caddy/caddy.changes

185 lines
9.9 KiB
Plaintext

-------------------------------------------------------------------
Thu Sep 02 14:38:58 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 2.4.4:
* acmeserver: Don't set host for directory links by default
* acmeserver: Trim slashes from path prefix
* admin: Implement load_interval to pull config on a timer
* admin: Replace admin cert cache when reloading
* admin: Sync server variables
* caddyfile: Better error message for missing site block braces
* caddyfile: Error on invalid site addresses containing comma
* caddyfile: keep error chain info in Dispenser.Errf
* caddyhttp: Fix edgecase with auto HTTP->HTTPS logic
* caddyhttp: Fix incorrect determination of gRPC protocol
* caddyhttp: Refactor and export SanitizedPathJoin for use in fastcgi
* caddyhttp: Updated the documentation for MatchQuery
* caddytls: Add Caddyfile support for propagation_timeout
* caddytls: Remove "IssuerRaw" field
* cmd: Fix paths when using an env file
* cmd: New add-package and remove-package commands
* cmd: use net.ErrClosed for matching returned error
* core: Unix ns and Unix ms time placeholders
* encode: Tweak compression settings
* fileserver: Add disable_canonical_uris Caddyfile subdirective
* fileserver: Clarify docs about canonicalization
* fileserver: Don't persist parsed template
* fileserver: Fix browse name_dir_first sorting
* fileserver: Fix browse not redirecting query parameters
* fileserver: Only redirect if filename not rewritten
* fileserver: Redirect within the original URL
* go.mod: Update dependencies
* httpcaddyfile: Add preferred_chains global option and issuer subdirective
* httpcaddyfile: Add shortcut for proxy hostport placeholder
* httpcaddyfile: Add skip_install_trust global option
* httpcaddyfile: Don't add HTTP hosts to TLS APs
* httpcaddyfile: Don't put localhost in public APs
* httpcaddyfile: Ensure hosts to skip for logs can always be collected
* httpcaddyfile: Improve unrecognized directive errors
* httpcaddyfile: Reorder some directives
* logging: Actually use level_key
* logging: Add missing interface guards for replace filter
* logging: Prep for common_log removal
* logging: Warn for deprecated single_field encoder
* metrics: use buildinfo collector from new collectors pkg
* reverseproxy: Adjust test related to #4201
* reverseproxy: Always remove hop-by-hop headers
* reverseproxy: Fix overwriting of max_idle_conns_per_host
* reverseproxy: Incorporate latest proxy changes from stdlib
* reverseproxy: Keep path to unix socket as dial address
* reverseproxy: Remove redundant flushing
-------------------------------------------------------------------
Wed Aug 25 13:55:21 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s). Modified:
* caddy.service
-------------------------------------------------------------------
Mon May 24 12:55:21 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 2.4.1:
* logging: Implement dial timeout for net writer (fix #4083) (#4172)
* admin: Reinstate internal redirect for /id/ requests
* caddyfile: Add parse error on site address with trailing `{` (#4163)
* reverseproxy: Set the headers in the replacer before `handle_response` (#4165)
* ci: Run CI on PRs targeting minor version branches (#4164)
* cmd: upgrade: inherit the permissions of the original executable (#4160)
* httpcaddyfile: Fix automation policy consolidation again (fix #4161)
* caddyfile: Fix `caddy fmt` nesting not decrementing (#4157)
* encode: Drop `prefer` from Caddyfile (#4156)
* encode: Default to order the formats are enabled for `prefer` in Caddyfile (#4151)
* caddytls: Run replacer on ask URL, for env vars (#4154)
* httpcaddyfile: Add `grace_period` global option (#4152)
* caddyhttp: Fix fallback for the error handler chain (#4131)
* reverseproxy: Minor logging improvements
* fileserver: Fix `file` matcher with empty `try_files` (#4147)
* go.mod: CertMagic v0.13.1
* reverseproxy: Add `handle_response` blocks to `reverse_proxy` (#3710) (#4021)
* cmd: Add --envfile flag to `start` command (#4141)
* httpcaddyfile: Add `auto_https ignore_loaded_certs` (#4077)
* httpcaddyfile: Add global option for `storage_clean_interval` (#4134)
* caddyhttp: performance improvement in HeaderRE Matcher (#4143)
* fileserver: Share template logic for both `templates` and `file_server browse` (#4093)
* caddytls: Implement remote IP connection matcher (#4123)
* httpcaddyfile: Fix unexpectedly removed policy (#4128)
* reverseproxy: fix hash selection policy (#4137)
* fileserver: Better handling of HTTP status override (#4132)
* caddyfile: Fix `import` replacing unrelated placeholders (#4129)
* caddytls: Add `load_storage` module (#4055)
* reverseproxy: Admin endpoint for reporting upstream statuses (#4125)
* caddyhttp: Implement better logic for inserting the HTTP->HTTPS redirs (#4033)
* httpcaddyfile: Take into account host scheme/port (fix #4113)
* fuzz: fix the FuzzFormat comparison (#4117)
