chore(deps): update module github.com/caddyserver/caddy/v2 to v2.8.4 #10

Open
renovate wants to merge 1 commits from renovate/github.com-caddyserver-caddy-v2-2.x into main
Collaborator

This PR contains the following updates:

Package Type Update Change
github.com/caddyserver/caddy/v2 require minor v2.6.4 -> v2.8.4

Release Notes

caddyserver/caddy (github.com/caddyserver/caddy/v2)

v2.8.4

Compare Source

Hotfix for the Caddyfile detection regression in v2.8.2. The v2.8.3 tag was mistakenly made on the wrong commit and is skipped.

Changelog

v2.8.3

Compare Source

v2.8.2

Compare Source

A few more fixes of reported bugs related to ARI, try_files with the root path (/), and Caddyfile adapter detection on the CLI. See 2.8.0 release notes for details on 2.8.

Changelog

  • 01308b4 I'm so tired of typos
  • a63767d build(deps): bump golangci/golangci-lint-action from 5 to 6 (#​6361)
  • f8a2c60 caddyhttp: properly sanitize requests for root path (#​6360)
  • b7280e6 caddytls: Implement certmagic.RenewalInfoGetter
  • 15faeac cmd: fix auto-detetction of .caddyfile extension (#​6356)

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.8.1...v2.8.2

v2.8.1

Compare Source

Quick fixes for a few users related to directory permissions and matcher parsing.

Changelog

  • 40c582c caddyhttp: Fix merging consecutive client_ip or remote_ip matchers (#​6350)
  • a52917a core: MkdirAll appDataDir in InstanceID with 0o700 (#​6340)

v2.8.0

Compare Source

Caddy 2.8 is here! With hundreds of improvements, Caddy is more scalable and capable than ever before. Featuring ACME Renewal Information (ARI) support, HTTP/3 to proxy backends, and so much more than we can list in a sentence, we are pleased to bring you one of the biggest Caddy updates yet. Documentation on our website will be updated in the coming days.

We've implemented a ton of improvements, fixes, and awesome new features based on your feedback. While some of them aren't particularly visible changes, they allow Caddy to scale better and be more reliable in demanding deployments. Many of the changes are quality-of-life improvements we hope you'll appreciate. Then there's improvements to ACMEz, CertMagic, and other dependencies which make Caddy better that may not show up in this list.

There was a lot of code that had been documented as deprecated in place for a long time, so this version introduces a few more breaking changes than usual; please review the notes below.

Thank you to our sponsors and everyone in the community who contributed -- over 40 of you made your first contribution for this release. We couldn't have done it without your help. In particular, we'd like to recognize sponsors Stripe, Framer, and ZeroSSL for their positive influence which have greatly enhanced the project. Caddy 2.8 is already being used in our sponsors' large-scale, multi-region production deployments.

Want to join those ranks? Sponsor the Caddy project and benefit from development priority, dedicated private support, and much more.

As with any server upgrades, please be sure to test and validate your configurations in a staging or test environment before deploying to production. Thank you and have a great day!

⚠️ Breaking changes:

  • ZeroSSL (#​6229) (this is one overall change, but requires some explanation):
    • Up to now, Caddy used both Let's Encrypt and ZeroSSL by default to get certificates without any configuration. In 2.8, this is changing slightly. Due to upcoming changes to ZeroSSL accounting policies, ZeroSSL now requires your email address to be able to access their free ACME endpoint.
    • As such, Caddy will only implicitly add the ZeroSSL issuer to your config if you provide an email address in your Caddyfile using the email global option. (We have already recommended this for years.) If you already do this, you don't have to make any changes and you'll still get Let's Encrypt and ZeroSSL automatically as defaults.
    • If you use JSON to configure certificate automation policies, you will need to ensure you use the acme issuer with your email filled out, and the ca field set to ZeroSSL's ACME server URL. If you want redundancy with Let's Encrypt, be sure to specify another acme issuer as well (defaults OK, but we recommend setting an email there too).
    • The zerossl issuer module is no longer ACME-capable and is now exclusively for the ZeroSSL API. An API key from your ZeroSSL account is required. (The ZeroSSL ACME server can still be used with the acme module pointed to ZeroSSL's ACME server. You can provide your account email and/or EAB as well.) If you were using the ZeroSSL issuer with an API key, it will now start using ZeroSSL's API, which was probably the expected behavior anyways. The API has several advantages over the ACME endpoint, but may require payment:
      • Faster response times
      • IP certificates
      • Management tools in your ZeroSSL account dashboard
      • Technical support
    • To clarify, Let's Encrypt is still a default issuer even if you don't provide an email address (but we have always strongly recommended to do so).
    • You can still use ZeroSSL's ACME endpoint with your own External Account Binding (EAB) credentials.
    • See notes in #​6229 for some examples and further explanations.
  • Removed support for the lego_deprecated DNS provider module. It has been deprecated for 4 years. Use caddy-dns modules instead; there are over 50 to choose from already. They are more flexible, compile much leaner, and are easier to implement and support. If yours is not supported it can be easily implemented. Sponsors at or above the Business tier can request to have their provider implemented for free.
  • On-demand TLS: The ask option in the JSON has been deprecated in favor of a permission module (Caddyfile unchanged) (#​6055), and Caddyfile support for permission modules is added (6a02999)
  • Admin API: Etag (used for concurrency control) is now a header, not a trailer. This is less efficient, but still virtually no clients properly implement trailer support.
  • For consistency, the basicauth Caddyfile directive has been renamed to basic_auth (#​6092), and skip_log has been renamed to log_skip. The old names will continue to work for now, with a deprecation warning in the logs. (#​6066).
  • The basic_auth handler no longer supports scrypt (deprecated for nearly two years) (#​6091)
  • The forwarded option has been deprecated for a long time and has now been removed from the remote_ip matcher. Use the client_ip matcher instead. (#​6085)
  • Reverse proxy: The buffer_requests, buffer_responses, and max_buffer_size settings have been removed after being deprecated for 14 months. Use request_buffers and response_buffers instead if you need buffering.
  • Go API: If you called caddy.Context.AppIfConfigured(), it now returns an error, as part of a bug fix. (#​6292)

Notable changes:

  • acme_server: Configurable allow/deny policies (#​5796)
  • acme_server: Specify allowed challenge types (#​5794)
  • caddyfile: Plugin authors can now specify a default ordering for directives, making manual ordering by users less necessary (#​5865)
  • cmd: The --adapter flag is not needed for config files ending with .caddyfile (#​5919)
  • encode: More media types are now compressed by default (#​6081)
  • encode: Modify ETag when encoding to comply with RFC 9110 section 8.8.3 (#​5849)
  • encode: Configurable compression level for zstd (#​6140)
  • handle_errors: Handling can now be filtered by response status code more easily (#​5965)
  • http: New fs directive can declare a file system plugin to use (#​5057)
  • http: Sensitive headers in the logs are now replaced with ["REDACTED"] instead of empty array. (#​5669)
  • http: Several improvements to size logging, websockets, flushing, 1xx statuses, and QUIC. (#​6173, #​6175, #​6202, #​6150, #​6164, #​6168)
  • http: Can now write access logs for a hostname to more than one logger (#​6088)
  • http: The log_append handler can add fields to the access logs (#​6066)
  • http: Add uuid field to access logs when the {http.request.uuid} placeholder is used (#​5859)
  • http: Changed PROXY protocol libraries add TLV support (#​5915)
  • http: A new tracing mode writes each individual middleware handler to logs (#​6313)
  • http: Access logs use a different message ("unhandled") when an HTTP request is a no-op (#​5182)
  • file_server: The browse feature can now return a plaintext response (useful for terminals) (#​6093)
  • file_server: File listings can dereference symlinks if enabled (#​5973)
  • file_server: Directory listings now include total file size (#​6003)
  • file_server: Can use precomputed ETags from sidecar files (#​6222)
  • replacer: A new {file.*} global placeholder is available, where * is a path to a file on disk which contains a value (generally used for secrets) (#​5463)
  • reverse_proxy: HTTP/3 supported to backends (experimental) (#​6312)
  • reverse_proxy: Active health checks can now be configured with consecutive passes/fails to change status (#​6154)
  • reverse_proxy: A forward proxy can now be specified in config other than a single env var (#​6114)
  • reverse_proxy: Configurable trusted root CAs is now modular (#​6065)
  • reverse_proxy: SRV upstreams now support failovers/grace period with cache (#​5832)
  • reverse_proxy: TLS curves can now be configured (potential preparation for post-quantum) (#​5851)
  • root, rewrite: A * matcher token is no longer required in the Caddyfile (#​5844)
  • tls: Client authentication validation methods are now modular/pluggable (#​6050)
  • tls: Trusted CA providers are now modular (#​5784)
  • tls: New local_ip connection matcher (#​6074)
  • tls: Improvements and fixes when certificate managers are configured (#​6229)
  • tls: Refactor the On-Demand TLS ask endpoint into a permission module, making it pluggable (#​6055)
  • tls: Storage cleaning is now synced across instances that share the storage (#​5940)
  • tls: Supports ACME Renewal Information (ARI) draft spec, together with cert lifetime and OCSP/revocation status, to trigger certificate renewals
  • uri: Can now perform structured query rewrites with uri query (#​6120, #​6165)

Changelog

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.7.6...v2.8.0

New Contributors

v2.7.6

Compare Source

In this version we've made several fixes and enhancements with help from several contributors. Most changes are small, but some notable ones:

  • The templates middleware is now officially extensible (experimentally). This means modules can add custom functions/actions for templates to execute.
  • TLS storage cleaning is now synchronized across the cluster and remembered across restarts. This should greatly lower costs for expensive storage backends like DynamoDB.
  • Placeholders are now evaluated in config for certificate loaders.
  • Numerous bug fixes.

Thank you to everyone who contributed!

Changelog

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.7.5...v2.7.6

v2.7.5

Compare Source

In this release, we've fixed quite a few small bugs and annoyances, including HTTP/2 Rapid Reset which affected most HTTP/2 implementations.

On a personal note (from @​mholt): I recently became a dad! I want to thank our maintainers for helping in so many ways while I've been taking extra time for family. Francis, Matthew, Mohammed, and others -- including all the contributors below, and then some -- are to thank for shipping this release.

Highlights

  • Updated https://github.com/quic-go/quic-go from v0.37.5 to v0.39.0, including many performance improvements. GSO and ECN are now enabled by default, but you may turn them off by setting the QUIC_GO_DISABLE_GSO=true and QUIC_GO_DISABLE_ECN=true environment variables respectively, if they cause you problems. See the quic-go release notes for more details.
  • The file server's fileserver.BrowseTemplate is now exported, so it may be customized by programs embedding Caddy. (ed8bb13)
  • Environment variables loaded with --envfile no longer override existing variables. (#​5803)
  • The encode handler now compresses application/wasm* content types by default. (#​5869)
  • The reverse_proxy handler can now emit very detailed logs for debugging streaming and buffering. To enable it, set the verbose_logs subdirective, and set logging to debug level. Since the logs from this are very noisy, using verbose_logs to opt-in is necessary. We may ask you to enable this when asking for support! (#​5793)
  • You can now check the version with caddy -v, like most other CLI utilities! (#​5874)

Caddy is on feature freeze until after 2.8 so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them!

Changelog

  • 0e204b7 admin: Respond with 4xx on non-existing config path (#​5870)
  • 89c407a build(deps): bump actions/checkout from 3 to 4 (#​5846)
  • 1405683 build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#​5847)
  • 38a7b6b caddyfile: Adjust error formatting (#​5765)
  • 7103ea0 caddyfile: Fix case where heredoc marker is empty after newline (#​5769)
  • 10053f7 caddyfile: Loosen heredoc parsing (#​5761)
  • 58ab3a0 caddyhttp: Use LimitedReader for HTTPRedirectListener (thank you to Bartek Nowotarski for reporting)
  • 9c419f1 cmd: Fix exiting with custom status code, add caddy -v (#​5874)
  • f2ab709 cmd: Prevent overwriting existing env vars with --envfile (#​5803)
  • e0aaefa encode: Add application/wasm* to the default content types (#​5869)
  • fa5a579 fileserver: Add command shortcuts -l and -a (#​5854)
  • ed8bb13 fileserver: Export BrowseTemplate
  • 130f6d1 fileserver: Set canonical URL on browse template (#​5867)
  • a306c5f fileserver: browse template SVG icons and UI tweaks (#​5812)
  • 0a6d333 fileserver: docs: clarify the ability to produce JSON array with browse (#​5751)
  • 82c356f fix: caddytest.AssertResponseCode error message (#​5853)
  • 888c6d7 go.mod: Update quic-go to v0.38.0 (#​5772)
  • 88b4fbf go.mod: Upgrade dependencies incl. x/net/http
  • df99502 httpcaddyfile: Enable TLS for catch-all site if tls directive is specified (#​5808)
  • 33d8d2c httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#​5860)
  • 288216e httpcaddyfile: Stricter errors for site and upstream address schemes (#​5757)
  • 2cac3c5 httpcaddyfile: fix placeholder shorthands in named routes (#​5791)
  • c46ec3b logging: Clone array on log filters, prevent side-effects (#​5786)
  • 1b73e38 logging: query filter for array of strings (#​5779)
  • 4776f62 replacer: change timezone to UTC for "time.now.http" placeholders (#​5774)
  • a8586b0 reverseproxy: Add logging for dynamic A upstreams (#​5857)
  • 3a3182f reverseproxy: Add more debug logs (#​5793)
  • 4feac4d reverseproxy: Allow fallthrough for response handlers without routes (#​5780)
  • e8b8d4a reverseproxy: Fix least_conn policy regression (#​5862)
  • 2a6859a reverseproxy: Fix retries on "upstreams unavailable" error (#​5841)
  • 05dbe1c reverseproxy: Replace health header placeholders (#​5861)
  • 1e0dea5 reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams (#​5811)
  • b245ecd reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers (#​5828)
  • 5653c36 templates: Add dummy RemoteAddr to httpInclude request, proxy compatibility (#​5845)
  • 289934f tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#​5852)

New Contributors

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.7.4...v2.7.5

v2.7.4

Compare Source

Caddy 2.7.4 rounds out some bug fixes from the 2.7 release. For example, Go made a last-minute breaking change to a new API that broke quic-go (HTTP/3) on Go 1.21 just before Go 1.21 was released; we resolved a few issues with on-demand TLS that are now much improved from the 2.6 tree; a couple race conditions were fixed in dynamic reverse proxy upstreams. We hope you will be pleased with this new version!

Caddy is on feature freeze until after 2.8 so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them!

We encourage all users to test this new version and then upgrade. Thanks to all who get involved!

Changelog

New Contributors

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.7.3...v2.7.4

v2.7.3

Compare Source

We're pleased to present Caddy 2.7, which makes significant strides in areas of scaling, performance, and niche features.

Special thank-you to @​francislavoie, @​Mohammed90, and other core team members for the ongoing dedication of their time to help maintain the project and help in our forums.

And a big thank-you to everyone else who contributed! You're awesome, and we're glad this project has so many contributors and sponsors to make it possible.

Docs are being updated and will be pushed live shortly. Thank you for your patience and for using Caddy!

(Note: Versions 2.7.0-2.7.2 contain bugs that were hotfixed within minutes and hours and a day of the release. Thank you to everyone who helped with that! And sorry for the trouble, we have learned lessons to help mitigate that in the future.)

Highlights

  • The in-memory TLS certificate cache is no longer purged and recreated during config reloads, making reloads extremely lightweight even when managing thousands of certificates.
  • Significant HTTP/3 performance improvements (upstream in quic-go) including enabling 0-RTT. Caddy users should notice significantly better throughput for HTTP/3. Thanks for the fantastic work, @​marten-seemann!
  • New default template for the file server's "browse" listings - more modern, easier to use, grid view, filetype-specific icons, and better dark mode (see #​5427 for more screenshots and info)
    list view
    grid view
  • The reverse proxy now supports the PROXY protocol. Using external modules is no longer required; specifically, the plugin by @​mastercactapus is now built-in. (#​5424)
  • Caddyfile now supports Heredoc syntax for long embedded strings/documents. (#​5385)
  • @​francislavoie implemented a suite of enhancements to bring you more reliable, trustworthy client IP information, even through proxies and CDNs (#​5104)
  • Certificate private keys will no longer be reused when renewing certificates.
  • Caddyfile import arg placeholders support slice syntax, e.g. {args[2:]} (#​5249)
  • Customizable "fallback" policy for reverse proxy in case the primary policy isn't applicable. (#​5488)
  • Etags are generated more sensibly for NixOS environments which all have Modified time of 1; and if you set your own Etag, it will not be overwritten.
  • EXPERIMENTAL: New short flags for the CLI. (#​5379)
  • EXPERIMENTAL: The reverse proxy may be configured to keep hijacked connections (streams, WebSockets, etc.) open through config reloads. (#​5567)
  • EXPERIMENTAL: Define "named routes" to reuse them without copying. Caddyfile snippets are useful for reusing config, but reusing the same HTTP routes involves lots of copied config and memory bloat. Named routes let you define a route once and reuse it throughout your HTTP server without copying. It is available for JSON and Caddyfile configs. (#​5107)
  • EXPERIMENTAL: You can specify permissions for unix sockets. (#​4741)
  • Many many bug fixes you may or may not notice 🙃

Deprecations and possible breaking changes for some:

  • ⚠️ The ask endpoint is now required to enable On-Demand TLS (b97c76f) for catch-all or wildcard hosts. Our docs have always mentioned this is required in production environments, but now the code enforces it. The ask endpoint is not required for local-only or internal-only names (#​5384 and a7af7c4).
  • ⚠️ The on-demand config's throttle options are now deprecated because the 'ask' endpoint is required. Additionally, the 'ask' endpoint is checked and the throttle is applied before storage is queried for a certificate in order to limit load on the storage backend.
  • ⚠️ The long-deprecated lookup_srv feature of the reverse proxy has been removed. It was replaced with the dynamic upstreams feature in 2.6. (#​5396)
  • ⚠️ The remote_ip forwarded matcher has been deprecated because it assumes trusting downstream proxies. Instead, the client_ip matcher should be used along with trusted_proxies configuration. (#​5103 and #​5104)
  • ⚠️ Placeholder syntax {args.0} is now deprecated in favor of {args[0]}.
  • ⚠️ Plugin authors will now need to use http.ResponseController to call Flush() or Hijack() on the response writer. (#​5654)

Thank you to everyone who contributed! And thank you to our sponsors who truly make this project possible.

