Izmaiņu žurnāls

Publicēts 2026. gada 23. jūnijā

• +Pārvieto inherited global/vhost compression policy into the native HTTP/1 proxy edge edge and route proxy edge edge
• +Merges root/vhost/route header-policy inheritance into native route proxy edge edge construction
• +Pārvieto safe forwarded-client-IP ownership, trusted-chain append, regex rewrite, ACL, concurrency un rate limit uz native path
• +Pievieno native ACME HTTP-01 challenge serving, traffic mirroring, auth-request, and route-scoped gRPC validation

Publicēts 2026. gada 21. jūnijā

• +Pārvieto route-level native response compression onto the HTTP/1 route proxy edge edge through fluxheim-compression
• +Pārvieto proxy edge edge.error_pages onto native HTTP/1 proxy edge edge fallback lapas, ko nodrošina fluxheim-web

Publicēts 2026. gada 21. jūnijā

• +Pievieno native HTTP/1 route static-web serving backed by fluxheim-web
• +Pievieno route request-header mutation, response rewrites, static upstream round-robin, and static upstream weights to the native route proxy edge edge

Publicēts 2026. gada 21. jūnijā

• +Pievieno native route redirect actions with safe {uri}, {path}, and {query} expansion
• +Pārvieto route body limits and response-header overlays onto native HTTP/1 route proxy edge edge responses

Publicēts 2026. gada 21. jūnijā

• +Pievieno native HTTP/1 route-proxy edge edge execution for exact, prefix, and fallback routes with method filters and safe rewrite handling
• +Pievieno native-http1-proxy edge edge-candidate rindas runtime cutover evidence, lai atlikušie compatibility blocker būtu skaidri

Publicēts 2026. gada 20. jūnijā

• +Paaugstina native HTTP/2 downstream safety preview uz cutover-ready pēc fokusētiem parity testiem
• +Padara representative native runtime cutover report blocker-free vienkāršām HTTP/1, HTTP/2, admin, metrics, stream un UDP konfigurācijām

Publicēts 2026. gada 20. jūnijā

• +Cuts stream and UDP proxy edge edge service startup over to Fluxheim-owned native task boundaries
• +Pievieno cancellation-safe native shutdown waiting and abort-on-cancel background task joins

Publicēts 2026. gada 20. jūnijā

• +Starts native admin and metrics serving behind Fluxheim-owned server primitives
• +Hardenē native background handle tā, lai dropped critical handle abortētu, nevis klusi detachotu task

Publicēts 2026. gada 20. jūnijā

• +Pievieno NativeBackgroundSupervisor Fluxheim īpašumā esošai background task orchestration
• +Pievieno critical task watchdog support and hardens shutdown delivery edge cases

Publicēts 2026. gada 20. jūnijā

• +Pievieno native runtime cutover evidence gates and fluxheim-config tester rīks --runtime-cutover
• +Pārvieto remaining Pingora exception targets to a documented multi-release exit plan while keeping policy gates active

Publicēts 2026. gada 19. jūnijā

• +Pievieno skaidru pingora-compat feature gating atlikušajai compatibility runtime boundary
• +Pārvieto rustls/OpenSSL downstream TLS SNI, certificate storage, reload, PEM parsing, and native HTTP/1 TLS listener previews into Fluxheim-owned code

Publicēts 2026. gada 19. jūnijā

• +Turpina Pingora-exit slice, samazinot atlikušo root compatibility virsmu proxy edge edge, cache edge edge un runtime pathos
• +Sadala native health checkus HTTP/gRPC, database, exec un TCP/TLS transport helper moduļos ar stingrākām probe robežām

Publicēts 2026. gada 19. jūnijā

• +Noņem tiešo Pingora dependency no fluxheim-load balancer
• +Pievieno Fluxheim īpašumā esošus bounded HTTP/1.1 un h2 gRPC active health checkus ar policy coverage, lai novērstu Pingora atgriešanu

Publicēts 2026. gada 19. jūnijā

• +Pievieno native HTTP/1.1 proxy edge edge cutover readiness plānošanu ServerPlan
• +Fail-closed compatibility-only proxy edge edge feature, piemēram, auth subrequests, mirroring, redirects, strip/rewrite transforms un advanced load balancer policy

Publicēts 2026. gada 18. jūnijā

• +Pievieno Fluxheim īpašumā esošu native HTTP/2 upstream client primitive ar bounded headeriem, body, traileriem un deadline
• +Pievieno h2 client/server testus trailer preservation, oversized response, stream reset un flow-control timeout behavior

Publicēts 2026. gada 18. jūnijā

• +Pievieno native rustls/OpenSSL upstream TLS un mTLS staged HTTP/1.1 proxy edge edge path
• +Pievieno ordered static upstream failover safe methods vajadzībām plus bounded no-follow TLS material reads un hostname-policy coverage

Publicēts 2026. gada 18. jūnijā

• +Pievieno bounded native HTTP/1.1 upstream connection pooling safe content-length un no-body origin response vajadzībām
• +Pievieno keepalive pool sizing, upstream idle timeout handling, konservatīvus no-reuse guard un īstus socket reuse/expiry testus

