool state
• +Audituojama [vhosts.php profile profile.fpm] mode = "managed" config surface private sockets, worker counts, process manager modes, slowlog, temp paths ir pool files
• +Išplėsta WordPress PHP-FPM smoke coverage per external, managed-static, managed-dynamic, managed-ondemand ir managed-respawn modes
• +Recommended Wolfi PHP image now installs php profile profile-8.5-fpm and uses managed php profile profile-fpm container config by default

Paskelbta 2026 m. gegužės 23 d.

• +FIPS/ISO-required configs fail closed for unsupported internal cryptography, managed ACME, and local cache profile profile encryption
• +Provider-backed admin auth, numeric-local-loopback OTLP exception, and OpenBao Transit cache profile profile encryption evidence boundary
• +New compliance evidence template and release evidence package sections for regulated reviews

Paskelbta 2026 m. gegužės 22 d.

• +rustls/AWS-LC FIPS-capable candidate backend per tls-rustls-fips
• +FIPS ir ISO/IEC 19790 rustls profile aliases, config examples, diagnostics ir validation script

Paskelbta 2026 m. gegužės 21 d.

• +OpenSSL FIPS/ISO-capable TLS validation per tls-openssl-fips ir provider diagnostics
• +FIPS deployment guide, config fixtures, validation script, release evidence ir OWASP Top 10 2025 baseline

Paskelbta 2026 m. gegužės 20 d.

• +PHP-FPM keepalive pooling, upstream retry/failover ir request body disk spooling saugesnei veiklai apkrovos metu
• +WordPress routing/cache profile profile preset plus PHP application recipes for common framework and forum deployments
• +PHP metrics ir OpenTelemetry attributes, X-Accel-Redirect, X-Sendfile ir X-Accel-Expires support

Paskelbta 2026 m. gegužės 18 d.

• +fluxheim-acme standalone companion binary certificate renewal, status ir ACME reload socket signalling
• +fluxheim-config-tester įrankis įrankis standalone binary config validation CI ir container entrypoint neavus gateway
• +ACME reload Unix socket — live certificate pickup be gateway restart
• +Naujas profile-php profile profile build profile — proxy profile profile + web + php profile profile-fpm + tls-rustls + security
• +Security hardening improvements across the request pipeline

Paskelbta 2026 m. gegužės 16 d.

• +Opt-in PHP-FPM FastCGI bridge for WordPress-style front-controller applications
• +Strict script resolution ir bounded FastCGI request/response handling
• +Browser-validated WordPress proxy profile profile/PHP cookie compatibility fixes
• +PHP-FPM gali servinti static assets iš tos pačios root nukreipdamas PHP į FPM
• +New php profile profile-fpm Cargo feature (reiškia proxy profile profile and web)

Paskelbta 2026 m. gegužės 14 d.

• +Shared ingress/TLS feature-graph split — focused cache profile profile and proxy profile profile profiles are now TLS/ACME-capable
• +New profile-cache profile profile-edge — cache profile profile without static web module
• +New profile-proxy profile profile-edge — focused reverse proxy profile profile edge
• +Official focused container images for cache profile profile and proxy profile profile profiles

May 2026

2026

• + TLS policy profiliai
• + Multi-certificate rustls SNI
• + Managed ACME certificate issuance ir renewal
• + EAB-capable issuers (Actalis ir kiti)
• + File-backed TLS secret
• + acme-init guided issuer bootstrap įrankis
• + Supakuoti certificate renewal systemd units

2026

• + Virtual host routing pagal Host header su default-vhost fallback
• + Route-level static, proxy profile profile, and redirect actions
• + Static file serving with MIME detection, ETag, conditional 304, byte ranges
• + Whole-vhost and route-level reverse proxy profile profileing
• + rustls TLS with SNI, static/bought certificate support
• + Saugus ACME HTTP-01 challenge forwarding
• + Admin control-plane with bearer-token auth and brute-force throttling
• + Secure request/response header policy taisyklės taisyklės
• + Optional HTTP → HTTPS redirect with safe Host validation
• + Systemd unit ir RPM packaging
• + Rootless Podman container images