New Contributors

Full Changelog: https://github.com/caddyserver/caddy/compare/v2.6.4...v2.7.3

Changelog

v2.7.2

Compare Source

Do not use this release, use v2.7.3 instead which contains several hot fixes.

v2.7.1

Compare Source

Do not use this release; use v2.7.3 instead. It contains a hotfix for a WebSocket issue.

v2.7.0

Compare Source

Do not use this release, use v2.7.3 instead which contains hot fixes.


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/caddyserver/caddy/v2](https://github.com/caddyserver/caddy) | require | minor | `v2.6.4` -> `v2.8.4` | --- ### Release Notes <details> <summary>caddyserver/caddy (github.com/caddyserver/caddy/v2)</summary> ### [`v2.8.4`](https://github.com/caddyserver/caddy/releases/tag/v2.8.4) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.8.3...v2.8.4) Hotfix for the Caddyfile detection regression in v2.8.2. The v2.8.3 tag was mistakenly made on the wrong commit and is skipped. #### Changelog - [`7088605`](https://github.com/caddyserver/caddy/commit/7088605c) cmd: fix regression in auto-detect of Caddyfile ([#&#8203;6362](https://github.com/caddyserver/caddy/issues/6362)) ### [`v2.8.3`](https://github.com/caddyserver/caddy/compare/v2.8.2...v2.8.3) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.8.2...v2.8.3) ### [`v2.8.2`](https://github.com/caddyserver/caddy/releases/tag/v2.8.2) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.8.1...v2.8.2) A few more fixes of reported bugs related to ARI, `try_files` with the root path (`/`), and Caddyfile adapter detection on the CLI. See 2.8.0 release notes for details on 2.8. #### Changelog - [`01308b4`](https://github.com/caddyserver/caddy/commit/01308b4b) I'm so tired of typos - [`a63767d`](https://github.com/caddyserver/caddy/commit/a63767d3) build(deps): bump golangci/golangci-lint-action from 5 to 6 ([#&#8203;6361](https://github.com/caddyserver/caddy/issues/6361)) - [`f8a2c60`](https://github.com/caddyserver/caddy/commit/f8a2c602) caddyhttp: properly sanitize requests for root path ([#&#8203;6360](https://github.com/caddyserver/caddy/issues/6360)) - [`b7280e6`](https://github.com/caddyserver/caddy/commit/b7280e69) caddytls: Implement certmagic.RenewalInfoGetter - [`15faeac`](https://github.com/caddyserver/caddy/commit/15faeacb) cmd: fix auto-detetction of .caddyfile extension ([#&#8203;6356](https://github.com/caddyserver/caddy/issues/6356)) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.8.1...v2.8.2 ### [`v2.8.1`](https://github.com/caddyserver/caddy/releases/tag/v2.8.1) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.8.0...v2.8.1) Quick fixes for a few users related to directory permissions and matcher parsing. #### Changelog - [`40c582c`](https://github.com/caddyserver/caddy/commit/40c582ce) caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers ([#&#8203;6350](https://github.com/caddyserver/caddy/issues/6350)) - [`a52917a`](https://github.com/caddyserver/caddy/commit/a52917a3) core: MkdirAll appDataDir in InstanceID with 0o700 ([#&#8203;6340](https://github.com/caddyserver/caddy/issues/6340)) ### [`v2.8.0`](https://github.com/caddyserver/caddy/releases/tag/v2.8.0) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.6...v2.8.0) Caddy 2.8 is here! With hundreds of improvements, Caddy is more scalable and capable than ever before. Featuring ACME Renewal Information (ARI) support, HTTP/3 to proxy backends, and so much more than we can list in a sentence, we are pleased to bring you one of the biggest Caddy updates yet. Documentation on our website will be updated in the coming days. We've implemented a *ton* of improvements, fixes, and awesome new features based on your feedback. While some of them aren't particularly visible changes, they allow Caddy to scale better and be more reliable in demanding deployments. Many of the changes are quality-of-life improvements we hope you'll appreciate. Then there's improvements to [ACMEz](https://github.com/mholt/acmez), [CertMagic](https://github.com/caddyserver/certmagic), and other dependencies which make Caddy better that may not show up in this list. There was a lot of code that had been documented as *deprecated* in place for a long time, so this version introduces a few more breaking changes than usual; please review the notes below. Thank you to our sponsors and everyone in the community who contributed -- over 40 of you made your first contribution for this release. We couldn't have done it without your help. In particular, we'd like to recognize sponsors **Stripe**, **Framer**, and **ZeroSSL** for their positive influence which have greatly enhanced the project. Caddy 2.8 is already being used in our sponsors' large-scale, multi-region production deployments. Want to join those ranks? [Sponsor the Caddy project](https://caddyserver.com/sponsor) and benefit from development priority, dedicated private support, and much more. As with any server upgrades, please be sure to test and validate your configurations in a staging or test environment before deploying to production. Thank you and have a great day! **:warning: Breaking changes:** - ZeroSSL ([#&#8203;6229](https://github.com/caddyserver/caddy/issues/6229)) (this is *one* overall change, but requires some explanation): - Up to now, Caddy used both Let's Encrypt and ZeroSSL by default to get certificates without any configuration. In 2.8, this is changing slightly. Due to upcoming changes to ZeroSSL accounting policies, ZeroSSL now requires your email address to be able to access their free ACME endpoint. - As such, Caddy will only implicitly add the ZeroSSL issuer to your config if you provide an email address in your Caddyfile using the [`email` global option](https://caddyserver.com/docs/caddyfile/options#email). (We have already recommended this for years.) If you already do this, you don't have to make any changes and you'll still get Let's Encrypt and ZeroSSL automatically as defaults. - If you use JSON to configure certificate automation policies, you will need to ensure you use the [`acme` issuer with your `email` filled out](https://caddyserver.com/docs/json/apps/tls/automation/policies/issuers/acme/#email), and the [`ca` field](https://caddyserver.com/docs/json/apps/tls/automation/policies/issuers/acme/#ca) set to [ZeroSSL's ACME server URL](https://zerossl.com/documentation/acme/). If you want redundancy with Let's Encrypt, be sure to specify another `acme` issuer as well (defaults OK, but we recommend setting an email there too). - The [`zerossl` issuer](https://caddyserver.com/docs/modules/tls.issuance.zerossl) module is no longer ACME-capable and is now exclusively for the [ZeroSSL API](https://zerossl.com/developer/). An API key from your ZeroSSL account is required. (The [ZeroSSL ACME server](https://zerossl.com/features/acme/) can still be used with the [`acme` module](https://caddyserver.com/docs/modules/tls.issuance.acme) pointed to ZeroSSL's ACME server. You can provide your account email and/or EAB as well.) **If you were using the ZeroSSL issuer with an API key, it will now start using ZeroSSL's API,** which was probably the expected behavior anyways. The API has several advantages over the ACME endpoint, but may require payment: - Faster response times - IP certificates - Management tools in your ZeroSSL account dashboard - Technical support - To clarify, Let's Encrypt is still a default issuer even if you don't provide an email address (but we have always strongly recommended to do so). - You can still use ZeroSSL's ACME endpoint with your own External Account Binding (EAB) credentials. - See notes in [#&#8203;6229](https://github.com/caddyserver/caddy/issues/6229) for some examples and further explanations. - Removed support for [the `lego_deprecated` DNS provider module](https://github.com/caddy-dns/lego-deprecated). It has been deprecated for 4 years. Use [`caddy-dns` modules](https://github.com/caddy-dns) instead; there are over 50 to choose from already. They are more flexible, compile much leaner, and are easier to implement and support. If yours is not supported it can be easily implemented. [Sponsors at or above the Business tier](https://caddyserver.com/sponsor) can request to have their provider implemented for free. - On-demand TLS: The `ask` option in the JSON has been deprecated in favor of a permission module (Caddyfile unchanged) ([#&#8203;6055](https://github.com/caddyserver/caddy/issues/6055)), and Caddyfile support for `permission` modules is added ([`6a02999`](https://github.com/caddyserver/caddy/commit/6a02999)) - Admin API: `Etag` (used for concurrency control) is now a header, not a trailer. This is less efficient, but still virtually no clients properly implement trailer support. - For consistency, the `basicauth` Caddyfile directive has been renamed to `basic_auth` ([#&#8203;6092](https://github.com/caddyserver/caddy/issues/6092)), and `skip_log` has been renamed to `log_skip`. The old names will continue to work for now, with a deprecation warning in the logs. ([#&#8203;6066](https://github.com/caddyserver/caddy/issues/6066)). - The `basic_auth` handler no longer supports `scrypt` (deprecated for nearly two years) ([#&#8203;6091](https://github.com/caddyserver/caddy/issues/6091)) - The `forwarded` option has been deprecated for a long time and has now been removed from the `remote_ip` matcher. Use the `client_ip` matcher instead. ([#&#8203;6085](https://github.com/caddyserver/caddy/issues/6085)) - Reverse proxy: The `buffer_requests`, `buffer_responses`, and `max_buffer_size` settings have been removed after being deprecated for 14 months. Use `request_buffers` and `response_buffers` instead if you need buffering. - Go API: If you called `caddy.Context.AppIfConfigured()`, it now returns an error, as part of a bug fix. ([#&#8203;6292](https://github.com/caddyserver/caddy/issues/6292)) **Notable changes:** - acme_server: Configurable allow/deny policies ([#&#8203;5796](https://github.com/caddyserver/caddy/issues/5796)) - acme_server: Specify allowed challenge types ([#&#8203;5794](https://github.com/caddyserver/caddy/issues/5794)) - caddyfile: Plugin authors can now specify a default ordering for directives, making manual ordering by users less necessary ([#&#8203;5865](https://github.com/caddyserver/caddy/issues/5865)) - cmd: The `--adapter` flag is not needed for config files ending with `.caddyfile` ([#&#8203;5919](https://github.com/caddyserver/caddy/issues/5919)) - encode: More media types are now compressed by default ([#&#8203;6081](https://github.com/caddyserver/caddy/issues/6081)) - encode: Modify ETag when encoding to comply with RFC 9110 section 8.8.3 ([#&#8203;5849](https://github.com/caddyserver/caddy/issues/5849)) - encode: Configurable compression level for `zstd` ([#&#8203;6140](https://github.com/caddyserver/caddy/issues/6140)) - handle_errors: Handling can now be filtered by response status code more easily ([#&#8203;5965](https://github.com/caddyserver/caddy/issues/5965)) - http: New `fs` directive can declare a file system plugin to use ([#&#8203;5057](https://github.com/caddyserver/caddy/issues/5057)) - http: Sensitive headers in the logs are now replaced with `["REDACTED"]` instead of empty array. ([#&#8203;5669](https://github.com/caddyserver/caddy/issues/5669)) - http: Several improvements to size logging, websockets, flushing, 1xx statuses, and QUIC. ([#&#8203;6173](https://github.com/caddyserver/caddy/issues/6173), [#&#8203;6175](https://github.com/caddyserver/caddy/issues/6175), [#&#8203;6202](https://github.com/caddyserver/caddy/issues/6202), [#&#8203;6150](https://github.com/caddyserver/caddy/issues/6150), [#&#8203;6164](https://github.com/caddyserver/caddy/issues/6164), [#&#8203;6168](https://github.com/caddyserver/caddy/issues/6168)) - http: Can now write access logs for a hostname to more than one logger ([#&#8203;6088](https://github.com/caddyserver/caddy/issues/6088)) - http: The `log_append` handler can add fields to the access logs ([#&#8203;6066](https://github.com/caddyserver/caddy/issues/6066)) - http: Add `uuid` field to access logs when the `{http.request.uuid}` placeholder is used ([#&#8203;5859](https://github.com/caddyserver/caddy/issues/5859)) - http: Changed PROXY protocol libraries add TLV support ([#&#8203;5915](https://github.com/caddyserver/caddy/issues/5915)) - http: A new tracing mode writes each individual middleware handler to logs ([#&#8203;6313](https://github.com/caddyserver/caddy/issues/6313)) - http: Access logs use a different message ("unhandled") when an HTTP request is a no-op ([#&#8203;5182](https://github.com/caddyserver/caddy/issues/5182)) - file_server: The browse feature can now return a plaintext response (useful for terminals) ([#&#8203;6093](https://github.com/caddyserver/caddy/issues/6093)) - file_server: File listings can dereference symlinks if enabled ([#&#8203;5973](https://github.com/caddyserver/caddy/issues/5973)) - file_server: Directory listings now include total file size ([#&#8203;6003](https://github.com/caddyserver/caddy/issues/6003)) - file_server: Can use precomputed ETags from sidecar files ([#&#8203;6222](https://github.com/caddyserver/caddy/issues/6222)) - replacer: A new `{file.*}` global placeholder is available, where `*` is a path to a file on disk which contains a value (generally used for secrets) ([#&#8203;5463](https://github.com/caddyserver/caddy/issues/5463)) - reverse_proxy: HTTP/3 supported to backends (experimental) ([#&#8203;6312](https://github.com/caddyserver/caddy/issues/6312)) - reverse_proxy: Active health checks can now be configured with consecutive passes/fails to change status ([#&#8203;6154](https://github.com/caddyserver/caddy/issues/6154)) - reverse_proxy: A forward proxy can now be specified in config other than a single env var ([#&#8203;6114](https://github.com/caddyserver/caddy/issues/6114)) - reverse_proxy: Configurable trusted root CAs is now modular ([#&#8203;6065](https://github.com/caddyserver/caddy/issues/6065)) - reverse_proxy: SRV upstreams now support failovers/grace period with cache ([#&#8203;5832](https://github.com/caddyserver/caddy/issues/5832)) - reverse_proxy: TLS curves can now be configured (potential preparation for post-quantum) ([#&#8203;5851](https://github.com/caddyserver/caddy/issues/5851)) - root, rewrite: A `*` matcher token is no longer required in the Caddyfile ([#&#8203;5844](https://github.com/caddyserver/caddy/issues/5844)) - tls: Client authentication validation methods are now modular/pluggable ([#&#8203;6050](https://github.com/caddyserver/caddy/issues/6050)) - tls: Trusted CA providers are now modular ([#&#8203;5784](https://github.com/caddyserver/caddy/issues/5784)) - tls: New `local_ip` connection matcher ([#&#8203;6074](https://github.com/caddyserver/caddy/issues/6074)) - tls: Improvements and fixes when certificate managers are configured ([#&#8203;6229](https://github.com/caddyserver/caddy/issues/6229)) - tls: Refactor the On-Demand TLS `ask` endpoint into a `permission` module, making it pluggable ([#&#8203;6055](https://github.com/caddyserver/caddy/issues/6055)) - tls: Storage cleaning is now synced across instances that share the storage ([#&#8203;5940](https://github.com/caddyserver/caddy/issues/5940)) - tls: Supports ACME Renewal Information (ARI) draft spec, together with cert lifetime and OCSP/revocation status, to trigger certificate renewals - uri: Can now perform structured query rewrites with `uri query` ([#&#8203;6120](https://github.com/caddyserver/caddy/issues/6120), [#&#8203;6165](https://github.com/caddyserver/caddy/issues/6165)) #### Changelog **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.7.6...v2.8.0 - [`ac0ad4d`](https://github.com/caddyserver/caddy/commit/ac0ad4da) Upgrade acmeserver to github.com/go-chi/chi/v5 ([#&#8203;5913](https://github.com/caddyserver/caddy/issues/5913)) - [`931656b`](https://github.com/caddyserver/caddy/commit/931656bd) acmeserver: add policy field to define allow/deny rules ([#&#8203;5796](https://github.com/caddyserver/caddy/issues/5796)) - [`e1aa862`](https://github.com/caddyserver/caddy/commit/e1aa862e) acmeserver: support specifying the allowed challenge types ([#&#8203;5794](https://github.com/caddyserver/caddy/issues/5794)) - [`e6f46c8`](https://github.com/caddyserver/caddy/commit/e6f46c8d) acmeserver: Add `sign_with_root` for Caddyfile ([#&#8203;6345](https://github.com/caddyserver/caddy/issues/6345)) - [`4a0492f`](https://github.com/caddyserver/caddy/commit/4a0492f3) admin: Make `Etag` a header, not a trailer ([#&#8203;6208](https://github.com/caddyserver/caddy/issues/6208)) - [`1217449`](https://github.com/caddyserver/caddy/commit/12174496) admin: Use xxhash for etag ([#&#8203;6207](https://github.com/caddyserver/caddy/issues/6207)) - [`7e2510e`](https://github.com/caddyserver/caddy/commit/7e2510ef) build(deps): bump golangci/golangci-lint-action from 4 to 5 ([#&#8203;6289](https://github.com/caddyserver/caddy/issues/6289)) - [`4f3f6e3`](https://github.com/caddyserver/caddy/commit/4f3f6e35) build(deps): bump actions/setup-go from 4 to 5 ([#&#8203;6012](https://github.com/caddyserver/caddy/issues/6012)) - [`8a50f19`](https://github.com/caddyserver/caddy/commit/8a50f191) build(deps): bump actions/upload-artifact from 3 to 4 ([#&#8203;6013](https://github.com/caddyserver/caddy/issues/6013)) - [`1bf72db`](https://github.com/caddyserver/caddy/commit/1bf72db6) build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 ([#&#8203;5994](https://github.com/caddyserver/caddy/issues/5994)) - [`223f314`](https://github.com/caddyserver/caddy/commit/223f3143) build(deps): bump