Skip to content

Releases: alibaba/nacos

2.5.0-BETA (Dec 19, 2024)

19 Dec 02:42
@KomachiSion KomachiSion
2.5.0-BETA
762303b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.5.0-BETA (Dec 19, 2024) Pre-release
Pre-release

This version mainly introduces the configuration gray history record feature and refactors and optimizes the configuration gray management to enable users to manage configuration releases and gray configurations more efficiently. It is important to note that this update may lead to certain changes in the database table structure used by Nacos, and the first startup after the upgrade may take some time for automatic data migration (this situation only applies to clusters that have used the beta gray feature in older versions).

In addition to the above features, this version also includes significant optimizations and bug fixes for several other functions, including but not limited to the following:

  • Unified client addressing logic and provision of custom extension interfaces.
  • The client will automatically refresh the token when encountering a no-permission status during requests, without waiting for the token to expire.

Please see the details of the changes below:

Change details

Feature

[#12217] Support beta config history.
[#12257] client auth plugin support refreshing server list.
[#12719] nacos client support refresh access token when request with 403.

Enhancement&Refactor

[#11659] Refactor config query to chain of responsibility.
[#12189] Unified Nacos Client address module code.
[#12342] Improve the retrieval of ConfigInfoState to facilitate the extension and implementation of databases like Oracle.
[#12644] Enhance to return cached instances when getAllInstance with subscribe exception.
[#12748] Support custom client configuration timeout.
[#12756] Enhance Disk operation for DiskUtils.
[#12757] Refactor update password api auth check and add unit test.
[#12773] Enhance hint message when adding duplicate permissions or binding relationship.
[#12371] Refactor beta and gray config model.
[#12851] Cluster grpc request add server identity info.
[#12872] Refactor ConfigCache and related pathways, uniformly use UTF-8 encoding for md5 fields.
[#12911] Use lambda to replace some for loop and add unit tests.
[#12928] Replace document url in console ui and README.

BugFix

[#11153] Fix Hints error when access console index and redirect to login page.
[#11930] Fix leak namespace description for default namespace problem.
[#12769] Fix clean config history error for derby datasource.
[#12871] Fix duplicate defined items in console ui.
[#12875] Fix config search failed when using type for MySQL datasource.
[#12960] Fix config rollback page error when use advanced options.
[#12970] Fix NamingMetadataManager.removeInstanceMetadata() error.

Dependency

[#12686] Bump Spring Security version to 5.8.15.
[#12735][#12965] Bump console ui dependencies by npm audit.
[#12777] Bump maven-enforcer-plugin to 3.5.0.
[#12862] Bump tomcat-embed-core from 9.0.93 to 9.0.96.

New Contributors

Full Changelog: 2.4.3...2.5.0-BETA

Contributors

ifrankwang, lucky8987, and 7 other contributors
Assets 6
Loading

3.0.0-ALPHA (Dec 5th, 2024)

05 Dec 08:31
@KomachiSion KomachiSion
3.0.0-alpha
446d19f
Compare
Choose a tag to compare
3.0.0-ALPHA (Dec 5th, 2024) Pre-release
Pre-release

This version is a pre alpha version of 3.0.0. In this version, Nacos contains many APIs and deployment changes from old versions to enhance the security and usage, the main different changes:

  1. APIs are categorized into different types, and different types of APIs will adopt different default authentication strategies.
  2. Enabled nacos console authentication and need more configuration setting when deploying first time.
  3. Nacos console UI use new v3 console API replace old v1 API, and default disable old v1 API old console UI used.
  4. The default namespace public change its id from ``(empty string) to public, which cause not support upgrade from old version Temporarily.

And in this pre alpha version, Nacos Server add experimental features: support xDS protocol directly. currently, support EDS, LDS, RDS and CDS.

Welcome community developers and users test and try out this version and report problem and suggest to Nacos.

Warning: 3.0.0-ALPHA is a pre version, it's features and APIs might so some adjustment in future versions, please don't used in product environments.

Detail Changes in 3.0.0-ALPHA see:

Feature/Refactor

Sync services and endpoints from k8s.

Support CDE, EDS, incremental EDS of xDS.

Support LDS and RDS of xDS.

Categorize Console APIs.

Console UI use new Console APIs to replaced old APIs.

Enabled Console APIs authentication by default.

Deprecated old api and default disabled old console api.

Enabled Inner APIs authentication by default.