Publicēts 2026. gada 18. jūnijā

• +Pievieno reusable native HTTP/2 connection primitive ar bounded request-body collection un response trailer support
• +Hardenē HTTP/2 response lifetime, handler timeout, DATA capacity handling, aizliegtus headerus/trailerus un request-body zeroization

Publicēts 2026. gada 17. jūnijā

• +Pievieno native HTTP/2 runtime preview gate un h2 stack probe ar bounded headeriem, URI, body, streamiem, frame, bufferiem un rapid reset policy
• +Pievieno HTTP/2 preview smoke coverage un paplašina native HTTP/1 behavior coverage HTTP/1.0 keep-alive/close semantikai

Publicēts 2026. gada 17. jūnijā

• +Pievieno bounded native HTTP/1 upstream client un staged native proxy edge edge handler plain static upstream
• +Pievieno native proxy edge edge candidate inventory, Fluxheim īpašumā esošus proxy edge edge headerus, privacy-mode behavior un fail-closed eligibility neatbalstītiem policy slāņiem

Publicēts 2026. gada 17. jūnijā

• +Pievieno native HTTP/1 connection/listener runtime virs Tokio IO un staged native static-file adapter
• +Kartē server limits uz native HTTP/1 policy un pievieno socket testus keep-alive, body framing, shutdown, static files, slow clients un connection caps

Publicēts 2026. gada 17. jūnijā

• +Pievieno Fluxheim īpašumā esošu HTTP/1.0/HTTP/1.1 request-head parsing, request-body framing classification, Host validation, persistence handling un chunked decoding
• +Pievieno downstream HTTP/1 policy defaults un hardened native parser boundaries nākotnes runtime cutover darbam

Publicēts 2026. gada 16. jūnijā

• +Pārvieto server bootstrap planning, listener inventory, service intent, background-task intent, HTTP/2 policy, PROXY protocol policy, and private Unix socket planning into fluxheim-server
• +Patur pašreizējo runtime kā skaidru compatibility adapter, kamēr turpinās native server/listener darbs

Publicēts 2026. gada 16. jūnijā

• +Pievieno fluxheim-tls kā downstream TLS listener planning un provider-policy boundary
• +Pārvieto TLS listener plans, SNI selection, wildcard matching, ALPN/cipher/curve policy, and rustls/OpenSSL provider checks into the TLS crate
• +Hardenē TLS feature gates, SNI fallback behavior, PROXY v2 signature validation un trusted PROXY CIDR validation

Publicēts 2026. gada 16. jūnijā

• +Pievieno pirmo atsevišķo fluxheim-headers boundary header policy helperiem
• +Pārvieto rewrite algorithms, forwarded-header handling, hop-by-hop request policy un repeated-header joining uz Fluxheim īpašumā esošu header code
• +Pārvieto stream PROXY protocol byte parserus uz fluxheim-protocol and tightens privacy/proxy edge edge CIDR validation

Publicēts 2026. gada 15. jūnijā

• +Pārvieto shared background task lifecycle primitive uz fluxheim-runtime
• +Pārvieto OTLP metrics export, ACME certificate reload control, admin snapshot validation state, and rollback decisions into Fluxheim-owned runtime/snapshot code
• +Hardenē local certificate reload control socket un private backend filtering

Publicēts 2026. gada 15. jūnijā

• +Pievieno fluxheim-stream as the internal TCP stream proxy edge edge runtime boundary
• +Pārvieto stream upstream selection, PROXY protocol parsing/writing, source policy, DNS-rebinding guard, byte accounting un timeout handling aiz Fluxheim īpašumā esoša stream code

Publicēts 2026. gada 14. jūnijā

• +Pārvieto cache edge edge key identity, object envelopes, disk index management, storage-bin helpers, tag handling, and cache edge edge storage interfaces into fluxheim-cache edge edge
• +Pievieno testus un release gate, kas piespiež Pingora dependency removal mērķus parastu cargo test izpildes laikā

Publicēts 2026. gada 14. jūnijā

• +Sāk pirmo konkrēto 1.6.x implementation release pēc foundation tag
• +Noņem pingora-load-balancing/pingora-ketama from pilns build and load balancer image profiles, restores 1.6 load balancer image builds, and moves TCP health checks plus request-key extraction behind Fluxheim-owned boundaries

Publicēts 2026. gada 14. jūnijā

• +Sāka 1.6.x Pingora-exit foundation līniju, saglabājot runtime behavior nemainītu
• +Pievienota modularity policy validation, legacy oversized-file exceptions, runtime baseline capture un performance evidence capture
• +Pievienoti release-gated Pingora dependency exceptions, runtime parity fixtures un extraction dependency graph
• +Pievienots sākotnējais fluxheim-runtime and fluxheim-server boundary crate kopā ar typed policy proof primitive