peter-evans/repository-dispatch from 2 to 3 ([#&#8203;6080](https://github.com/caddyserver/caddy/issues/6080)) - [`30d6364`](https://github.com/caddyserver/caddy/commit/30d63648) caddyauth: Drop support for `scrypt` ([#&#8203;6091](https://github.com/caddyserver/caddy/issues/6091)) - [`f9e1115`](https://github.com/caddyserver/caddy/commit/f9e11158) caddyauth: Rename `basicauth` to `basic_auth` ([#&#8203;6092](https://github.com/caddyserver/caddy/issues/6092)) - [`f4840cf`](https://github.com/caddyserver/caddy/commit/f4840cfe) caddyconfig: Use empty struct instead of bool in map (close [#&#8203;6224](https://github.com/caddyserver/caddy/issues/6224)) ([#&#8203;6227](https://github.com/caddyserver/caddy/issues/6227)) - [`f6d2c29`](https://github.com/caddyserver/caddy/commit/f6d2c293) caddyfile: Reject global request matchers earlier ([#&#8203;6339](https://github.com/caddyserver/caddy/issues/6339)) - [`c0273f1`](https://github.com/caddyserver/caddy/commit/c0273f1f) caddyfile: Add heredoc support to `fmt` command ([#&#8203;6056](https://github.com/caddyserver/caddy/issues/6056)) - [`d9aded0`](https://github.com/caddyserver/caddy/commit/d9aded01) caddyfile: Allow heredoc blank lines ([#&#8203;6051](https://github.com/caddyserver/caddy/issues/6051)) - [`8bbf8ec`](https://github.com/caddyserver/caddy/commit/8bbf8ec6) caddyfile: Assert having a space after heredoc marker to simply check ([#&#8203;6117](https://github.com/caddyserver/caddy/issues/6117)) - [`c369df5`](https://github.com/caddyserver/caddy/commit/c369df5c) caddyfile: Correctly close the heredoc when the closing marker appears immediately ([#&#8203;6062](https://github.com/caddyserver/caddy/issues/6062)) - [`1f60328`](https://github.com/caddyserver/caddy/commit/1f60328e) caddyfile: Fix variadic placeholder false positive when token contains `:` ([#&#8203;5883](https://github.com/caddyserver/caddy/issues/5883)) - [`750d0b8`](https://github.com/caddyserver/caddy/commit/750d0b83) caddyfile: Normalize & flatten all unmarshalers ([#&#8203;6037](https://github.com/caddyserver/caddy/issues/6037)) - [`9cd472c`](https://github.com/caddyserver/caddy/commit/9cd472c0) caddyfile: Populate regexp matcher names by default ([#&#8203;6145](https://github.com/caddyserver/caddy/issues/6145)) - [`b893c8c`](https://github.com/caddyserver/caddy/commit/b893c8c5) caddyfile: Reject directives in the place of site addresses ([#&#8203;6104](https://github.com/caddyserver/caddy/issues/6104)) - [`e7a534d`](https://github.com/caddyserver/caddy/commit/e7a534d0) caddyfile: Reject long heredoc markers ([#&#8203;6098](https://github.com/caddyserver/caddy/issues/6098)) - [`7c48b5f`](https://github.com/caddyserver/caddy/commit/7c48b5fd) caddyfile: Switch to slices.Equal for better performance ([#&#8203;6061](https://github.com/caddyserver/caddy/issues/6061)) - [`63d597c`](https://github.com/caddyserver/caddy/commit/63d597c0) caddyhttp: Accept XFF header values with ports, when parsing client IP ([#&#8203;6183](https://github.com/caddyserver/caddy/issues/6183)) - [`3d7d60f`](https://github.com/caddyserver/caddy/commit/3d7d60f7) caddyhttp: Add `uuid` to access logs when used ([#&#8203;5859](https://github.com/caddyserver/caddy/issues/5859)) - [`45132c5`](https://github.com/caddyserver/caddy/commit/45132c5b) caddyhttp: Add plaintext response to `file_server browse` ([#&#8203;6093](https://github.com/caddyserver/caddy/issues/6093)) - [`6d97d8d`](https://github.com/caddyserver/caddy/commit/6d97d8d8) caddyhttp: Address some Go 1.20 features ([#&#8203;6252](https://github.com/caddyserver/caddy/issues/6252)) - [`4c10a05`](https://github.com/caddyserver/caddy/commit/4c10a054) caddyhttp: Adjust `scheme` placeholder docs ([#&#8203;5910](https://github.com/caddyserver/caddy/issues/5910)) - [`97a56d8`](https://github.com/caddyserver/caddy/commit/97a56d86) caddyhttp: Allow `header` replacement with empty string ([#&#8203;6163](https://github.com/caddyserver/caddy/issues/6163)) - [`83ef61d`](https://github.com/caddyserver/caddy/commit/83ef61de) caddyhttp: Apply auto HTTPS redir to all interfaces (fix [#&#8203;6226](https://github.com/caddyserver/caddy/issues/6226)) - [`2fc620d`](https://github.com/caddyserver/caddy/commit/2fc620d3) caddyhttp: Fix linter warning about deprecation - [`f5344f8`](https://github.com/caddyserver/caddy/commit/f5344f8c) caddyhttp: Fix panic when request missing ClientIPVarKey ([#&#8203;6040](https://github.com/caddyserver/caddy/issues/6040)) - [`2c48dda`](https://github.com/caddyserver/caddy/commit/2c48dda1) caddyhttp: Only attempt to enable full duplex for HTTP/1.x ([#&#8203;6102](https://github.com/caddyserver/caddy/issues/6102)) - [`1277888`](https://github.com/caddyserver/caddy/commit/12778880) caddyhttp: Register post-shutdown callbacks ([#&#8203;5948](https://github.com/caddyserver/caddy/issues/5948)) - [`7b48ce0`](https://github.com/caddyserver/caddy/commit/7b48ce0e) caddyhttp: Replace sensitive headers with REDACTED (close [#&#8203;5669](https://github.com/caddyserver/caddy/issues/5669)) - [`cc0c0cf`](https://github.com/caddyserver/caddy/commit/cc0c0cf0) caddyhttp: Security enhancements for client IP parsing ([#&#8203;5805](https://github.com/caddyserver/caddy/issues/5805)) - [`70953e8`](https://github.com/caddyserver/caddy/commit/70953e87) caddyhttp: Support multiple logger names per host ([#&#8203;6088](https://github.com/caddyserver/caddy/issues/6088)) - [`bde4621`](https://github.com/caddyserver/caddy/commit/bde46211) caddyhttp: Test cases for `%2F` and `%252F` ([#&#8203;6084](https://github.com/caddyserver/caddy/issues/6084)) - [`c8559c4`](https://github.com/caddyserver/caddy/commit/c8559c44) caddyhttp: Use sync.Pool to reduce lengthReader allocations ([#&#8203;5848](https://github.com/caddyserver/caddy/issues/5848)) - [`ddb1d2c`](https://github.com/caddyserver/caddy/commit/ddb1d2c2) caddyhttp: add http.request.local{,.host,.port} placeholder ([#&#8203;6182](https://github.com/caddyserver/caddy/issues/6182)) - [`924010c`](https://github.com/caddyserver/caddy/commit/924010cd) caddyhttp: close quic connections when server closes ([#&#8203;6202](https://github.com/caddyserver/caddy/issues/6202)) - [`e0daa39`](https://github.com/caddyserver/caddy/commit/e0daa39c) caddyhttp: record num. bytes read when response writer is hijacked ([#&#8203;6173](https://github.com/caddyserver/caddy/issues/6173)) - [`654a3bb`](https://github.com/caddyserver/caddy/commit/654a3bb0) caddyhttp: remove duplicate strings.Count in path matcher (fixes [#&#8203;6233](https://github.com/caddyserver/caddy/issues/6233)) ([#&#8203;6234](https://github.com/caddyserver/caddy/issues/6234)) - [`b568a10`](https://github.com/caddyserver/caddy/commit/b568a10d) caddyhttp: support unix sockets in `caddy respond` command ([#&#8203;6010](https://github.com/caddyserver/caddy/issues/6010)) - [`c93e304`](https://github.com/caddyserver/caddy/commit/c93e3045) caddyhttp: suppress flushing if the response is being buffered ([#&#8203;6150](https://github.com/caddyserver/caddy/issues/6150)) - [`52822a4`](https://github.com/caddyserver/caddy/commit/52822a41) caddyhttp: upgrade to cel v0.20.0 ([#&#8203;6161](https://github.com/caddyserver/caddy/issues/6161)) - [`224316e`](https://github.com/caddyserver/caddy/commit/224316ea) caddyhttp: Move log WARN to INFO, reduce confusion ([#&#8203;6185](https://github.com/caddyserver/caddy/issues/6185)) - [`6dce493`](https://github.com/caddyserver/caddy/commit/6dce4934) caddyhttp: Alter log message when request is unhandled (close [#&#8203;5182](https://github.com/caddyserver/caddy/issues/5182)) - [`4af38e5`](https://github.com/caddyserver/caddy/commit/4af38e5a) caddyhttp: Log 4xx as INFO; 5xx as ERROR (close [#&#8203;6106](https://github.com/caddyserver/caddy/issues/6106)) - [`fb63e2e`](https://github.com/caddyserver/caddy/commit/fb63e2e4) caddyhttp: New experimental handler for intercepting responses ([#&#8203;6232](https://github.com/caddyserver/caddy/issues/6232)) - [`9ba9991`](https://github.com/caddyserver/caddy/commit/9ba99914) caddyhttp: Trace individual middleware handlers ([#&#8203;6313](https://github.com/caddyserver/caddy/issues/6313)) - [`c97292b`](https://github.com/caddyserver/caddy/commit/c97292b2) caddypki: Allow use of root CA without a key. Fixes [#&#8203;6290](https://github.com/caddyserver/caddy/issues/6290) ([#&#8203;6298](https://github.com/caddyserver/caddy/issues/6298)) - [`4512be4`](https://github.com/caddyserver/caddy/commit/4512be49) caddytest: Rename adapt tests to `*.caddyfiletest` extension ([#&#8203;6119](https://github.com/caddyserver/caddy/issues/6119)) - [`4c90f14`](https://github.com/caddyserver/caddy/commit/4c90f142) caddytest: normalize the JSON config ([#&#8203;6316](https://github.com/caddyserver/caddy/issues/6316)) - [`8d7ac18`](https://github.com/caddyserver/caddy/commit/8d7ac184) caddytls: Ability to drop connections (close [#&#8203;6294](https://github.com/caddyserver/caddy/issues/6294)) - [`6a02999`](https://github.com/caddyserver/caddy/commit/6a029990) caddytls: Add Caddyfile support for on-demand permission module (close [#&#8203;6260](https://github.com/caddyserver/caddy/issues/6260)) - [`b24ae63`](https://github.com/caddyserver/caddy/commit/b24ae63e) caddytls: Context to DecisionFunc ([#&#8203;5923](https://github.com/caddyserver/caddy/issues/5923)) - [`d129ae6`](https://github.com/caddyserver/caddy/commit/d129ae6a) caddytls: Evict internal certs from cache based on issuer ([#&#8203;6266](https://github.com/caddyserver/caddy/issues/6266)) - [`57c5b92`](https://github.com/caddyserver/caddy/commit/57c5b921) caddytls: Make on-demand 'ask' permission modular ([#&#8203;6055](https://github.com/caddyserver/caddy/issues/6055)) - [`76c4cf5`](https://github.com/caddyserver/caddy/commit/76c4cf5a) caddytls: Option to configure certificate lifetime ([#&#8203;6253](https://github.com/caddyserver/caddy/issues/6253)) - [`3609a4a`](https://github.com/caddyserver/caddy/commit/3609a4af) caddytls: Remove shim code supporting deprecated lego-dns ([#&#8203;6231](https://github.com/caddyserver/caddy/issues/6231)) - [`dc9dd2e`](https://github.com/caddyserver/caddy/commit/dc9dd2e4) caddytls: Still provision permission module if ask is specified - [`4a09cf0`](https://github.com/caddyserver/caddy/commit/4a09cf0d) caddytls: Sync distributed storage cleaning ([#&#8203;5940](https://github.com/caddyserver/caddy/issues/5940)) - [`81413ca`](https://github.com/caddyserver/caddy/commit/81413cae) caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes ([#&#8203;6229](https://github.com/caddyserver/caddy/issues/6229)) - [`3ae07a7`](https://github.com/caddyserver/caddy/commit/3ae07a73) caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable ([#&#8203;6050](https://github.com/caddyserver/caddy/issues/6050)) - [`03f703a`](https://github.com/caddyserver/caddy/commit/03f703a0) caddytls: verifier: caddyfile: re-add Caddyfile support ([#&#8203;6127](https://github.com/caddyserver/caddy/issues/6127)) - [`db3e19b`](https://github.com/caddyserver/caddy/commit/db3e19b7) caddytls: fix permission requirement with AutomationPolicy ([#&#8203;6328](https://github.com/caddyserver/caddy/issues/6328)) - [`1fc151f`](https://github.com/caddyserver/caddy/commit/1fc151fa) caddytls: remove ClientHelloSNICtxKey ([#&#8203;6326](https://github.com/caddyserver/caddy/issues/6326)) - [`e66040a`](https://github.com/caddyserver/caddy/commit/e66040a6) caddytls: set server name in context ([#&#8203;6324](https://github.com/caddyserver/caddy/issues/6324)) - [`b359ca5`](https://github.com/caddyserver/caddy/commit/b359ca56) ci/cd: use the build tag `nobadger` to exclude badgerdb ([#&#8203;6031](https://github.com/caddyserver/caddy/issues/6031)) - [`24b0ecc`](https://github.com/caddyserver/caddy/commit/24b0ecc3) cmd: Add newline character to version string in CLI output ([#&#8203;5895](https://github.com/caddyserver/caddy/issues/5895)) - [`e473ae6`](https://github.com/caddyserver/caddy/commit/e473ae68) cmd: Adjust config load logs/errors ([#&#8203;6032](https://github.com/caddyserver/caddy/issues/6032)) - [`185ed6f`](https://github.com/caddyserver/caddy/commit/185ed6fe) cmd: Assume Caddyfile based on filename prefix and suffix ([#&#8203;5919](https://github.com/caddyserver/caddy/issues/5919)) - [`e1f4b83`](https://github.com/caddyserver/caddy/commit/e1f4b83f) cmd: Fix panic related to config filename (fix [#&#8203;5919](https://github.com/caddyserver/caddy/issues/5919)) - [`8f87c5d`](https://github.com/caddyserver/caddy/commit/8f87c5d9) cmd: Only validate config is proper JSON if config slice has data ([#&#8203;6250](https://github.com/caddyserver/caddy/issues/6250)) - [`56c6b3f`](https://github.com/caddyserver/caddy/commit/56c6b3f6) cmd: Preserve LastModified date when exporting storage ([#&#8203;5968](https://github.com/caddyserver/caddy/issues/5968)) - [`de4959f`](https://github.com/caddyserver/caddy/commit/de4959fe) cmd: fix the output of the `Usage` section ([#&#8203;6138](https://github.com/caddyserver/caddy/issues/6138)) - [`54823f5`](https://github.com/caddyserver/caddy/commit/54823f52) cmd: reverseproxy: log: use caddy logger ([#&#8203;6042](https://github.com/caddyserver/caddy/issues/6042)) - [`d70608b`](https://github.com/caddyserver/caddy/commit/d70608b6) cmd: upgrade: resolve symlink of the executable ([#&#8203;5891](https://github.com/caddyserver/caddy/issues/5891)) - [`d54dcf1`](https://github.com/caddyserver/caddy/commit/d54dcf15) cmd: use automaxprocs for better perf in containers ([#&#8203;5711](https://github.com/caddyserver/caddy/issues/5711)) - [`e1b9a9d`](https://github.com/caddyserver/caddy/commit/e1b9a9d7) core: Add `ctx.Slogger()` which returns an `slog` logger ([#&#8203;5945](https://github.com/caddyserver/caddy/issues/5945)) - [`cbbd1df`](https://github.com/caddyserver/caddy/commit/cbbd1df9) core: Always make AppDataDir for InstanceID ([#&#8203;5976](https://github.com/caddyserver/caddy/issues/5976)) - [`174c19a`](https://github.com/caddyserver/caddy/commit/174c19a9) core: Apply SO_REUSEPORT to UDP sockets ([#&#8203;5725](https://github.com/caddyserver/caddy/issues/5725)) - [`46c5db9`](https://github.com/caddyserver/caddy/commit/46c5db92) core: OnExit hooks ([#&#8203;6128](https://github.com/caddyserver/caddy/issues/6128)) - [`a747930`](https://github.com/caddyserver/caddy/commit/a7479302) core: Support NO_COLOR env var to disable log coloring ([#&#8203;6078](https://github.com/caddyserver/caddy/issues/6078)) - [`7c82e26`](https://github.com/caddyserver/caddy/commit/7c82e265) core: quic listener will manage the underlying socket by itself ([#&#8203;5749](https://github.com/caddyserver/caddy/issues/5749)) - [`a6a45ff`](https://github.com/caddyserver/caddy/commit/a6a45ff6) core: AppIfConfigured returns error; consider not-yet-provisioned modules ([#&#8203;6292](https://github.com/caddyserver/caddy/issues/6292)) - [`2ce5c65`](https://github.com/caddyserver/caddy/commit/2ce5c652) core: Fix bug in AppIfConfigured (fix [#&#8203;6336](https://github.com/caddyserver/caddy/issues/6336)) - [`03e0a01`](https://github.com/caddyserver/caddy/commit/03e0a010) encode: Configurable compression level for zstd ([#&#8203;6140](https://github.com/caddyserver/caddy/issues/6140)) - [`3067074`](https://github.com/caddyserver/caddy/commit/3067074d) encode: Improve Etag handling (fix [#&#8203;5849](https://github.com/caddyserver/caddy/issues/5849)) - [`9ab0943`](https://github.com/caddyserver/caddy/commit/9ab09433) encode: Slight fix for the previous commit - [`e698ec5`](https://github.com/caddyserver/caddy/commit/e698ec51) encode: write status immediately when status code is informational ([#&#8203;6164](https://github.com/caddyserver/caddy/issues/6164)) - [`ba58114`](https://github.com/caddyserver/caddy/commit/ba581146) events: Add debug log - [`7e52db8`](https://github.com/caddyserver/caddy/commit/7e52db82) fileserver: Add .m4v for browse template icon - [`8f9ffc5`](https://github.com/caddyserver/caddy/commit/8f9ffc58) fileserver: Add total file size to directory listing ([#&#8203;6003](https://github.com/caddyserver/caddy/issues/6003)) - [`feb07a7`](https://github.com/caddyserver/caddy/commit/feb07a7b) fileserver: Browse can show symlink target if enabled ([#&#8203;5973](https://github.com/caddyserver/caddy/issues/5973)) - [`b16aba5`](https://github.com/caddyserver/caddy/commit/b16aba5c) fileserver: Enable compression for command by default ([#&#8203;5855](https://github.com/caddyserver/caddy/issues/5855)) - [`5d8b45c`](https://github.com/caddyserver/caddy/commit/5d8b45c9) fileserver: Escape # and ? in img src (fix [#&#8203;6237](https://github.com/caddyserver/caddy/issues/6237)) - [`f3e849e`](https://github.com/caddyserver/caddy/commit/f3e849e4) fileserver: Implement caddyfile.Unmarshaler interface ([#&#8203;5850](https://github.com/caddyserver/caddy/issues/5850)) - [`d00824f`](https://github.com/caddyserver/caddy/commit/d00824f4) fileserver: Improve Vary handling ([#&#8203;5849](https://github.com/caddyserver/caddy/issues/5849)) - [`362f33d`](https://github.com/caddyserver/caddy/commit/362f33da) fileserver: New --precompressed flag ([#&#8203;5880](https://github.com/caddyserver/caddy/issues/5880)) - [`5a4374b`](https://github.com/caddyserver/caddy/commit/5a4374be) fileserver: Preserve query during canonicalization redirect ([#&#8203;6109](https://github.com/caddyserver/caddy/issues/6109)) - [`cabb5d7`](https://github.com/caddyserver/caddy/commit/cabb5d71) fileserver: Set "Vary: Accept-Encoding" header (see [#&#8203;5849](https://github.com/caddyserver/caddy/issues/5849)) - [`567d96c`](https://github.com/caddyserver/caddy/commit/567d96c6) fileserver: read etags from precomputed files ([#&#8203;6222](https://github.com/caddyserver/caddy/issues/6222)) - [`c839a98`](https://github.com/caddyserver/caddy/commit/c839a98f) filesystem: Globally declared filesystems, `fs` directive ([#&#8203;5833](https://github.com/caddyserver/caddy/issues/5833)) - [`60abd72`](https://github.com/caddyserver/caddy/commit/60abd72c) fix: add back text/\* - [`b8f729b`](https://github.com/caddyserver/caddy/commit/b8f729b8) fix: add more media types to the compressed by default list - [`a4a64a6`](https://github.com/caddyserver/caddy/commit/a4a64a6f) gitignore: Add rule for caddyfile.go ([#&#8203;6225](https://github.com/caddyserver/caddy/issues/6225)) - [`9fc55a9`](https://github.com/caddyserver/caddy/commit/9fc55a97) go.mod: CVE-2023-45142 Update opentelemetry ([#&#8203;5908](https://github.com/caddyserver/caddy/issues/5908)) - [`fe2a02b`](https://github.com/caddyserver/caddy/commit/fe2a02bf) go.mod: Upgrade quic-go to v0.39.1 - [`b49ec05`](https://github.com/caddyserver/caddy/commit/b49ec051) go.mod: Updated quic-go to v0.40.1 ([#&#8203;5983](https://github.com/caddyserver/caddy/issues/5983)) - [`ee35855`](https://github.com/caddyserver/caddy/commit/ee358550) go.mod: update quic-go version to v0.40.0 ([#&#8203;5922](https://github.com/caddyserver/caddy/issues/5922)) - [`a46ff50`](https://github.com/caddyserver/caddy/commit/a46ff50a) go.mod: Upgrade to quic-go v0.43.0 - [`b522710`](https://github.com/caddyserver/caddy/commit/b5227106) go.mod: Upgrade to quic-go v0.43.1 - [`dd203ad`](https://github.com/caddyserver/caddy/commit/dd203ad4) go.mod: CertMagic v0.21.0 - [`d79c0f0`](https://github.com/caddyserver/caddy/commit/d79c0f0d) go.mod: Upgrade dependencies - [`abdf1ae`](https://github.com/caddyserver/caddy/commit/abdf1ae1) go.mod: go 1.22.3 - [`258d906`](https://github.com/caddyserver/caddy/commit/258d9061) httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors ([#&#8203;5865](https://github.com/caddyserver/caddy/issues/5865)) - [`4181c79`](https://github.com/caddyserver/caddy/commit/4181c79a) httpcaddyfile: Add optional status code argument to `handle_errors` directive ([#&#8203;5965](https://github.com/caddyserver/caddy/issues/5965)) - [`2a78c9c`](https://github.com/caddyserver/caddy/commit/2a78c9c5) httpcaddyfile: Allow nameless regexp placeholder shorthand ([#&#8203;6113](https://github.com/caddyserver/caddy/issues/6113)) - [`7984e6f`](https://github.com/caddyserver/caddy/commit/7984e6f6) httpcaddyfile: Fix TLS automation policy merging with get_certificate ([#&#8203;5896](https://github.com/caddyserver/caddy/issues/5896)) - [`f976c84`](https://github.com/caddyserver/caddy/commit/f976c84d) httpcaddyfile: Fix cert file decoding to load multiple PEM in one file ([#&#8203;5997](https://github.com/caddyserver/caddy/issues/5997)) - [`c2d889f`](https://github.com/caddyserver/caddy/commit/c2d889f8) httpcaddyfile: Fix redir <to> html ([#&#8203;6001](https://github.com/caddyserver/caddy/issues/6001)) - [`c27425e`](https://github.com/caddyserver/caddy/commit/c27425ef) httpcaddyfile: Keep deprecated `skip_log` in directive order ([#&#8203;6153](https://github.com/caddyserver/caddy/issues/6153)) - [`ac1f20b`](https://github.com/caddyserver/caddy/commit/ac1f20b9) httpcaddyfile: Remove port from logger names ([#&#8203;5881](https://github.com/caddyserver/caddy/issues/5881)) - [`5e2f1b5`](https://github.com/caddyserver/caddy/commit/5e2f1b5c) httpcaddyfile: Rewrite `root` and `rewrite` parsing to allow omitting matcher ([#&#8203;5844](https://github.com/caddyserver/caddy/issues/5844)) - [`3efda6f`](https://github.com/caddyserver/caddy/commit/3efda6fb) httpcaddyfile: Skip automate loader if disable_certs is specified (fix [#&#8203;6148](https://github.com/caddyserver/caddy/issues/6148)) - [`da7d8cb`](https://github.com/caddyserver/caddy/commit/da7d8cb2) httpcaddyfile: Sort skip_hosts for deterministic JSON ([#&#8203;5990](https://github.com/caddyserver/caddy/issues/5990)) - [`cb86319`](https://github.com/caddyserver/caddy/commit/cb86319b) httpcaddyfile: Support client auth verifiers ([#&#8203;6022](https://github.com/caddyserver/caddy/issues/6022)) - [`feeb6af`](https://github.com/caddyserver/caddy/commit/feeb6af4) httpcaddyfile: Fix expression matcher shortcut in snippets ([#&#8203;6288](https://github.com/caddyserver/caddy/issues/6288)) - [`583c585`](https://github.com/caddyserver/caddy/commit/583c585c) httpcaddyfile: Set challenge ports when http_port or https_port are used - [`96f638e`](https://github.com/caddyserver/caddy/commit/96f638ea) httpredirectlistener: Only set read limit for when request is HTTP ([#&#8203;5917](https://github.com/caddyserver/caddy/issues/5917)) - [`3248e4c`](https://github.com/caddyserver/caddy/commit/3248e4c8) logging: Add `zap.Option` support ([#&#8203;5944](https://github.com/caddyserver/caddy/issues/5944)) - [`b9c40e7`](https://github.com/caddyserver/caddy/commit/b9c40e71) logging: Automatic `wrap` default for `filter` encoder ([#&#8203;5980](https://github.com/caddyserver/caddy/issues/5980)) - [`726a9a8`](https://github.com/caddyserver/caddy/commit/726a9a8f) logging: Fix default access logger ([#&#8203;6251](https://github.com/caddyserver/caddy/issues/6251)) - [`01d5568`](https://github.com/caddyserver/caddy/commit/01d5568b) logging: Implement `append` encoder, allow flatter filters config ([#&#8203;6069](https://github.com/caddyserver/caddy/issues/6069)) - [`0d44e3e`](https://github.com/caddyserver/caddy/commit/0d44e3ec) logging: Implement `log_append` handler ([#&#8203;6066](https://github.com/caddyserver/caddy/issues/6066)) - [`91ec754`](https://github.com/caddyserver/caddy/commit/91ec7544) logging: Inline Caddyfile syntax for `ip_mask` filter ([#&#8203;6094](https://github.com/caddyserver/caddy/issues/6094)) - [`0c01547`](https://github.com/caddyserver/caddy/commit/0c015470) logging: support `ms` duration format and add docs ([#&#8203;6187](https://github.com/caddyserver/caddy/issues/6187)) - [`4356635`](https://github.com/caddyserver/caddy/commit/4356635d) logging: Add support for additional logger filters other than hostname ([#&#8203;6082](https://github.com/caddyserver/caddy/issues/6082)) - [`8c2a72a`](https://github.com/caddyserver/caddy/commit/8c2a72ad) caddyhttp: Drop `forwarded` option from `remote_ip` matcher ([#&#8203;6085](https://github.com/caddyserver/caddy/issues/6085)) - [`ed7e3c9`](https://github.com/caddyserver/caddy/commit/ed7e3c90) caddyhttp: `query` matcher now ANDs multiple keys ([#&#8203;6054](https://github.com/caddyserver/caddy/issues/6054)) - [`387545a`](https://github.com/caddyserver/caddy/commit/387545a8) metrics: Record request metrics on HTTP errors ([#&#8203;5979](https://github.com/caddyserver/caddy/issues/5979)) - [`e0bf179`](https://github.com/caddyserver/caddy/commit/e0bf179c) modules: fix some typo in conments ([#&#8203;6206](https://github.com/caddyserver/caddy/issues/6206)) - [`dc12bd9`](https://github.com/caddyserver/caddy/commit/dc12bd97) proxyprotocol: use github.com/pires/go-proxyproto ([#&#8203;5915](https://github.com/caddyserver/caddy/issues/5915)) - [`dba556f`](https://github.com/caddyserver/caddy/commit/dba556fe) refactor: move automaxprocs init in caddycmd.Main() - [`80acf1b`](https://github.com/caddyserver/caddy/commit/80acf1bf) replacer: Fix escaped closing braces ([#&#8203;5995](https://github.com/caddyserver/caddy/issues/5995)) - [`7979739`](https://github.com/caddyserver/caddy/commit/79797394) replacer: Implement `file.*` global replacements ([#&#8203;5463](https://github.com/caddyserver/caddy/issues/5463)) - [`e7336cc`](https://github.com/caddyserver/caddy/commit/e7336cc3) replacer: use RWMutex to protect static provider ([#&#8203;6184](https://github.com/caddyserver/caddy/issues/6184)) - [`868af6a`](https://github.com/caddyserver/caddy/commit/868af6a0) reverseproxy: Add grace_period for SRV upstreams to Caddyfile ([#&#8203;6264](https://github.com/caddyserver/caddy/issues/6264)) - [`613d544`](https://github.com/caddyserver/caddy/commit/613d544a) reverseproxy: Accept EOF when buffering - [`f658fd0`](https://github.com/caddyserver/caddy/commit/f658fd05) reverseproxy: Add `tls_curves` option to HTTP transport ([#&#8203;5851](https://github.com/caddyserver/caddy/issues/5851)) - [`a9768d2`](https://github.com/caddyserver/caddy/commit/a9768d2f) reverseproxy: Configurable forward proxy URL ([#&#8203;6114](https://github.com/caddyserver/caddy/issues/6114)) - [`0b381eb`](https://github.com/caddyserver/caddy/commit/0b381eb7) reverseproxy: Implement modular CA provider for TLS transport ([#&#8203;6065](https://github.com/caddyserver/caddy/issues/6065)) - [`d9ff7b1`](https://github.com/caddyserver/caddy/commit/d9ff7b18) reverseproxy: Only change Content-Length when full request is buffered ([#&#8203;5830](https://github.com/caddyserver/caddy/issues/5830)) - [`9f97df2`](https://github.com/caddyserver/caddy/commit/9f97df22) reverseproxy: Remove long-deprecated buffering properties - [`d93e027`](https://github.com/caddyserver/caddy/commit/d93e027e) reverseproxy: Reuse buffered request body even if partially drained - [`72ce78d`](https://github.com/caddyserver/caddy/commit/72ce78d9) reverseproxy: SRV dynamic upstream failover ([#&#8203;5832](https://github.com/caddyserver/caddy/issues/5832)) - [`74949fb`](https://github.com/caddyserver/caddy/commit/74949fb0) reverseproxy: Use xxhash instead of fnv32 for LB ([#&#8203;6203](https://github.com/caddyserver/caddy/issues/6203)) - [`b40cacf`](https://github.com/caddyserver/caddy/commit/b40cacf5) reverseproxy: Wait for both ends of websocket to close ([#&#8203;6175](https://github.com/caddyserver/caddy/issues/6175)) - [`e65b97f`](https://github.com/caddyserver/caddy/commit/e65b97f5) reverseproxy: configurable active health_passes and health_fails ([#&#8203;6154](https://github.com/caddyserver/caddy/issues/6154)) - [`da6a569`](https://github.com/caddyserver/caddy/commit/da6a569e) reverseproxy: cookie should be Secure and SameSite=None when TLS ([#&#8203;6115](https://github.com/caddyserver/caddy/issues/6115)) - [`1b9042b`](https://github.com/caddyserver/caddy/commit/1b9042bc) reverseproxy: handle buffered data during hijack ([#&#8203;6274](https://github.com/caddyserver/caddy/issues/6274)) - [`53f7035`](https://github.com/caddyserver/caddy/commit/53f70352) reverseproxy: use context.WithoutCancel ([#&#8203;6116](https://github.com/caddyserver/caddy/issues/6116)) - [`d05d715`](https://github.com/caddyserver/caddy/commit/d05d715a) reverseproxy: HTTP transport: fix PROXY protocol initialization ([#&#8203;6301](https://github.com/caddyserver/caddy/issues/6301)) - [`b2b29dc`](https://github.com/caddyserver/caddy/commit/b2b29dcd) reverseproxy: Implement health_follow_redirects ([#&#8203;6302](https://github.com/caddyserver/caddy/issues/6302)) - [`e60148e`](https://github.com/caddyserver/caddy/commit/e60148ec) reverseproxy: Pointer to struct when loading modules; remove LazyCertPool ([#&#8203;6307](https://github.com/caddyserver/caddy/issues/6307)) - [`5f6758d`](https://github.com/caddyserver/caddy/commit/5f6758da) reverseproxy: Support HTTP/3 transport to backend ([#&#8203;6312](https://github.com/caddyserver/caddy/issues/6312)) - [`69290d2`](https://github.com/caddyserver/caddy/commit/69290d23) rewrite: Implement `uri query` operations ([#&#8203;6120](https://github.com/caddyserver/caddy/issues/6120)) - [`29f57fa`](https://github.com/caddyserver/caddy/commit/29f57faa) rewrite: `uri query` replace operation ([#&#8203;6165](https://github.com/caddyserver/caddy/issues/6165)) - [`c6673ad`](https://github.com/caddyserver/caddy/commit/c6673ad4) staticresp: Use the evaluated response body for sniffing JSON content-type ([#&#8203;6249](https://github.com/caddyserver/caddy/issues/6249)) - [`0900844`](https://github.com/caddyserver/caddy/commit/0900844c) templates: Clarify `include` args docs, add `.ClientIP` ([#&#8203;5898](https://github.com/caddyserver/caddy/issues/5898)) - [`4e8245d`](https://github.com/caddyserver/caddy/commit/4e8245df) templates: Delete headers on `httpError` to reset to clean slate ([#&#8203;5905](https://github.com/caddyserver/caddy/issues/5905)) - [`18f3429`](https://github.com/caddyserver/caddy/commit/18f34290) templates: Offically make templates extensible ([#&#8203;5939](https://github.com/caddyserver/caddy/issues/5939)) - [`f98f449`](https://github.com/caddyserver/caddy/commit/f98f449f) templates: Add `pathEscape` template function and use it in file browser ([#&#8203;6278](https://github.com/caddyserver/caddy/issues/6278)) - [`4173e2c`](https://github.com/caddyserver/caddy/commit/4173e2c7) tls: accept placeholders in string values of certificate loaders ([#&#8203;5963](https://github.com/caddyserver/caddy/issues/5963)) - [`ed41c92`](https://github.com/caddyserver/caddy/commit/ed41c924) tls: add reuse_private_keys ([#&#8203;6025](https://github.com/caddyserver/caddy/issues/6025)) - [`e965b11`](https://github.com/caddyserver/caddy/commit/e965b111) tls: modularize trusted CA providers ([#&#8203;5784](https://github.com/caddyserver/caddy/issues/5784)) - [`0b5720f`](https://github.com/caddyserver/caddy/commit/0b5720fa) tracing: add trace_id var (`http.vars.trace_id` placeholder) ([#&#8203;6308](https://github.com/caddyserver/caddy/issues/6308)) - [`5ed8689`](https://github.com/caddyserver/caddy/commit/5ed86896) vars: Allow overriding `http.auth.user.id` in replacer as a special case ([#&#8203;6108](https://github.com/caddyserver/caddy/issues/6108)) - [`d132584`](https://github.com/caddyserver/caddy/commit/d1325842) vars: Make nil values act as empty string instead of `"<nil>"` ([#&#8203;6174](https://github.com/caddyserver/caddy/issues/6174)) #### New Contributors - [@&#8203;perhapsmaple](https://github.com/perhapsmaple) made their first contribution in https://github.com/caddyserver/caddy/pull/5848 - [@&#8203;ddl-ebrown](https://github.com/ddl-ebrown) made their first contribution in https://github.com/caddyserver/caddy/pull/5908 - [@&#8203;dlorenc](https://github.com/dlorenc) made their first contribution in https://github.com/caddyserver/caddy/pull/5949 - [@&#8203;ankon](https://github.com/ankon) made their first contribution in https://github.com/caddyserver/caddy/pull/5923 - [@&#8203;bmarwell](https://github.com/bmarwell) made their first contribution in https://github.com/caddyserver/caddy/pull/5971 - [@&#8203;armadi1809](https://github.com/armadi1809) made their first contribution in https://github.com/caddyserver/caddy/pull/5976 - [@&#8203;jum](https://github.com/jum) made their first contribution in https://github.com/caddyserver/caddy/pull/5968 - [@&#8203;ddemoss222](https://github.com/ddemoss222) made their first contribution in https://github.com/caddyserver/caddy/pull/5880 - [@&#8203;tgeoghegan](https://github.com/tgeoghegan) made their first contribution in https://github.com/caddyserver/caddy/pull/5979 - [@&#8203;steffenbusch](https://github.com/steffenbusch) made their first contribution in https://github.com/caddyserver/caddy/pull/6003 - [@&#8203;networkException](https://github.com/networkException) made their first contribution in https://github.com/caddyserver/caddy/pull/6010 - [@&#8203;insom](https://github.com/insom) made their first contribution in https://github.com/caddyserver/caddy/pull/6021 - [@&#8203;rithvikvibhu](https://github.com/rithvikvibhu) made their first contribution in https://github.com/caddyserver/caddy/pull/6025 - [@&#8203;zachgalvin](https://github.com/zachgalvin) made their first contribution in https://github.com/caddyserver/caddy/pull/6022 - [@&#8203;subnut](https://github.com/subnut) made their first contribution in https://github.com/caddyserver/caddy/pull/6001 - [@&#8203;elee1766](https://github.com/elee1766) made their first contribution in https://github.com/caddyserver/caddy/pull/5833 - [@&#8203;nebez](https://github.com/nebez) made their first contribution in https://github.com/caddyserver/caddy/pull/5805 - [@&#8203;bbaa-bbaa](https://github.com/bbaa-bbaa) made their first contribution in https://github.com/caddyserver/caddy/pull/6056 - [@&#8203;AnomalRoil](https://github.com/AnomalRoil) made their first contribution in https://github.com/caddyserver/caddy/pull/5961 - [@&#8203;jcchavezs](https://github.com/jcchavezs) made their first contribution in https://github.com/caddyserver/caddy/pull/6103 - [@&#8203;ottenhoff](https://github.com/ottenhoff) made their first contribution in https://github.com/caddyserver/caddy/pull/6115 - [@&#8203;thirdkeyword](https://github.com/thirdkeyword) made their first contribution in https://github.com/caddyserver/caddy/pull/6151 - [@&#8203;jbrown-stripe](https://github.com/jbrown-stripe) made their first contribution in https://github.com/caddyserver/caddy/pull/6161 - [@&#8203;ImpostorKeanu](https://github.com/ImpostorKeanu) made their first contribution in https://github.com/caddyserver/caddy/pull/6114 - [@&#8203;sellskin](https://github.com/sellskin) made their first contribution in https://github.com/caddyserver/caddy/pull/6193 - [@&#8203;jadidbourbaki](https://github.com/jadidbourbaki) made their first contribution in https://github.com/caddyserver/caddy/pull/6203 - [@&#8203;reallylowest](https://github.com/reallylowest) made their first contribution in https://github.com/caddyserver/caddy/pull/6206 - [@&#8203;kylosus](https://github.com/kylosus) made their first contribution in https://github.com/caddyserver/caddy/pull/6093 - [@&#8203;hassanila](https://github.com/hassanila) made