Unified default namespace Id as public.

Assets 6
Loading

2.4.3 (Oct 12th, 2024)

12 Oct 07:31
@KomachiSion KomachiSion
2.4.3
f4f8b18
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.3 (Oct 12th, 2024) Latest
Latest

This version primarily enhances to support for gRPC request timeout parameters in the Nacos client, and dynamically displays the configuration history retention period.

It also fixes several issues related to client modularization, login, and log configuration, and upgrades multiple dependencies to solve dependent security concerns.

Please see the details of the changes below:

Change details

Enhancement&Refactor

[#12103] Enhance nacos client to support grpc request timeout param.
[#12614] Display the number of days to retain the configuration history dynamically on the console.
[#12716] Refactor grpc server request handler.

BugFix

[#12551] Fix client modularity problem.
[#12625] Fix namespace query SQL problem for no MySQL datasource.
[#12670] Fix can't login when domain like 'register.nacos.com' in console.
[#12668] Fix Control Plugin log configuration problem.
[#12682] Fix nacos client log4j async append configuration problem.

Dependency

[#12708] Bump commons-io:commons-io from 2.7 to 2.14.0
[#12673] Bump com.google.protobuf:protobuf-java from 3.22.3 to 3.25.5.

New Contributors

Full Changelog: 2.4.2.1...2.4.3

Contributors

xiebin123456, luxiao0000, and juhuan
Assets 6
Loading

2.4.2.1

20 Sep 08:21
@shiyiyue1102 shiyiyue1102
2.4.2.1
91987b0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.2.1

This version mainly fix namespace query interface bug for derby storage of 2.4.2

Detail see:

BugFix

[#12659] fix derby usage filed

Assets 6
Loading

2.4.2 (Sep 5th, 2024)

05 Sep 09:16
@KomachiSion KomachiSion
2.4.2
3a9003b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.2 (Sep 5th, 2024)

This version primarily fixes a potential deadlock issue during the startup process related to the Raft protocol initialization in version 2.4.1 (#12526). It also rolls back the changes made in version 2.4.1 that lowered the hessian version, which caused startup problems on JDK 17+ versions due to conflicts with hessian dependencies. Additionally, the logic for checking ServerStatus has been optimized to prevent issues from affecting the availability of non-Raft-dependent functionalities due to Raft election failures.

Furthermore, this version includes several usability enhancements and addresses some other bugs.

Please see the details of the changes below:

Change details

Enhancement&Refactor

[#12483] Configuration list adds configuration format.
[#12547] Nacos client supports desensitise in logging.
[#12555] SwitchManager support http、tcp、mysql HealthParams and pushCSharpVersion update.
[#12569] Enhance is exist table logic to support more database.
[#12573] Enhance Server status check to avoid affect core features.
[#12583] Enhance protocolManager lock logic.
[#12608] Enhance configs diff, support to collapse identical rows.

BugFix

[#12093] Fix reset password success but no message.
[#12498][#12503] Revert "Resolve the Hessian package conflict issue. (#12449)".
[#12509] Fix nacos-client updating accessToken bug.
[#12526] Fix possible dead lock problem during start up.
[#12563] Fix paramchecker invalid bug.
[#12581] Fix namespace quota and parameter optimize.
[#12604] Fix get config labels from env parameters.
[#12610] Fix wrong error code for http open api request.

Dependency

[#12568] Upgrade mysql-connector-j from 8.0.33 to 8.2.0.
[#12387] Upgrade logback adapter to 1.1.3
[#12586][#12596] Upgrade spring version to 5.3.39.
[#12596] Upgrade tomcat to 9.0.93.

New Contributors

Full Changelog: 2.4.1...2.4.2

Contributors

shengbinxu and XiaZhouxx
Assets 6
Loading

2.4.1 (Aug 15th, 2024)

15 Aug 11:57
@KomachiSion KomachiSion
2.4.1
106a1d5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.1 (Aug 15th, 2024)

该版本主要针对部分Jraft请求处理时,会造成任意文件读写的问题进行修复。

该漏洞仅影响7848端口(默认设置下),一般使用时该端口为Nacos集群间Raft协议的通信端口,不承载客户端请求,因此老版本可以通过禁止该端口来自Nacos集群外的请求达到止血目的(如部署时已进行限制或未暴露,则风险可控)。

另外该版本也在2.4.0的基础上针对derby ops接口做了进一步优化,默认限制derby数据库可执行的SQL范围,降低用户在打开derby ops接口后的风险。

变更详情请查看下文:

The version mainly fixes the issue of arbitrary file read and write that can occur during the processing of some Jraft requests.

