Skip to content

v2.9.0

Compare
Choose a tag to compare
@github-actions github-actions released this 31 Dec 17:34
· 11 commits to master since this release
v2.9.0
3f3f8b3

Happy New Year! We're pleased to release Caddy 2.9. Aside from some minor new features, this release is mainly focused on refinements and bug fixes in many areas, including:

  • Config loading
  • Events
  • Logging
  • Placeholders
  • Reverse proxy and HTTP server performance
  • Matchers
  • HTTP (esp. HTTP/3)
  • Metrics (per-host metrics)
  • Security
  • TLS automation & ACME ARI

We realize there is extensive interest in Encrypted Client Hello (ECH) and post-quantum ciphers. These are slated to be supported in Go 1.24, which is scheduled for a stable release in approximately February. We did not want to force users to go through the inconvenience of installing pre-release, non-stock installations of Go, even though the RCs are quite stable and production-ready, in order to even compile Caddy, which is quite common given our plugin ecosystem. We anticipate a Caddy 2.10 release in the near future with these capabilities, built on Go 1.24.

We hope you will enjoy the 2.9 release. Thanks to all contributors, bug reporters, and helpers, and those organizations which deployed pre-release versions to production to help verify patches and features.

Changelog

  • ef4e022 caddyfile: Fix comma edgecase in address parsing (#6616)
  • b116dce caddyhttp: Add {?query} placeholder (#6714)
  • c216cf5 caddyhttp: Allow matching Transfer-Encoding, add to access logs (#6629)
  • 197c564 caddyhttp: Set default ReadHeaderTimeout (1 min)
  • 09b2cbc caddyhttp: Add MatchWithError to replace SetVar hack (#6596)
  • c6f2979 caddyhttp: Close http3 server gracefully (#6213)
  • 88fd5f3 caddyhttp: Use internal issuer for IPs when no APs configured
  • 5c8dc34 caddytls: Allow disabling storage cleaning, avoids writing two files (#6593)
  • d7564d6 caddytls: Drop rate_limit and burst, has been deprecated (#6611)
  • d398898 cmd: Allow add-package to select version of package (#6665)
  • 66c80ca cmd: Disable go1.23 tlskyber=1 experiment
  • fb72793 cmd: Reject multiple configs for fmt command (#6717)
  • b3ce260 cmd: ignore missing keys during storage export (#6697)
  • 0182fb8 core: addresses.go funcs renames (#6622)
  • e76405d core: Change ListenerFunc signature (#6651)
  • 315715e core: Implement FastAbs to avoid repeated os.Getwd calls (#6687)
  • d0e209e encode: good defaults (#6737)
  • 5ba1e06 encode: try to use sendfile when compression is not used (#6749)
  • bcaa8aa encode: write status immediate for success response for CONNECT requests (#6738)
  • 1d15652 events: Use WithLazy to prevent eager serialization of the event data (#6671)
  • 6790c0e fastcgi: check for CONTENT_LENGTH when sending requests (#6661)
  • eddbccd fastcgi: remove dir redirection when useless in php_fastcgi (#6698)
  • efd9251 fileserver: Add first_exist_fallback strategy for try_files (#6699)
  • d0123bd fileserver: Fix policy Validate() oversight (#6727)
  • 290cfea fileserver: add a test for precompressed defaults (#6743)
  • 5c2617e fileserver: good default for precompressed (#6736)
  • cc23ad6 fileserver: Add file_limit option for browse (to be experimental) (#6648)
  • 350ad38 fileserver: Fix Caddyfile parsing
  • 9753c44 fileserver: fix try_policy when instantiating file matcher from CEL (#6624)
  • 05cfb12 forwardauth: Skip copying missing response headers (#6608)
  • ed1c594 go.mod: Upgrade ACMEz to v3; and upgrade CertMagic
  • 3f3f8b3 go.mod: Upgrade CertMagic to v0.21.5
  • 91e3413 go.mod: upgrade only some otel deps (#6676)
  • 22b9d51 go.mod: Upgrade quic-go to 0.48.2
  • b129ed6 httpcaddyfile: Fixes for prefer_wildcard mode (#6636)
  • afa778a httpcaddyfile: Implement experimental force_automate option (#6712)
  • b183aec httpcaddyfile: Implement log sampling config (#6682)
  • 1d106fa metrics: add go and process collectors (#6704)
  • 388c7e8 metrics: move metrics up, outside servers (#6606)
  • 8c3dd3d requestbody: Type-based error handling for MaxBytesError (#6701)
  • 5e6024c reverseproxy: Fix log message
  • 48ce47f reverseproxy: Use correct cases for websocket related headers (#6621)
  • 825fe48 reverseproxy: Allow 0 as weights for weighted_round_robin (#6681)
  • 328fb61 reverseproxy: Only handle websocket protocol (#6740)
  • 238f110 reverseproxy: Revert #4952 - don't ignore context cancellation in stream mode
  • 9c0c71e reverseproxy: Rewrite requests and responses for websocket over http2 (#6567)
  • c864b82 reverseproxy: Set Content-Length when body is fully buffered (#6638)
  • fbf0f4c reverseproxy: Sync changes from stdlib for 1xx handling (#6656)
  • 5823ecc rewrite: Don't add / in Caddyfile, do it after replacer (#6662)
  • b443190 sigtrap: always ignore SIGPIPE (#6645)
  • f2c17d1 testing: sort force-automated hosts (#6756)
  • 669fc41 tracing: Add spanID field to access logs and http.vars.span_id placeholder (#6646)

What's Changed

New Contributors

Full Changelog: v2.8.4...v2.9.0