their first contribution in https://github.com/caddyserver/caddy/pull/6223 - [@&#8203;epelc](https://github.com/epelc) made their first contribution in https://github.com/caddyserver/caddy/pull/6225 - [@&#8203;danish-mehmood](https://github.com/danish-mehmood) made their first contribution in https://github.com/caddyserver/caddy/pull/6227 - [@&#8203;omalk98](https://github.com/omalk98) made their first contribution in https://github.com/caddyserver/caddy/pull/5919 - [@&#8203;dev-polymer](https://github.com/dev-polymer) made their first contribution in https://github.com/caddyserver/caddy/pull/6140 - [@&#8203;coderwander](https://github.com/coderwander) made their first contribution in https://github.com/caddyserver/caddy/pull/6243 - [@&#8203;clauverjat](https://github.com/clauverjat) made their first contribution in https://github.com/caddyserver/caddy/pull/6253 - [@&#8203;apollo13](https://github.com/apollo13) made their first contribution in https://github.com/caddyserver/caddy/pull/6298 - [@&#8203;aliasgar55](https://github.com/aliasgar55) made their first contribution in https://github.com/caddyserver/caddy/pull/6302 - [@&#8203;szepeviktor](https://github.com/szepeviktor) made their first contribution in https://github.com/caddyserver/caddy/pull/6311 - [@&#8203;DenebTM](https://github.com/DenebTM) made their first contribution in https://github.com/caddyserver/caddy/pull/6278 - [@&#8203;Ranveer777](https://github.com/Ranveer777) made their first contribution in https://github.com/caddyserver/caddy/pull/6345 ### [`v2.7.6`](https://github.com/caddyserver/caddy/releases/tag/v2.7.6) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.5...v2.7.6) In this version we've made several fixes and enhancements with help from several contributors. Most changes are small, but some notable ones: - The `templates` middleware is now officially extensible (experimentally). This means modules can add custom functions/actions for templates to execute. - TLS storage cleaning is now synchronized across the cluster and remembered across restarts. This should greatly lower costs for expensive storage backends like DynamoDB. - Placeholders are now evaluated in config for certificate loaders. - Numerous bug fixes. Thank you to everyone who contributed! #### Changelog - [`65c489a`](https://github.com/caddyserver/caddy/commit/65c489a0) Upgrade acmeserver to github.com/go-chi/chi/v5 ([#&#8203;5913](https://github.com/caddyserver/caddy/issues/5913)) - [`ae5e2d9`](https://github.com/caddyserver/caddy/commit/ae5e2d96) caddyfile: Fix variadic placeholder false positive when token contains `:` ([#&#8203;5883](https://github.com/caddyserver/caddy/issues/5883)) - [`db55da5`](https://github.com/caddyserver/caddy/commit/db55da59) caddyhttp: Adjust `scheme` placeholder docs ([#&#8203;5910](https://github.com/caddyserver/caddy/issues/5910)) - [`df5edf6`](https://github.com/caddyserver/caddy/commit/df5edf6b) caddytls: Context to DecisionFunc ([#&#8203;5923](https://github.com/caddyserver/caddy/issues/5923)) - [`6d9a833`](https://github.com/caddyserver/caddy/commit/6d9a8337) caddytls: Sync distributed storage cleaning ([#&#8203;5940](https://github.com/caddyserver/caddy/issues/5940)) - [`11a082c`](https://github.com/caddyserver/caddy/commit/11a082c0) cmd: Add newline character to version string in CLI output ([#&#8203;5895](https://github.com/caddyserver/caddy/issues/5895)) - [`979c413`](https://github.com/caddyserver/caddy/commit/979c413f) cmd: upgrade: resolve symlink of the executable ([#&#8203;5891](https://github.com/caddyserver/caddy/issues/5891)) - [`6482070`](https://github.com/caddyserver/caddy/commit/64820706) core: Apply SO_REUSEPORT to UDP sockets ([#&#8203;5725](https://github.com/caddyserver/caddy/issues/5725)) - [`15adb89`](https://github.com/caddyserver/caddy/commit/15adb893) core: quic listener will manage the underlying socket by itself ([#&#8203;5749](https://github.com/caddyserver/caddy/issues/5749)) - [`801ec75`](https://github.com/caddyserver/caddy/commit/801ec756) fileserver: Add .m4v for browse template icon - [`b809ed7`](https://github.com/caddyserver/caddy/commit/b809ed71) go.mod: CVE-2023-45142 Update opentelemetry ([#&#8203;5908](https://github.com/caddyserver/caddy/issues/5908)) - [`b4c7313`](https://github.com/caddyserver/caddy/commit/b4c7313c) go.mod: Upgrade quic-go to v0.39.1 - [`36fce3f`](https://github.com/caddyserver/caddy/commit/36fce3fa) go.mod: update quic-go version to v0.40.0 ([#&#8203;5922](https://github.com/caddyserver/caddy/issues/5922)) - [`ec2de22`](https://github.com/caddyserver/caddy/commit/ec2de22a) httpcaddyfile: Fix TLS automation policy merging with get_certificate ([#&#8203;5896](https://github.com/caddyserver/caddy/issues/5896)) - [`f0ea489`](https://github.com/caddyserver/caddy/commit/f0ea489d) httpcaddyfile: Remove port from logger names ([#&#8203;5881](https://github.com/caddyserver/caddy/issues/5881)) - [`87f63b1`](https://github.com/caddyserver/caddy/commit/87f63b12) httpredirectlistener: Only set read limit for when request is HTTP ([#&#8203;5917](https://github.com/caddyserver/caddy/issues/5917)) - [`16834d6`](https://github.com/caddyserver/caddy/commit/16834d64) templates: Clarify `include` args docs, add `.ClientIP` ([#&#8203;5898](https://github.com/caddyserver/caddy/issues/5898)) - [`0259853`](https://github.com/caddyserver/caddy/commit/0259853a) templates: Delete headers on `httpError` to reset to clean slate ([#&#8203;5905](https://github.com/caddyserver/caddy/issues/5905)) - [`2f7ceb5`](https://github.com/caddyserver/caddy/commit/2f7ceb57) templates: Offically make templates extensible ([#&#8203;5939](https://github.com/caddyserver/caddy/issues/5939)) - [`908e956`](https://github.com/caddyserver/caddy/commit/908e9569) tls: accept placeholders in string values of certificate loaders ([#&#8203;5963](https://github.com/caddyserver/caddy/issues/5963)) **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.7.5...v2.7.6 ### [`v2.7.5`](https://github.com/caddyserver/caddy/releases/tag/v2.7.5) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.4...v2.7.5) In this release, we've fixed quite a few small bugs and annoyances, including HTTP/2 Rapid Reset which affected most HTTP/2 implementations. *On a personal note (from [@&#8203;mholt](https://github.com/mholt)): I recently became a dad! I want to thank our maintainers for helping in so many ways while I've been taking extra time for family. Francis, Matthew, Mohammed, and others -- including all the contributors below, and then some -- are to thank for shipping this release.* #### Highlights - Updated https://github.com/quic-go/quic-go from v0.37.5 to v0.39.0, including many performance improvements. GSO and ECN are now enabled by default, but you may turn them off by setting the `QUIC_GO_DISABLE_GSO=true` and `QUIC_GO_DISABLE_ECN=true` environment variables respectively, if they cause you problems. See the [`quic-go` release notes](https://github.com/quic-go/quic-go/releases) for more details. - The file server's `fileserver.BrowseTemplate` is now exported, so it may be customized by programs embedding Caddy. ([`ed8bb13`](https://github.com/caddyserver/caddy/commit/ed8bb13c5df7656647ca7fc1fd09237631a6767c)) - Environment variables loaded with `--envfile` no longer override existing variables. ([#&#8203;5803](https://github.com/caddyserver/caddy/issues/5803)) - The `encode` handler now compresses `application/wasm*` content types by default. ([#&#8203;5869](https://github.com/caddyserver/caddy/issues/5869)) - The `reverse_proxy` handler can now emit very detailed logs for debugging streaming and buffering. To enable it, set the `verbose_logs` subdirective, and set logging to `debug` level. Since the logs from this are very noisy, using `verbose_logs` to opt-in is necessary. We may ask you to enable this when asking for support! ([#&#8203;5793](https://github.com/caddyserver/caddy/issues/5793)) - You can now check the version with `caddy -v`, like most other CLI utilities! ([#&#8203;5874](https://github.com/caddyserver/caddy/issues/5874)) [Caddy is on feature freeze until after 2.8](https://github.com/caddyserver/caddy/issues/5704) so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them! #### Changelog - [`0e204b7`](https://github.com/caddyserver/caddy/commit/0e204b73) admin: Respond with 4xx on non-existing config path ([#&#8203;5870](https://github.com/caddyserver/caddy/issues/5870)) - [`89c407a`](https://github.com/caddyserver/caddy/commit/89c407aa) build(deps): bump actions/checkout from 3 to 4 ([#&#8203;5846](https://github.com/caddyserver/caddy/issues/5846)) - [`1405683`](https://github.com/caddyserver/caddy/commit/1405683c) build(deps): bump goreleaser/goreleaser-action from 4 to 5 ([#&#8203;5847](https://github.com/caddyserver/caddy/issues/5847)) - [`38a7b6b`](https://github.com/caddyserver/caddy/commit/38a7b6b3) caddyfile: Adjust error formatting ([#&#8203;5765](https://github.com/caddyserver/caddy/issues/5765)) - [`7103ea0`](https://github.com/caddyserver/caddy/commit/7103ea09) caddyfile: Fix case where heredoc marker is empty after newline ([#&#8203;5769](https://github.com/caddyserver/caddy/issues/5769)) - [`10053f7`](https://github.com/caddyserver/caddy/commit/10053f75) caddyfile: Loosen heredoc parsing ([#&#8203;5761](https://github.com/caddyserver/caddy/issues/5761)) - [`58ab3a0`](https://github.com/caddyserver/caddy/commit/58ab3a01) caddyhttp: Use LimitedReader for HTTPRedirectListener *(thank you to Bartek Nowotarski for reporting)* - [`9c419f1`](https://github.com/caddyserver/caddy/commit/9c419f1e) cmd: Fix exiting with custom status code, add `caddy -v` ([#&#8203;5874](https://github.com/caddyserver/caddy/issues/5874)) - [`f2ab709`](https://github.com/caddyserver/caddy/commit/f2ab7099) cmd: Prevent overwriting existing env vars with `--envfile` ([#&#8203;5803](https://github.com/caddyserver/caddy/issues/5803)) - [`e0aaefa`](https://github.com/caddyserver/caddy/commit/e0aaefab) encode: Add `application/wasm*` to the default content types ([#&#8203;5869](https://github.com/caddyserver/caddy/issues/5869)) - [`fa5a579`](https://github.com/caddyserver/caddy/commit/fa5a579b) fileserver: Add command shortcuts `-l` and `-a` ([#&#8203;5854](https://github.com/caddyserver/caddy/issues/5854)) - [`ed8bb13`](https://github.com/caddyserver/caddy/commit/ed8bb13c) fileserver: Export BrowseTemplate - [`130f6d1`](https://github.com/caddyserver/caddy/commit/130f6d1f) fileserver: Set canonical URL on browse template ([#&#8203;5867](https://github.com/caddyserver/caddy/issues/5867)) - [`a306c5f`](https://github.com/caddyserver/caddy/commit/a306c5f7) fileserver: browse template SVG icons and UI tweaks ([#&#8203;5812](https://github.com/caddyserver/caddy/issues/5812)) - [`0a6d333`](https://github.com/caddyserver/caddy/commit/0a6d3333) fileserver: docs: clarify the ability to produce JSON array with `browse` ([#&#8203;5751](https://github.com/caddyserver/caddy/issues/5751)) - [`82c356f`](https://github.com/caddyserver/caddy/commit/82c356f2) fix: caddytest.AssertResponseCode error message ([#&#8203;5853](https://github.com/caddyserver/caddy/issues/5853)) - [`888c6d7`](https://github.com/caddyserver/caddy/commit/888c6d7e) go.mod: Update quic-go to v0.38.0 ([#&#8203;5772](https://github.com/caddyserver/caddy/issues/5772)) - [`88b4fbf`](https://github.com/caddyserver/caddy/commit/88b4fbf2) go.mod: Upgrade dependencies incl. x/net/http - [`df99502`](https://github.com/caddyserver/caddy/commit/df995029) httpcaddyfile: Enable TLS for catch-all site if `tls` directive is specified ([#&#8203;5808](https://github.com/caddyserver/caddy/issues/5808)) - [`33d8d2c`](https://github.com/caddyserver/caddy/commit/33d8d2c6) httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output ([#&#8203;5860](https://github.com/caddyserver/caddy/issues/5860)) - [`288216e`](https://github.com/caddyserver/caddy/commit/288216e1) httpcaddyfile: Stricter errors for site and upstream address schemes ([#&#8203;5757](https://github.com/caddyserver/caddy/issues/5757)) - [`2cac3c5`](https://github.com/caddyserver/caddy/commit/2cac3c54) httpcaddyfile: fix placeholder shorthands in named routes ([#&#8203;5791](https://github.com/caddyserver/caddy/issues/5791)) - [`c46ec3b`](https://github.com/caddyserver/caddy/commit/c46ec3b5) logging: Clone array on log filters, prevent side-effects ([#&#8203;5786](https://github.com/caddyserver/caddy/issues/5786)) - [`1b73e38`](https://github.com/caddyserver/caddy/commit/1b73e386) logging: query filter for array of strings ([#&#8203;5779](https://github.com/caddyserver/caddy/issues/5779)) - [`4776f62`](https://github.com/caddyserver/caddy/commit/4776f62c) replacer: change timezone to UTC for "time.now.http" placeholders ([#&#8203;5774](https://github.com/caddyserver/caddy/issues/5774)) - [`a8586b0`](https://github.com/caddyserver/caddy/commit/a8586b05) reverseproxy: Add logging for dynamic A upstreams ([#&#8203;5857](https://github.com/caddyserver/caddy/issues/5857)) - [`3a3182f`](https://github.com/caddyserver/caddy/commit/3a3182fb) reverseproxy: Add more debug logs ([#&#8203;5793](https://github.com/caddyserver/caddy/issues/5793)) - [`4feac4d`](https://github.com/caddyserver/caddy/commit/4feac4d8) reverseproxy: Allow fallthrough for response handlers without routes ([#&#8203;5780](https://github.com/caddyserver/caddy/issues/5780)) - [`e8b8d4a`](https://github.com/caddyserver/caddy/commit/e8b8d4a8) reverseproxy: Fix `least_conn` policy regression ([#&#8203;5862](https://github.com/caddyserver/caddy/issues/5862)) - [`2a6859a`](https://github.com/caddyserver/caddy/commit/2a6859a5) reverseproxy: Fix retries on "upstreams unavailable" error ([#&#8203;5841](https://github.com/caddyserver/caddy/issues/5841)) - [`05dbe1c`](https://github.com/caddyserver/caddy/commit/05dbe1c1) reverseproxy: Replace health header placeholders ([#&#8203;5861](https://github.com/caddyserver/caddy/issues/5861)) - [`1e0dea5`](https://github.com/caddyserver/caddy/commit/1e0dea59) reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams ([#&#8203;5811](https://github.com/caddyserver/caddy/issues/5811)) - [`b245ecd`](https://github.com/caddyserver/caddy/commit/b245ecd3) reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers ([#&#8203;5828](https://github.com/caddyserver/caddy/issues/5828)) - [`5653c36`](https://github.com/caddyserver/caddy/commit/5653c36b) templates: Add dummy `RemoteAddr` to `httpInclude` request, proxy compatibility ([#&#8203;5845](https://github.com/caddyserver/caddy/issues/5845)) - [`289934f`](https://github.com/caddyserver/caddy/commit/289934f3) tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag ([#&#8203;5852](https://github.com/caddyserver/caddy/issues/5852)) #### New Contributors - [@&#8203;singhalkarun](https://github.com/singhalkarun) made their first contribution in https://github.com/caddyserver/caddy/pull/5757 - [@&#8203;pauljeannot](https://github.com/pauljeannot) made their first contribution in https://github.com/caddyserver/caddy/pull/5779 - [@&#8203;hainenber](https://github.com/hainenber) made their first contribution in https://github.com/caddyserver/caddy/pull/5790 - [@&#8203;evandam](https://github.com/evandam) made their first contribution in https://github.com/caddyserver/caddy/pull/5803 - [@&#8203;FossoresLP](https://github.com/FossoresLP) made their first contribution in https://github.com/caddyserver/caddy/pull/5811 - [@&#8203;glowinthedark](https://github.com/glowinthedark) made their first contribution in https://github.com/caddyserver/caddy/pull/5812 - [@&#8203;pkoenig10](https://github.com/pkoenig10) made their first contribution in https://github.com/caddyserver/caddy/pull/5780 - [@&#8203;ThanmayNath](https://github.com/ThanmayNath) made their first contribution in https://github.com/caddyserver/caddy/pull/5845 - [@&#8203;Christoph-D](https://github.com/Christoph-D) made their first contribution in https://github.com/caddyserver/caddy/pull/5869 - [@&#8203;mcfedr](https://github.com/mcfedr) made their first contribution in https://github.com/caddyserver/caddy/pull/5828 - [@&#8203;bwesterb](https://github.com/bwesterb) made their first contribution in https://github.com/caddyserver/caddy/pull/5852 - [@&#8203;Forza-tng](https://github.com/Forza-tng) made their first contribution in https://github.com/caddyserver/caddy/pull/5867 - [@&#8203;BattleRattle](https://github.com/BattleRattle) made their first contribution in https://github.com/caddyserver/caddy/pull/5870 **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.7.4...v2.7.5 ### [`v2.7.4`](https://github.com/caddyserver/caddy/releases/tag/v2.7.4) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.3...v2.7.4) Caddy 2.7.4 rounds out some bug fixes from the 2.7 release. For example, [Go made a last-minute breaking change to a new API](https://github.com/quic-go/quic-go/releases/tag/v0.37.4) that broke quic-go (HTTP/3) on Go 1.21 just before Go 1.21 was released; we resolved a few issues with on-demand TLS that are now much improved from the 2.6 tree; a couple race conditions were fixed in dynamic reverse proxy upstreams. We hope you will be pleased with this new version! [Caddy is on feature freeze until after 2.8](https://github.com/caddyserver/caddy/issues/5704) so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them! We encourage all users to test this new version and then upgrade. Thanks to all who get involved! #### Changelog - [`080db93`](https://github.com/caddyserver/caddy/commit/080db938) caddytls: Update docs for on-demand