2026. gada jūnijs

• +Introduced the enterprise HTTP/TCP load balancer line with focused binaries, images, runtime member and weight controls, persistence, health checks, queueing, and migration docs
• +Expanded Fluxheim-owned runtime boundaries across HTTP, stream proxy edge edgeing, load balancing, background tasks, cache edge edge interfaces, observability, config, and shared crates
• +Pievienoti managed affinity cookies, service discovery, active un protocol-aware health checks, restart-persistent state un runtime backend mutation controls
• +Added UDP beta guardrails, cache edge edge origin-protection budgets, ARM/Linux and macOS developer assets, config tester archives, and broad proxy edge edge/cache edge edge/PHP-FPM security hardening

Publicēts 2026. gada 25. maijā

• +Production proxy edge edge parity release with trusted-proxy edge edge-aware ACLs, local rate limits, concurrency limits, bounded queues, and edge policy metrics
• +gzip, Zstandard, and Brotli response compression with vhost/route overrides and cache edge edge-safe Vary handling
• +Load-balancer resilience, TLS/protocol parity, PROXY protocol v1/v2, upstream mTLS, HTTP/2 controls un gRPC pass-through

Publicēts 2026. gada 23. maijā

• +Managed PHP-fpm process supervision under the existing PHP-fpm feature, while external PHP-fpm remains the default
• +Respawn watchdog, bounded backoff, SIGTERM-before-SIGKILL teardown, sanitizēta environment un private generated pool state
• +Auditējams [vhosts.PHP.fpm] mode = "managed" config surface private socket, worker count, process manager mode, slowlog, temp path un pool file vajadzībām
• +Paplašināts WordPress PHP-FPM smoke coverage external, managed-static, managed-dynamic, managed-ondemand un managed-respawn režīmos
• +Recommended Wolfi PHP image now installs PHP-8.5-fpm and uses managed PHP-fpm container config by default

Publicēts 2026. gada 23. maijā

• +FIPS/ISO-required configs fail closed for unsupported internal cryptography, managed ACME, and local cache edge edge encryption
• +Provider-backed admin auth, numeric-local-loopback OTLP exception, and OpenBao Transit cache edge edge encryption evidence boundary
• +New compliance evidence template and release evidence package sections for regulated reviews

Publicēts 2026. gada 22. maijā

• +rustls/AWS-LC FIPS-capable candidate backend caur tls-rustls-fips
• +FIPS un ISO/IEC 19790 rustls profile aliasi, config piemēri, diagnostika un validation script

Publicēts 2026. gada 21. maijā

• +OpenSSL FIPS/ISO-capable TLS validation caur tls-openssl-fips un provider diagnostics
• +FIPS deployment guide, config fixtures, validation script, release evidence un OWASP Top 10 2025 baseline

Publicēts 2026. gada 20. maijā

• +PHP-FPM keepalive pooling, upstream retry/failover un request body disk spooling drošākam darbam slodzē
• +WordPress routing/cache edge edge preset plus PHP application recipes for common framework and forum deployments
• +PHP metrics un OpenTelemetry attributes, X-Accel-Redirect, X-Sendfile un X-Accel-Expires atbalsts

Publicēts 2026. gada 18. maijā

• +fluxheim-acme standalone companion binārs sertifikātu renewal, status un ACME reload socket signalling
• +fluxheim-config tester rīks standalone binārs config validation CI un container entrypointos bez gateway startēšanas
• +ACME reload Unix socket - live certificate pickup bez gateway restart
• +Jauns profile-PHP build profile - proxy edge edge + web + PHP-fpm + tls-rustls + security
• +Security hardening improvements across the request pipeline

Publicēts 2026. gada 16. maijā

• +Opt-in PHP-FPM FastCGI bridge for WordPress-style front-controller applications
• +Stingra script resolution un bounded FastCGI request/response handling
• +Browser-validated WordPress proxy edge edge/PHP cookie compatibility fixes
• +PHP-FPM var servēt static assetus no tā paša root, kamēr PHP tiek route uz FPM
• +New PHP-fpm Cargo feature (ietver proxy edge edge and web)

Publicēts 2026. gada 14. maijā

• +Shared ingress/TLS feature-graph split — focused cache edge edge and proxy edge edge profiles are now TLS/ACME-capable
• +New profile-cache edge edge-edge — cache edge edge without static web module
• +New profile-proxy edge edge-edge — focused reverse proxy edge edge edge
• +Official focused container images for cache edge edge and proxy edge edge profiles

May 2026

2026

• + TLS policy profili
• + Multi-certificate rustls SNI
• + Pārvaldīta ACME sertifikātu izdošana un atjaunošana
• + EAB-capable issueri (Actalis un citi)
• + Failu balstīti TLS secrets
• + acme-init vadīts issuer bootstrap rīks
• + Pakoti certificate renewal systemd unit

2026

• + Virtual host routing pēc Host header ar default-vhost fallback
• + Route-level static, proxy edge edge, and redirect actions
• + Static file serving with MIME detection, ETag, conditional 304, byte ranges
• + Whole-vhost and route-level reverse proxy edge edgeing
• + rustls TLS with SNI, static/bought certificate support
• + Drošs ACME HTTP-01 challenge forwarding
• + Admin control-plane with bearer-token auth and brute-force throttling
• + Droša request/response header policy
• + Optional HTTP → HTTPS redirect with safe Host validation
• + Systemd unit un RPM packaging
• + Rootless Podman container images