The vulnerability only affects port 7848 (by default), which is typically used as the communication port for Nacos cluster inter-raft protocol and does not handle client requests. Therefore, the risk can be controlled by disabling requests from outside of Nacos clusters (e.g. by limiting or not exposing the port) in older versions.

Additionally, this version has further optimized the Derby Ops API by restricting the range of executable SQL commands on the Derby database by default, thereby reducing the risk to users when accessing the Derby Ops API.

Please see the details of the changes below:

Change details

Feature

Enhancement&Refactor

[#11887] Add some tips when token.secret.key is not base64.
[#12311] Enhance console to support namespace list with selectors.
[#12405] LDAP plugin support custom admin user password for default.
[#12446] Enhance hint when got Mac Instance with error in default auth plugin.
[#12466] Enhance to configurable service metadata and instance metadata length.
[#12477] Enhance default auth plugin to support auth_basic when logout.
[#12489] Remove KvStorage and ConsistencyService.
[#12490] Enhance derby mode to support limit SQL Type.

BugFix

[#12301] Fix headlth check for persistent instance for different namespace but groupName and serviceName are same.
[#12374] Fix memory calculate error for metrics api.
[#12397] Fix the bug of parsing empty connection control rule problem.
[#12410] Fix no hint when beta config content is not equal with formal content.

Dependency

[#12342] Resolve the Hessian package conflict.

New Contributors

Full Changelog: 2.4.0.1...2.4.1

Contributors

eltociear, gongycn, and 7 other contributors
Assets 6
Loading

1.4.8 (Aug 15th, 2024)

15 Aug 11:51
@KomachiSion KomachiSion
1.4.8
f4373de
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.4.8 (Aug 15th, 2024)

What's Changed

New Contributors

Full Changelog: 1.4.7...1.4.8

Contributors

raymondzhangl, EruDev, and KomachiSion
Assets 6
Loading

2.4.0.1 (July 22th, 2024)

22 Jul 07:28
@KomachiSion KomachiSion
2.4.0.1
197795a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.0.1 (July 22th, 2024)

This version is fast fix for two block issues #12387 and #12395 for 2.4.0, which might cause password can't be changed and can't create new users when not using MySQL database with new table structures.

What's Changed

Full Changelog: 2.4.0...2.4.0.1

Contributors

KomachiSion
Assets 6
Loading

2.4.0 (July 19th, 2024)(Please use 2.4.0.1)

19 Jul 06:34
@KomachiSion KomachiSion
2.4.0
4e77625
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.0 (July 19th, 2024)(Please use 2.4.0.1)

Please use 2.4.0.1 first

This version is an important version which support many new features.

The most mainly feature is Nacos support maintainer to initialize the admin user nacos password instead of using default password to improve the default security for deploy nacos clusters.

One more thing is default disabled derby ops API to prevent false alarms regarding corresponding risks for users without authentication enabled when deploying in standalone mode. If maintainers want use this API to maintain and query data in derby, maintainers can use nacos.config.derby.ops.enabled=true to open this API.

And other mainly features are support TLS Grpc communication between Nacos cluster nodes as an optional feature to improve Nacos security, which means nacos not only support TLS communication between client and server; What's more, Nacos start to support user extend Selector before callback Subscriber for naming module, not only can select instance of services by healthy and clusters. And Nacos client support callback service diffs by new event to reduce Subscriber cache and compare logics.

Third mainly features are support some configs usages in Nacos console and support more enhancement usage for plugins, such as support add all metadata to prometheus sd protocol and support aliyun ram v4 signature.

In addition to substantial feature updates, this version also fixes some bugs from previous versions and upgrades certain dependencies with security vulnerabilities.

Detail see:

Feature

[#10374] Support naming custom selectors and support service diff events.
[#11456] Support TLS Grpc communication between Nacos cluster nodes.
[#11847] Nacos console support publish config with cas.
[#11943] Record users for import configs.
[#11957] Remove default password for user nacos.
[#12130] Add metadata as labels in prometheus http sd.
[#12162] Support aliyun ram v4 signature method.