config - [`d813550`](https://github.com/caddyserver/caddy/commit/d8135505) cmd: Require config for caddy validate (fix [#&#8203;5612](https://github.com/caddyserver/caddy/issues/5612)) ([#&#8203;5614](https://github.com/caddyserver/caddy/issues/5614)) - [`a8492c0`](https://github.com/caddyserver/caddy/commit/a8492c06) fileserver: Don't repeat error for invalid method inside error context ([#&#8203;5705](https://github.com/caddyserver/caddy/issues/5705)) - [`2d7d806`](https://github.com/caddyserver/caddy/commit/2d7d806f) fileserver: Slightly more fitting icons - [`f11c3c9`](https://github.com/caddyserver/caddy/commit/f11c3c9f) go.mod: Upgrade CertMagic and quic-go - [`5b9c850`](https://github.com/caddyserver/caddy/commit/5b9c850a) go.mod: Upgrade golang.org/x/net to 0.14.0 ([#&#8203;5718](https://github.com/caddyserver/caddy/issues/5718)) - [`936ee91`](https://github.com/caddyserver/caddy/commit/936ee918) reverseproxy: Always return new upstreams (fix [#&#8203;5736](https://github.com/caddyserver/caddy/issues/5736)) ([#&#8203;5752](https://github.com/caddyserver/caddy/issues/5752)) - [`431adc0`](https://github.com/caddyserver/caddy/commit/431adc09) templates: Fix httpInclude (fix [#&#8203;5698](https://github.com/caddyserver/caddy/issues/5698)) #### New Contributors - [@&#8203;faddat](https://github.com/faddat) made their first contribution in https://github.com/caddyserver/caddy/pull/5707 - [@&#8203;shyim](https://github.com/shyim) made their first contribution in https://github.com/caddyserver/caddy/pull/5718 - [@&#8203;AaronDewes](https://github.com/AaronDewes) made their first contribution in https://github.com/caddyserver/caddy/pull/5720 **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.7.3...v2.7.4 ### [`v2.7.3`](https://github.com/caddyserver/caddy/releases/tag/v2.7.3) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.2...v2.7.3) We're pleased to present Caddy 2.7, which makes significant strides in areas of scaling, performance, and niche features. Special thank-you to [@&#8203;francislavoie](https://github.com/francislavoie), [@&#8203;Mohammed90](https://github.com/Mohammed90), and other core team members for the ongoing dedication of their time to help maintain the project and help in our forums. And a big thank-you to everyone else who contributed! You're awesome, and we're glad this project has so many contributors and [sponsors](https://github.com/sponsors/mholt) to make it possible. Docs are being updated and will be pushed live shortly. Thank you for your patience and for using Caddy! *(Note: Versions 2.7.0-2.7.2 contain bugs that were hotfixed within minutes and hours and a day of the release. Thank you to everyone who helped with that! And sorry for the trouble, we have learned lessons to help mitigate that in the future.)* #### Highlights - The in-memory TLS certificate cache is no longer purged and recreated during config reloads, making reloads extremely lightweight even when managing thousands of certificates. - Significant HTTP/3 performance improvements (upstream in quic-go) including enabling 0-RTT. Caddy users should notice significantly better throughput for HTTP/3. Thanks for the fantastic work, [@&#8203;marten-seemann](https://github.com/marten-seemann)! - New default template for the file server's "browse" listings - more modern, easier to use, grid view, filetype-specific icons, and better dark mode (see [#&#8203;5427](https://github.com/caddyserver/caddy/issues/5427) for more screenshots and info) ![list view](https://user-images.githubusercontent.com/1128849/224117088-886bf9e5-6c48-47b8-9863-fbaa5a984327.png) ![grid view](https://user-images.githubusercontent.com/1128849/224121253-43db1e17-a958-4cb7-80a3-777d4127adcf.png) - The reverse proxy now supports the PROXY protocol. Using external modules is no longer required; specifically, the plugin by [@&#8203;mastercactapus](https://github.com/mastercactapus) is now built-in. ([#&#8203;5424](https://github.com/caddyserver/caddy/issues/5424)) - Caddyfile now supports Heredoc syntax for long embedded strings/documents. ([#&#8203;5385](https://github.com/caddyserver/caddy/issues/5385)) - [@&#8203;francislavoie](https://github.com/francislavoie) implemented a suite of enhancements to bring you more reliable, trustworthy client IP information, even through proxies and CDNs ([#&#8203;5104](https://github.com/caddyserver/caddy/issues/5104)) - Certificate private keys will no longer be reused when renewing certificates. - Caddyfile import arg placeholders support slice syntax, e.g. `{args[2:]}` ([#&#8203;5249](https://github.com/caddyserver/caddy/issues/5249)) - Customizable "fallback" policy for reverse proxy in case the primary policy isn't applicable. ([#&#8203;5488](https://github.com/caddyserver/caddy/issues/5488)) - Etags are generated more sensibly for NixOS environments which all have Modified time of 1; and if you set your own Etag, it will not be overwritten. - EXPERIMENTAL: New short flags for the CLI. ([#&#8203;5379](https://github.com/caddyserver/caddy/issues/5379)) - EXPERIMENTAL: The reverse proxy may be configured to keep hijacked connections (streams, WebSockets, etc.) open through config reloads. ([#&#8203;5567](https://github.com/caddyserver/caddy/issues/5567)) - EXPERIMENTAL: Define "named routes" to reuse them without copying. Caddyfile snippets are useful for reusing config, but reusing the same HTTP routes involves lots of copied config and memory bloat. Named routes let you define a route once and reuse it throughout your HTTP server without copying. It is available for JSON and Caddyfile configs. ([#&#8203;5107](https://github.com/caddyserver/caddy/issues/5107)) - EXPERIMENTAL: You can specify permissions for unix sockets. ([#&#8203;4741](https://github.com/caddyserver/caddy/issues/4741)) - Many many bug fixes you may or may not notice :upside_down_face: Deprecations and possible breaking changes for some: - :warning: The `ask` endpoint is now **required** to enable On-Demand TLS ([`b97c76f`](https://github.com/caddyserver/caddy/commit/b97c76fb4789b8da0b80f5a2c1c1c5bebba163b5)) for catch-all or wildcard hosts. Our docs have always mentioned this is required in production environments, but now the code enforces it. The `ask` endpoint is not required for local-only or internal-only names ([#&#8203;5384](https://github.com/caddyserver/caddy/issues/5384) and [`a7af7c4`](https://github.com/caddyserver/caddy/commit/a7af7c486e5240da974e02b7dfee9d265aaa654a)). - :warning: The on-demand config's throttle options are now deprecated because the 'ask' endpoint is required. Additionally, the 'ask' endpoint is checked and the throttle is applied *before* storage is queried for a certificate in order to limit load on the storage backend. - :warning: The long-deprecated `lookup_srv` feature of the reverse proxy has been removed. It was replaced with the [dynamic upstreams feature in 2.6](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#dynamic-upstreams). ([#&#8203;5396](https://github.com/caddyserver/caddy/issues/5396)) - :warning: The `remote_ip forwarded` matcher has been deprecated because it assumes trusting downstream proxies. Instead, the `client_ip` matcher should be used along with `trusted_proxies` configuration. ([#&#8203;5103](https://github.com/caddyserver/caddy/issues/5103) and [#&#8203;5104](https://github.com/caddyserver/caddy/issues/5104)) - :warning: Placeholder syntax `{args.0}` is now deprecated in favor of `{args[0]}`. - :warning: Plugin authors will now need to use `http.ResponseController` to call `Flush()` or `Hijack()` on the response writer. ([#&#8203;5654](https://github.com/caddyserver/caddy/issues/5654)) Thank you to everyone who contributed! And thank you to our [sponsors](https://github.com/sponsors/mholt) who truly make this project possible. #### New Contributors - [@&#8203;esell](https://github.com/esell) made their first contribution in https://github.com/caddyserver/caddy/pull/5417 - [@&#8203;krak3n](https://github.com/krak3n) made their first contribution in https://github.com/caddyserver/caddy/pull/5147 - [@&#8203;trea](https://github.com/trea) made their first contribution in https://github.com/caddyserver/caddy/pull/5435 - [@&#8203;heimoshuiyu](https://github.com/heimoshuiyu) made their first contribution in https://github.com/caddyserver/caddy/pull/5464 - [@&#8203;gucki](https://github.com/gucki) made their first contribution in https://github.com/caddyserver/caddy/pull/5424 - [@&#8203;kidonng](https://github.com/kidonng) made their first contribution in https://github.com/caddyserver/caddy/pull/5475 - [@&#8203;taophp](https://github.com/taophp) made their first contribution in https://github.com/caddyserver/caddy/pull/5497 - [@&#8203;eanavitarte](https://github.com/eanavitarte) made their first contribution in https://github.com/caddyserver/caddy/pull/5515 - [@&#8203;jonatan5524](https://github.com/jonatan5524) made their first contribution in https://github.com/caddyserver/caddy/pull/5521 - [@&#8203;jjiang-stripe](https://github.com/jjiang-stripe) made their first contribution in https://github.com/caddyserver/caddy/pull/5531 - [@&#8203;TP-O](https://github.com/TP-O) made their first contribution in https://github.com/caddyserver/caddy/pull/5504 - [@&#8203;pistasjis](https://github.com/pistasjis) made their first contribution in https://github.com/caddyserver/caddy/pull/5536 - [@&#8203;charles-dyfis-net](https://github.com/charles-dyfis-net) made their first contribution in https://github.com/caddyserver/caddy/pull/5547 - [@&#8203;jpds](https://github.com/jpds) made their first contribution in https://github.com/caddyserver/caddy/pull/5554 - [@&#8203;kassienull](https://github.com/kassienull) made their first contribution in https://github.com/caddyserver/caddy/pull/5553 - [@&#8203;Phrynobatrachus](https://github.com/Phrynobatrachus) made their first contribution in https://github.com/caddyserver/caddy/pull/5532 - [@&#8203;365cent](https://github.com/365cent) made their first contribution in https://github.com/caddyserver/caddy/pull/5564 - [@&#8203;oncilla](https://github.com/oncilla) made their first contribution in https://github.com/caddyserver/caddy/pull/5573 - [@&#8203;testwill](https://github.com/testwill) made their first contribution in https://github.com/caddyserver/caddy/pull/5576 - [@&#8203;mmm444](https://github.com/mmm444) made their first contribution in https://github.com/caddyserver/caddy/pull/5567 - [@&#8203;sabify](https://github.com/sabify) made their first contribution in https://github.com/caddyserver/caddy/pull/5579 - [@&#8203;omerdemirok](https://github.com/omerdemirok) made their first contribution in https://github.com/caddyserver/caddy/pull/5586 - [@&#8203;bt90](https://github.com/bt90) made their first contribution in https://github.com/caddyserver/caddy/pull/5636 - [@&#8203;ydylla](https://github.com/ydylla) made their first contribution in https://github.com/caddyserver/caddy/pull/5646 - [@&#8203;kkroo](https://github.com/kkroo) made their first contribution in https://github.com/caddyserver/caddy/pull/5648 **Full Changelog**: https://github.com/caddyserver/caddy/compare/v2.6.4...v2.7.3 #### Changelog - [`3f20a7c`](https://github.com/caddyserver/caddy/commit/3f20a7c9) acmeserver: Configurable `resolvers`, fix smallstep deprecations ([#&#8203;5500](https://github.com/caddyserver/caddy/issues/5500)) - [`b1366c7`](https://github.com/caddyserver/caddy/commit/b1366c7e) build(deps): bump actions/setup-go from 3 to 4 ([#&#8203;5474](https://github.com/caddyserver/caddy/issues/5474)) - [`dfe17c3`](https://github.com/caddyserver/caddy/commit/dfe17c33) caddyconfig: Specify config adapter for HTTP loader (close [#&#8203;5607](https://github.com/caddyserver/caddy/issues/5607)) - [`f3379f6`](https://github.com/caddyserver/caddy/commit/f3379f65) caddyfile: Fix heredoc fuzz crasher, drop trailing newline ([#&#8203;5404](https://github.com/caddyserver/caddy/issues/5404)) - [`960150b`](https://github.com/caddyserver/caddy/commit/960150bb) caddyfile: Implement heredoc support ([#&#8203;5385](https://github.com/caddyserver/caddy/issues/5385)) - [`8bc05e5`](https://github.com/caddyserver/caddy/commit/8bc05e59) caddyfile: Implement variadics for import args placeholders ([#&#8203;5249](https://github.com/caddyserver/caddy/issues/5249)) - [`53b6fab`](https://github.com/caddyserver/caddy/commit/53b6fab1) caddyfile: Stricter parsing, error for brace on new line ([#&#8203;5505](https://github.com/caddyserver/caddy/issues/5505)) - [`cee4441`](https://github.com/caddyserver/caddy/commit/cee4441c) caddyfile: Do not replace import tokens if they are part of a snippet ([#&#8203;5539](https://github.com/caddyserver/caddy/issues/5539)) - [`9cde715`](https://github.com/caddyserver/caddy/commit/9cde7155) caddyfile: Track import name instead of modifying filename ([#&#8203;5540](https://github.com/caddyserver/caddy/issues/5540)) - [`bbe1952`](https://github.com/caddyserver/caddy/commit/bbe1952a) caddyfile: Fix comparing if two tokens are on the same line ([#&#8203;5626](https://github.com/caddyserver/caddy/issues/5626)) - [`9f34383`](https://github.com/caddyserver/caddy/commit/9f34383c) caddyfile: check that matched key is not a substring of the replacement key ([#&#8203;5685](https://github.com/caddyserver/caddy/issues/5685)) - [`cfc85ae`](https://github.com/caddyserver/caddy/commit/cfc85ae8) caddyhttp: Add a getter for Server.name ([#&#8203;5531](https://github.com/caddyserver/caddy/issues/5531)) - [`05e9974`](https://github.com/caddyserver/caddy/commit/05e99745) caddyhttp: Determine real client IP if trusted proxies configured ([#&#8203;5104](https://github.com/caddyserver/caddy/issues/5104)) - [`c05e389`](https://github.com/caddyserver/caddy/commit/c05e3898) caddyhttp: Enable 0-RTT QUIC ([#&#8203;5425](https://github.com/caddyserver/caddy/issues/5425)) - [`8537586`](https://github.com/caddyserver/caddy/commit/85375861) caddyhttp: Fix `vars_regexp` matcher with placeholders ([#&#8203;5408](https://github.com/caddyserver/caddy/issues/5408)) - [`1c9ea01`](https://github.com/caddyserver/caddy/commit/1c9ea011) caddyhttp: Impl `ResponseWriter.Unwrap()`, prep for Go 1.20's `ResponseController` ([#&#8203;5509](https://github.com/caddyserver/caddy/issues/5509)) - [`cbf16f6`](https://github.com/caddyserver/caddy/commit/cbf16f6d) caddyhttp: Implement named routes, `invoke` directive ([#&#8203;5107](https://github.com/caddyserver/caddy/issues/5107)) - [`2b3046d`](https://github.com/caddyserver/caddy/commit/2b3046de) caddyhttp: Log request body bytes read ([#&#8203;5461](https://github.com/caddyserver/caddy/issues/5461)) - [`96919ac`](https://github.com/caddyserver/caddy/commit/96919acc) caddyhttp: Refactor cert Managers (fix [#&#8203;5415](https://github.com/caddyserver/caddy/issues/5415)) ([#&#8203;5533](https://github.com/caddyserver/caddy/issues/5533)) - [`d8d87a3`](https://github.com/caddyserver/caddy/commit/d8d87a37) caddyhttp: Serve http2 when listener wrapper doesn't return \*tls.Conn ([#&#8203;4929](https://github.com/caddyserver/caddy/issues/4929)) - [`808b05c`](https://github.com/caddyserver/caddy/commit/808b05c3) caddyhttp: Update quic's TLS configs after reload ([#&#8203;5517](https://github.com/caddyserver/caddy/issues/5517)) (fix [#&#8203;4849](https://github.com/caddyserver/caddy/issues/4849)) - [`2945264`](https://github.com/caddyserver/caddy/commit/29452647) caddyhttp: Fix h3 shutdown ([#&#8203;5541](https://github.com/caddyserver/caddy/issues/5541)) - [`6a41b62`](https://github.com/caddyserver/caddy/commit/6a41b62e) caddyhttp: Support custom network for HTTP/3 ([#&#8203;5573](https://github.com/caddyserver/caddy/issues/5573)) - [`a7af7c4`](https://github.com/caddyserver/caddy/commit/a7af7c48) caddytls: Allow on-demand w/o ask for internal-only - [`cd486c2`](https://github.com/caddyserver/caddy/commit/cd486c25) caddyhttp: Make use of `http.ResponseController` ([#&#8203;5654](https://github.com/caddyserver/caddy/issues/5654)) - [`18c309b`](https://github.com/caddyserver/caddy/commit/18c309b5) caddyhttp: Preserve original error (fix [#&#8203;5652](https://github.com/caddyserver/caddy/issues/5652)) - [`66114cb`](https://github.com/caddyserver/caddy/commit/66114cb1) caddyhttp: Trim dot/space only on Windows (fix [#&#8203;5613](https://github.com/caddyserver/caddy/issues/5613)) - [`a02ecb0`](https://github.com/caddyserver/caddy/commit/a02ecb0f) caddytls: Check for nil ALPN; close [#&#8203;5470](https://github.com/caddyserver/caddy/issues/5470) ([#&#8203;5473](https://github.com/caddyserver/caddy/issues/5473)) - [`faf0399`](https://github.com/caddyserver/caddy/commit/faf0399e) caddytls: Configurable fallback SNI ([#&#8203;5527](https://github.com/caddyserver/caddy/issues/5527)) - [`e16a886`](https://github.com/caddyserver/caddy/commit/e16a8868) caddytls: Eval replacer on automation policy subjects ([#&#8203;5459](https://github.com/caddyserver/caddy/issues/5459)) - [`be53e43`](https://github.com/caddyserver/caddy/commit/be53e432) caddytls: Relax the warning for on-demand ([#&#8203;5384](https://github.com/caddyserver/caddy/issues/5384)) - [`b97c76f`](https://github.com/caddyserver/caddy/commit/b97c76fb) caddytls: Require 'ask' endpoint for on-demand TLS - [`0cc49c0`](https://github.com/caddyserver/caddy/commit/0cc49c05) caddytls: Zero out throttle window first ([#&#8203;5443](https://github.com/caddyserver/caddy/issues/5443)) - [`4ba03c9`](https://github.com/caddyserver/caddy/commit/4ba03c9d) caddytls: Clarify some JSON config docs - [`0e2c7e1`](https://github.com/caddyserver/caddy/commit/0e2c7e1d) caddytls: Reuse certificate cache through reloads ([#&#8203;5623](https://github.com/caddyserver/caddy/issues/5623)) - [`b301a3d`](https://github.com/caddyserver/caddy/commit/b301a3df) celmatcher: Implement `pkix.Name` conversion to string ([#&#8203;5492](https://github.com/caddyserver/caddy/issues/5492)) - [`096971e`](https://github.com/caddyserver/caddy/commit/096971e3) ci/cd: ship tarballs with vendored deps ([#&#8203;5403](https://github.com/caddyserver/caddy/issues/5403)) - [`5ded580`](https://github.com/caddyserver/caddy/commit/5ded5804) cmd: Adjust documentation for commands ([#&#8203;5377](https://github.com/caddyserver/caddy/issues/5377)) - [`508cf2a`](https://github.com/caddyserver/caddy/commit/508cf2aa) cmd: Create pidfile before config load (close [#&#8203;5477](https://github.com/caddyserver/caddy/issues/5477)) - [`9e69195`](https://github.com/caddyserver/caddy/commit/9e691955) cmd: Expand cobra support, add short flags ([#&#8203;5379](https://github.com/caddyserver/caddy/issues/5379)) - [`5ebb7d4`](https://github.com/caddyserver/caddy/commit/5ebb7d49) cmd: Reduce spammy logs from --watch - [`79de6df`](https://github.com/caddyserver/caddy/commit/79de6df9) cmd: Strict unmarshal for validate ([#&#8203;5383](https://github.com/caddyserver/caddy/issues/5383)) - [`205b142`](https://github.com/caddyserver/caddy/commit/205b1426) cmd: Support `'` quotes in envfile parsing ([#&#8203;5437](https://github.com/caddyserver/caddy/issues/5437)) - [`bf54892`](https://github.com/caddyserver/caddy/commit/bf54892a) cmd: make `caddy fmt` hints more clear ([#&#8203;5378](https://github.com/caddyserver/caddy/issues/5378)) - [`38cb587`](https://github.com/caddyserver/caddy/commit/38cb587e) cmd: Avoid spammy log messages (fix [#&#8203;5538](https://github.com/caddyserver/caddy/issues/5538)) - [`078f130`](https://github.com/caddyserver/caddy/commit/078f130a) cmd: Implement storage import/export ([#&#8203;5532](https://github.com/caddyserver/caddy/issues/5532)) - [`8d304a4`](https://github.com/caddyserver/caddy/commit/8d304a45) cmd: Split unix sockets for admin endpoint addresses ([#&#8203;5696](https://github.com/caddyserver/caddy/issues/5696)) - [`f6bab8b`](https://github.com/caddyserver/caddy/commit/f6bab8ba) context: Rename func to `AppIfConfigured` ([#&#8203;5397](https://github.com/caddyserver/caddy/issues/5397)) - [`806341e`](https://github.com/caddyserver/caddy/commit/806341e0) core: Properly preserve unix sockets (fix [#&#8203;5568](https://github.com/caddyserver/caddy/issues/5568)) - [`942fbb3`](https://github.com/caddyserver/caddy/commit/942fbb37) core: Use SO_REUSEPORT_LB on FreeBSD ([#&#8203;5554](https://github.com/caddyserver/caddy/issues/5554)) - [`99d4705`](https://github.com/caddyserver/caddy/commit/99d47050) core: Eliminate unnecessary shutdown delay on Unix ([#&#8203;5413](https://github.com/caddyserver/caddy/issues/5413)) - [`c6ac350`](https://github.com/caddyserver/caddy/commit/c6ac350a) core: Return default logger if no modules loaded - [`22927e2`](https://github.com/caddyserver/caddy/commit/22927e27) core: Add optional unix socket file permissions ([#&#8203;4741](https://github.com/caddyserver/caddy/issues/4741)) - [`f66493e`](https://github.com/caddyserver/caddy/commit/f66493ef) core: Allow loopback hosts for admin endpoint (fix [#&#8203;5650](https://github.com/caddyserver/caddy/issues/5650)) ([#&#8203;5664](https://github.com/caddyserver/caddy/issues/5664)) - [`710824c`](https://github.com/caddyserver/caddy/commit/710824c3) core: Embed net.UDPConn to gain optimizations ([#&#8203;5606](https://github.com/caddyserver/caddy/issues/5606)) - [`b51dc5d`](https://github.com/caddyserver/caddy/commit/b51dc5d5) core: Refine mutex during reloads (fix [#&#8203;5628](https://github.com/caddyserver/caddy/issues/5628)) ([#&#8203;5645](https://github.com/caddyserver/caddy/issues/5645)) - [`119e879`](https://github.com/caddyserver/caddy/commit/119e8794) core: Skip `chmod` for abstract unix sockets ([#&#8203;5596](https://github.com/caddyserver/caddy/issues/5596)) - [`b3f0cea`](https://github.com/caddyserver/caddy/commit/b3f0cea2) encode: flush status code when hijacked. ([#&#8203;5419](https://github.com/caddyserver/caddy/issues/5419)) - [`1913930`](https://github.com/caddyserver/caddy/commit/19139307) encode: Fix infinite recursion ([#&#8203;5672](https://github.com/caddyserver/caddy/issues/5672)) - [`c803286`](https://github.com/caddyserver/caddy/commit/c8032867) fastcgi: Fix `capture_stderr` ([#&#8203;5515](https://github.com/caddyserver/caddy/issues/5515)) - [`571fc03`](https://github.com/caddyserver/caddy/commit/571fc034) feature: watch include directory ([#&#8203;5521](https://github.com/caddyserver/caddy/issues/5521)) - [`f9bd2d3`](https://github.com/caddyserver/caddy/commit/f9bd2d3e) fileserver: Add color-scheme meta tag ([#&#8203;5475](https://github.com/caddyserver/caddy/issues/5475)) - [`6cc3cbb`](https://github.com/caddyserver/caddy/commit/6cc3cbbc) fileserver: New file browse template ([#&#8203;5427](https://github.com/caddyserver/caddy/issues/5427)) - [`94d41a9`](https://github.com/caddyserver/caddy/commit/94d41a9d) fileserver: Remove trailing slash on fs filenames ([#&#8203;5417](https://github.com/caddyserver/caddy/issues/5417)) - [`52d7335`](https://github.com/caddyserver/caddy/commit/52d7335c) fileserver: Use EscapedPath for browse ([#&#8203;5534](https://github.com/caddyserver/caddy/issues/5534)) - [`5bd9c49`](https://github.com/caddyserver/caddy/commit/5bd9c490) fileserver: Don't set Etag if mtime is 0 or 1 (close [#&#8203;5548](https://github.com/caddyserver/caddy/issues/5548)) ([#&#8203;5550](https://github.com/caddyserver/caddy/issues/5550)) - [`5336bc0`](https://github.com/caddyserver/caddy/commit/5336bc0f) fileserver: Fix file browser breadcrumb font ([#&#8203;5543](https://github.com/caddyserver/caddy/issues/5543)) - [`2d236ea`](https://github.com/caddyserver/caddy/commit/2d236ead) fileserver: Fix file browser footer in grid mode ([#&#8203;5536](https://github.com/caddyserver/caddy/issues/5536)) - [`bd34cb6`](https://github.com/caddyserver/caddy/commit/bd34cb6b) fileserver: More filetypes for browse icons - [`2615c9c`](https://github.com/caddyserver/caddy/commit/2615c9c5) fileserver: Only set Etag if not already set (fix [#&#8203;5546](https://github.com/caddyserver/caddy/issues/5546)) ([#&#8203;5547](https://github.com/caddyserver/caddy/issues/5547)) - [`56af1ce`](https://github.com/caddyserver/caddy/commit/56af1ceb) fileserver: browse: Better grid layout ([#&#8203;5564](https://github.com/caddyserver/caddy/issues/5564)) - [`cdd3884`](https://github.com/caddyserver/caddy/commit/cdd3884b) fileserver: browse: minor tweaks for grid view, dark mode ([#&#8203;5545](https://github.com/caddyserver/caddy/issues/5545)) - [`4e36b4c`](https://github.com/caddyserver/caddy/commit/4e36b4c9) fileserver: Tweak grid view of browse template - [`27bc16a`](https://github.com/caddyserver/caddy/commit/27bc16ab) fileserver: add `export-template` sub-command to `file-server` ([#&#8203;5630](https://github.com/caddyserver/caddy/issues/5630)) - [`e041962`](https://github.com/caddyserver/caddy/commit/e041962b) fileserver: add lazy image loading ([#&#8203;5646](https://github.com/caddyserver/caddy/issues/5646)) - [`c049bab`](https://github.com/caddyserver/caddy/commit/c049bab4) fileserver: browse: Render SVG images in grid - [`1af419e`](https://github.com/caddyserver/caddy/commit/1af419e7) go.mod: Update some dependencies - [`774f228`](https://github.com/caddyserver/caddy/commit/774f2288) go.mod: Upgrade CertMagic - [`0de6064`](https://github.com/caddyserver/caddy/commit/0de6064c) go.mod: Upgrade CertMagic again - [`9e94331`](https://github.com/caddyserver/caddy/commit/9e943319) go.mod: Upgrade dependencies - [`8cb1bb4`](https://github.com/caddyserver/caddy/commit/8cb1bb4a) go.mod: Upgrade quic-go to v0.33.0 (Go 1.19 min) - [`36546cd`](https://github.com/caddyserver/caddy/commit/36546cd8) go.mod: Upgrade several dependencies - [`398c12a`](https://github.com/caddyserver/caddy/commit/398c12ae) go.mod: Update quic-go to v0.36.0 ([#&#8203;5584](https://github.com/caddyserver/caddy/issues/5584)) - [`0468508`](https://github.com/caddyserver/caddy/commit/0468508e) go.mod: Upgrade CertMagic for hotfix - [`9c180a5`](https://github.com/caddyserver/caddy/commit/9c180a59) go.mod: Upgrade quic-go to 0.35.1 - [`415d1e7`](https://github.com/caddyserver/caddy/commit/415d1e7b) go.mod: Upgrade some dependencies - [`f45a6de`](https://github.com/caddyserver/caddy/commit/f45a6de2) go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum ([#&#8203;5644](https://github.com/caddyserver/caddy/issues/5644)) - [`e198c60`](https://github.com/caddyserver/caddy/commit/e198c605) go.mod: Upgrade dependencies esp. smallstep/certificates - [`4df27a2`](https://github.com/caddyserver/caddy/commit/4df27a20) go.mod: Use latest CertMagic (v0.19.1) - [`94749e1`](https://github.com/caddyserver/caddy/commit/94749e11) go.mod: Use quic-go 0.37.1 - [`f857b32`](https://github.com/caddyserver/caddy/commit/f857b32d) go.mod: update quic-go to v0.36.2 ([#&#8203;5636](https://github.com/caddyserver/caddy/issues/5636)) - [`51b1bfb`](https://github.com/caddyserver/caddy/commit/51b1bfb1) go.mod: Upgrade quic-go to v0.37.2 (fix [#&#8203;5680](https://github.com/caddyserver/caddy/issues/5680)) - [`a8cc5d1`](https://github.com/caddyserver/caddy/commit/a8cc5d1a) go.mod: Upgrade to quic-go v0.37.3 - [`e8352ae`](https://github.com/caddyserver/caddy/commit/e8352aef) headers: Add > Caddyfile shortcut for enabling defer ([#&#8203;5535](https://github.com/caddyserver/caddy/issues/5535)) - [`dd86171`](https://github.com/caddyserver/caddy/commit/dd86171d) headers: Support deleting all headers as first op ([#&#8203;5464](https://github.com/caddyserver/caddy/issues/5464)) - [`3b19aa2`](https://github.com/caddyserver/caddy/commit/3b19aa2b) headers: Allow `>` to defer shortcut for replacements ([#&#8203;5574](https://github.com/caddyserver/caddy/issues/5574)) - [`330be2d`](https://github.com/caddyserver/caddy/commit/330be2d8) httpcaddyfile: Adjust path matcher sorting to solve for specificity ([#&#8203;5462](https://github.com/caddyserver/caddy/issues/5462)) - [`ca14b6e`](https://github.com/caddyserver/caddy/commit/ca14b6ed) httpcaddyfile: Sort Caddyfile slice - [`5c51c1d`](https://github.com/caddyserver/caddy/commit/5c51c1db) httpcaddyfile: Allow `hostnames` & logger name overrides for log directive ([#&#8203;5643](https://github.com/caddyserver/caddy/issues/5643)) - [`4aa4f3a`](https://github.com/caddyserver/caddy/commit/4aa4f3ac) httpcaddyfile: Fix `string does not match ~[]E` error ([#&#8203;5675](https://github.com/caddyserver/caddy/issues/5675)) - [`1aef807`](https://github.com/caddyserver/caddy/commit/1aef807c) log: Make sink logs encodable ([#&#8203;5441](https://github.com/caddyserver/caddy/issues/5441)) - [`cdce452`](https://github.com/caddyserver/caddy/commit/cdce452e) logging: Actually honor the SoftStart parameter - [`f0e3981`](https://github.com/caddyserver/caddy/commit/f0e39817) logging: Add traceID field to access logs when tracing is active ([#&#8203;5507](https://github.com/caddyserver/caddy/issues/5507)) - [`f3e8b9d`](https://github.com/caddyserver/caddy/commit/f3e8b9d9) logging: Soft start for net writer (close [#&#8203;5520](https://github.com/caddyserver/caddy/issues/5520)) - [`b6fe5d4`](https://github.com/caddyserver/caddy/commit/b6fe5d4b) proxyprotocol: Add PROXY protocol support to `reverse_proxy`, add HTTP listener wrapper ([#&#8203;5424](https://github.com/caddyserver/caddy/issues/5424)) - [`f5a13a4`](https://github.com/caddyserver/caddy/commit/f5a13a4a) replacer: Add HTTP time format ([#&#8203;5458](https://github.com/caddyserver/caddy/issues/5458)) - [`48598e1`](https://github.com/caddyserver/caddy/commit/48598e1f) reverseproxy: Add `fallback` for some policies, instead of always random ([#&#8203;5488](https://github.com/caddyserver/caddy/issues/5488)) - [`f8b59e7`](https://github.com/caddyserver/caddy/commit/f8b59e77) reverseproxy: Add `query` and `client_ip_hash` lb policies ([#&#8203;5468](https://github.com/caddyserver/caddy/issues/5468)) - [`66e571e`](https://github.com/caddyserver/caddy/commit/66e571e6) reverseproxy: Add mention of which half a copyBuffer err comes from ([#&#8203;5472](https://github.com/caddyserver/caddy/issues/5472)) - [`75b690d`](https://github.com/caddyserver/caddy/commit/75b690d2) reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile ([#&#8203;5494](https://github.com/caddyserver/caddy/issues/5494)) - [`335cd2e`](https://github.com/caddyserver/caddy/commit/335cd2e8) reverseproxy: Fix active health check header canonicalization, refactor ([#&#8203;5446](https://github.com/caddyserver/caddy/issues/5446)) - [`2b04e09`](https://github.com/caddyserver/caddy/commit/2b04e09f) reverseproxy: Fix reinitialize upstream healthy metrics ([#&#8203;5498](https://github.com/caddyserver/caddy/issues/5498)) - [`10b265d`](https://github.com/caddyserver/caddy/commit/10b265d2) reverseproxy: Header up/down support for CLI command ([#&#8203;5460](https://github.com/caddyserver/caddy/issues/5460)) - [`b19946f`](https://github.com/caddyserver/caddy/commit/b19946f6) reverseproxy: Optimize base case for least_conn and random_choose policies ([#&#8203;5487](https://github.com/caddyserver/caddy/issues/5487)) - [`4636109`](https://github.com/caddyserver/caddy/commit/4636109c) reverseproxy: Remove deprecated `lookup_srv` ([#&#8203;5396](https://github.com/caddyserver/caddy/issues/5396)) - [`2182270`](https://github.com/caddyserver/caddy/commit/2182270a) reverseproxy: Reset Content-Length to prevent FastCGI from hanging ([#&#8203;5435](https://github.com/caddyserver/caddy/issues/5435)) - [`941eae5`](https://github.com/caddyserver/caddy/commit/941eae5f) reverseproxy: allow specifying ip version for dynamic `a` upstream ([#&#8203;5401](https://github.com/caddyserver/caddy/issues/5401)) - [`e3909cc`](https://github.com/caddyserver/caddy/commit/e3909cc3) reverseproxy: refactor HTTP transport layer ([#&#8203;5369](https://github.com/caddyserver/caddy/issues/5369)) - [`424ae0f`](https://github.com/caddyserver/caddy/commit/424ae0f4) reverseproxy: Experimental streaming timeouts ([#&#8203;5567](https://github.com/caddyserver/caddy/issues/5567)) - [`2ddb717`](https://github.com/caddyserver/caddy/commit/2ddb7171) reverseproxy: Fix parsing of source IP in case it's an ipv6 address ([#&#8203;5569](https://github.com/caddyserver/caddy/issues/5569)) - [`361946e`](https://github.com/caddyserver/caddy/commit/361946eb) reverseproxy: weighted_round_robin load balancing policy ([#&#8203;5579](https://github.com/caddyserver/caddy/issues/5579)) - [`da23501`](https://github.com/caddyserver/caddy/commit/da235014) reverseproxy: Connection termination cleanup ([#&#8203;5663](https://github.com/caddyserver/caddy/issues/5663)) - [`d7d1636`](https://github.com/caddyserver/caddy/commit/d7d16360) reverseproxy: Export ipVersions type ([#&#8203;5648](https://github.com/caddyserver/caddy/issues/5648)) - [`7a69ae7`](https://github.com/caddyserver/caddy/commit/7a69ae75) reverseproxy: Honor `tls_except_port` for active health checks ([#&#8203;5591](https://github.com/caddyserver/caddy/issues/5591)) - [`5dec11f`](https://github.com/caddyserver/caddy/commit/5dec11f2) reverseproxy: Pointer receiver - [`65e33fc`](https://github.com/caddyserver/caddy/commit/65e33fc1) reverseproxy: do not parse upstream address too early if it contains replaceble parts ([#&#8203;5695](https://github.com/caddyserver/caddy/issues/5695)) - [`13a3768`](https://github.com/caddyserver/caddy/commit/13a37688) rewrite: use escaped path, fix [#&#8203;5278](https://github.com/caddyserver/caddy/issues/5278) ([#&#8203;5504](https://github.com/caddyserver/caddy/issues/5504)) - [`2943c41`](https://github.com/caddyserver/caddy/commit/2943c418) templates: Add `fileStat` function ([#&#8203;5497](https://github.com/caddyserver/caddy/issues/5497)) - [`31d75ac`](https://github.com/caddyserver/caddy/commit/31d75acc) templates: Add `readFile` action that does not evaluate templates ([#&#8203;5553](https://github.com/caddyserver/caddy/issues/5553)) - [`b420561`](https://github.com/caddyserver/caddy/commit/b4205617) tracing: Support autoprop from OTEL_PROPAGATORS ([#&#8203;5147](https://github.com/caddyserver/caddy/issues/5147)) ### [`v2.7.2`](https://github.com/caddyserver/caddy/releases/tag/v2.7.2) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.1...v2.7.2) Do not use this release, use [v2.7.3](https://github.com/caddyserver/caddy/releases/tag/v2.7.3) instead which contains several hot fixes. ### [`v2.7.1`](https://github.com/caddyserver/caddy/releases/tag/v2.7.1) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.7.0...v2.7.1) Do not use this release; use [v2.7.3](https://github.com/caddyserver/caddy/releases/tag/v2.7.3) instead. It contains a hotfix for a WebSocket issue. ### [`v2.7.0`](https://github.com/caddyserver/caddy/releases/tag/v2.7.0) [Compare Source](https://github.com/caddyserver/caddy/compare/v2.6.4...v2.7.0) Do not use this release, use [v2.7.3](https://github.com/caddyserver/caddy/releases/tag/v2.7.3) instead which contains hot fixes. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZSJdfQ==-->
renovate added the
renovate
label 2024-09-15 02:01:06 +02:00
renovate added 1 commit 2024-09-15 02:01:06 +02:00
chore(deps): update module github.com/caddyserver/caddy/v2 to v2.8.4
Some checks failed
renovate/artifacts Artifact file update failure
89cb12b25d
Author
Collaborator