* caddytls: Disable OCSP stapling for manual certs (#4064)
* caddytls: Configurable storage clean interval
* caddyfile: reject cyclic imports (#4022)
* ci: fuzz: add 4 more fuzzing targets (#4105)
* fileserver: Add status code override (#4076)
* notify: Send all sd_notify signals from main caddy process (#4060)
* go.mod: Update quic-go to v0.20.1 (#4075)
* httpcaddyfile: Fix panic in automation policy consolidation (#4104)
* caddyfile: Normalize line endings before comparing fmt result (#4103)
* ci: accommodate go1.16 changes to go mod (#4102)
* Minor tweaks
* go.mod: Use latest CertMagic
* Use 600 instead of 644 for UUID file
* Change os to ioutil for now
* reverseproxy: Set cookie path to `/` when using cookie lb_policy (#4096)
* caddy: Add InstanceID() method
* encode,staticfiles: Content negotiation, precompressed files (#4045)
* reverseproxy: Implement health_uri, deprecate health_path, supports query (#4050)
* go.mod: Migrate to golang.org/x/term (#4073)
* caddyhttp: improve grammar of comment for AllowH2C (#4072)
* sigtrap_posix: add missing comma to SIGTERM info (#4078)
* cmd: Use formatted logger for config adapter warnings (#4080)
* cmd: main: fix minor doc typos (#4082)
* headers: Fix Caddyfile parsing for `request_header` with matchers (#4085)
* .gitignore: add IDE files (#4087)
* fileserver: Add a few more debug lines (#4063)
* fileserver: Browse listing supports dark mode (#4066)
* CONTRIBUTING: fix spelling (#4070)
* httpcaddyfile: Add `error` directive for the existing handler (#4034)
* logging: add replace filter for static value replacement (#4029)
* caddyconfig: add global option for configuring loggers (#4028)
* map: Accept regex substitution in outputs (#3991)
* reverseproxy: Fix upstreams with placeholders with no port (#4046)
* rewrite: Implement regex path replacements
* fileserver: Don't replace in request paths (fix #4027)
* caddypki: Add SignWithRoot option for ACME server
* reverseproxy: Fix round robin data race (#4038)
* Update docs; commit setcap.sh
* go.mod: Latest CertMagic (updated libdns conventions)
* core: Initialize logging before admin
* caddytls: Remove old asset migration code (close #3894)
* reverseproxy: Add duration/latency placeholders (close #4012) (#4013)
* httpcaddyfile: Fix catch-all site block sorting
* ci: Build and test on Go 1.16, bump minimum to 1.15 (#4024)
* caddy: Support SetReadBuffer and SyscallConn for QUIC (fix #3998)
* Improve security warnings
* httpcaddyfile: Configure other apps from global options (#3990)
* cmd: Clean up `build-info` and `upgrade` output
* caddyhttp: Support placeholders in header matcher values (close #3916)
* caddytls: Save email with account if not already specified
* reverseproxy: Response buffering & configurable buffer size
* httpcaddyfile: Fix automation policies
* ci: deflake integration tests (#3966)
* httpcaddyfile: Add resolvers subdir of tls (close #4008)
* acmeserver: Support custom CAs from Caddyfile
* caddyhttp: Check for invalid subdirectives of static_response
* httpcaddyfile: Fix default issuers when email provided
* cmd: Add --force flag to reload command (close #4005)
* httpcaddyfile: Warn if site address uses unspecified IP (close #4004)
* httpcaddyfile: Sort catch-all site blocks properly (fix #4003)
* ci: update the command to run tests on the s390x machine (#3995)
* caddyhttp: Fix redir html status code, improve flow (#3987)
* caddyhttp: Implement handler abort; new 'abort' directive (close #3871) (#3983)
* admin: Identity management, remote admin, config loaders (#3994)
* caddycmd: Add upgrade command (#3972)
* Revert "requestbody: Allow overwriting remote address"
* caddytest: Update Caddyfile tests for formatting, HTTP-only blocks
* httpcaddyfile: Skip TLS APs for HTTP-only hosts (fix #3977)
* cmd: Print more detailed version with --environ
* map: Add missing json struct tag
* tests: use actual admin port value in error message (#3973)
* cmd: Implement sd_notify() to notify systemd about readiness (#3963)
* templates: Add fileExists and httpError template actions
* requestbody: Allow overwriting remote address
* rewrite: Use RawPath instead of Path (fix #3596) (#3918)
* Update docs
* caddytls: Configurable OCSP stapling; global option (closes #3714)
* logging: Remove logfmt encoder (close #3575)
* httpcaddyfile: Support repeated use of cert_issuer global option
* caddytls: add 'key_type' subdirective (#3956)
* caddyfile: Refactor unmarshaling of module tokens
* go.mod: Update CertMagic and acmez (improved IDN support)
* reverseproxy: Caddyfile health check headers, host header support (#3948)
* httpcaddyfile: Adjust iterator when removing AP (fix #3953)
* cmd: Organize list-modules output; --packages flag (#3925)
* caddyfile: Introduce basic linting and fmt check (#3923)
-------------------------------------------------------------------
Wed Apr 28 15:47:43 UTC 2021 - Alexandre Vicenzi <alexandre.vicenzi@suse.com>
- Create Caddy package