Enhancement&Refactor

[#11956] Refactor nacos client logging module, use SPI load current logger adapter.
[#12013] Enhance to fast config Nacos memory setting in startup.sh by environment CUSTOM_NACOS_MEMORY.
[#12072] Support does not impose any limit when totalCountLimit is less than 0.
[#12166] Enhance nacos client init properties logger.
[#12177] Update console header link to new nacos.io.
[#12178] Add total record count display in pagination.
[#12185] Use nacos properties in CacheDirUtil.
[#12221] Remove the accessToken from the URL.
[#12235] Enhance logging format in the ResponseExceptionHandler.
[#12246] Internationalize the display of total counts in the configuration list and service list.
[#12321] Enhance log for unexpected exception from NetworkInterface.ifUp.
[#12355] Record the cost of ConfigDump in Prometheus.
[#12372] Disable derby ops api default.
[#12382] Support ram info switch.

BugFix

[#10639] Fix the encrypted_data_key is text type so that old version can't upgrade directly.
[#11902] Fix leak of request and response for java native runtime for nacos-client.
[#11926] Fix Nacos can't triggle self protection when disk full in some OS.
[#11951] Fix the problem that the serviceName and groupName are not resolved correctly when deleting an empty service instance.
[#11967] Fix Config can't publish and listen when dataId contains some special words in Window OS.
[#11968] Fix Multiple config change plugin implementation configuration conflicts problem.
[#12022] Fix nacos datasource plugin ClassCastException problem.
[#12046] Fix cipher-aes config encrypt plugin not effect when publish config again.
[#12060] Fix too large ttl when auth disabled.
[#12146] Fix the operation type does not display when rolling back a configuration with a delete operation type.
[#12168] Fix the labels of the query conditions on the Permission Control - Role Management page are still displayed in Chinese after switching the system language to English.
[#12180] Fix the operator is not recorded during clone and import operations.
[#12196] Fix prometheus http sd invalid label names.
[#12207] Fix disk failover datasource not keep status.
[#12197] Add an id primary key column to both the roles and permissions tables.
[#12219] Fix ServerListManager in nacos-client fails to parse the endpoint in the config.
[#12253] Add endpoint cluster name for config & naming server list manager.
[#12265] Fix nacos client dependencies tree without grpc package.
[#12323] Fix nacos client logback configuration will override packagingData problem.
[#12333] Fix auth Plugin resource parser can't parser v2 config openAPI namespaceId.

Dependency

[#11904] Bump Spring Security to 5.7.12.
[#11975] Remove unused dependency javatuple.
[#11980] Bump spring framework to 5.3.34.
[#12135] Upgrade module naocs-console from junit4 to junit5.
[#12369] Upgrade grpc to 1.64.2.

New Contributors From 2.4.0-BETA.

Full Changelog: 2.4.0-BETA...2.4.0

Contributors

taomaree, dingjs, and HMYDK
Assets 6
Loading

2.3.3 (Jun 25th, 2024) (client only)

25 Jun 02:30
@KomachiSion KomachiSion
2.3.3-client-only
3326cdf
Compare
Choose a tag to compare
2.3.3 (Jun 25th, 2024) (client only)

This version mainly fix one client block bug and support java agent parsing ram info switches.

The client block bug was introduced in client version 2.3.0, as detailed in ISSUE #10792. The intended change was to unify the address server addressing logic for both the registry and the configuration center and to support custom modification of the address server's path.

However, in a Spring Cloud environment, the clusterName parameter for discovery has a specific business significance: it denotes the clusterName attribute of the registered service instance. When users configure the clusterName attribute for service instances, it simultaneously alters the path used for addressing the address server.

This bug was primarily caused by the previous ambiguity in the Nacos Client's parameter naming definitions.

To resolve this issue, starting from version 2.3.3, parameters used for controlling the address server will be prefixed with "Endpoint". Specifically:

The clusterName parameter for endpoint will be renamed to endpointClusterName.
The clusterName attribute used by the registry for service instances will remain unchanged.

Previous Configuration:

spring.cloud.nacos.discovery.clusterName=my-service-cluster
spring.cloud.nacos.config.clusterName=my-service-cluster

Updated Configuration:

spring.cloud.nacos.discovery.endpointClusterName=my-endpoint-cluster
spring.cloud.nacos.discovery.clusterName=my-service-cluster
spring.cloud.nacos.config.endpointClusterName=my-endpoint-cluster
Assets 2
Loading