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum
Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: downloading github.com/BurntSushi/toml v1.3.2
go: downloading github.com/yuin/goldmark v1.7.1
go: downloading github.com/caddyserver/caddy/v2 v2.8.4
go: downloading github.com/caddyserver/certmagic v0.21.3
go: downloading github.com/cespare/xxhash/v2 v2.2.0
go: downloading github.com/google/uuid v1.6.0
go: downloading github.com/prometheus/client_golang v1.19.1
go: downloading github.com/quic-go/quic-go v0.44.0
go: downloading go.uber.org/zap v1.27.0
go: downloading go.uber.org/zap/exp v0.2.0
go: downloading golang.org/x/sys v0.20.0
go: downloading golang.org/x/term v0.20.0
go: downloading golang.org/x/time v0.5.0
go: downloading github.com/google/cel-go v0.20.1
go: downloading github.com/spf13/cobra v1.8.0
go: downloading golang.org/x/net v0.25.0
go: downloading github.com/mholt/acmez/v2 v2.0.1
go: downloading github.com/dlclark/regexp2 v1.11.0
go: downloading golang.org/x/text v0.15.0
go: downloading github.com/prometheus/client_model v0.5.0
go: downloading github.com/prometheus/common v0.48.0
go: downloading github.com/prometheus/procfs v0.12.0
go: downloading google.golang.org/protobuf v1.34.1
go: downloading github.com/caddyserver/zerossl v0.1.3
go: downloading github.com/klauspost/cpuid/v2 v2.2.7
go: downloading github.com/libdns/libdns v0.2.2
go: downloading github.com/miekg/dns v1.1.59
go: downloading github.com/zeebo/blake3 v0.2.3
go: downloading golang.org/x/crypto v0.23.0
go: downloading go.uber.org/multierr v1.11.0
go: downloading github.com/onsi/ginkgo/v2 v2.13.2
go: downloading go.uber.org/mock v0.4.0
go: downloading golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
go: downloading go.uber.org/automaxprocs v1.5.3
go: downloading github.com/smallstep/certificates v0.26.1
go: downloading github.com/tailscale/tscert v0.0.0-20240517230440-bbccfbf48933
go: downloading golang.org/x/crypto/x509roots/fallback v0.0.0-20240507223354-67b13616a595
go: downloading google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda
go: downloading github.com/antlr4-go/antlr/v4 v4.13.0
go: downloading github.com/smallstep/truststore v0.13.0
go: downloading go.step.sm/crypto v0.45.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading golang.org/x/tools v0.21.0
go: downloading golang.org/x/mod v0.17.0
go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.3
go: downloading go.step.sm/cli-utils v0.9.0
go: downloading go.step.sm/linkedca v0.20.1
go: downloading github.com/smallstep/nosql v0.6.1
go: downloading google.golang.org/grpc v1.63.2
go: downloading github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572
go: downloading github.com/rs/xid v1.5.0
go: downloading github.com/urfave/cli v1.22.14
go: downloading github.com/go-jose/go-jose/v3 v3.0.3
go: downloading filippo.io/edwards25519 v1.1.0
go: downloading github.com/smallstep/pkcs7 v0.0.0-20231024181729-3b98ecc1ca81
go: downloading github.com/smallstep/scep v0.0.0-20231024192529-aee96d7ad34d
go: downloading golang.org/x/sync v0.7.0
go: downloading github.com/google/pprof v0.0.0-20231212022811-ec68065c825e
go: downloading go.etcd.io/bbolt v1.3.9
go: downloading github.com/go-sql-driver/mysql v1.7.1
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20240506185236-b8a5c65736ae
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6
go: downloading github.com/jackc/pgx/v4 v4.18.3
go: downloading github.com/go-kit/kit v0.13.0
go: downloading github.com/golang/protobuf v1.5.4
go: downloading github.com/jackc/pgconn v1.14.3
go: downloading github.com/jackc/pgproto3/v2 v2.3.3
go: downloading github.com/jackc/pgtype v1.14.0
go: downloading github.com/golang/glog v1.2.0
go: downloading github.com/klauspost/compress v1.17.8
go: downloading github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a
go: downloading github.com/mattn/go-isatty v0.0.20
go: downloading github.com/go-logfmt/logfmt v0.6.0
go: gitea.ocram85.com/OCram85/caddy-gitea imports
	gitea.orcram85.com/OCram85/caddy-gitea/pkg/gitea: cannot find module providing package gitea.orcram85.com/OCram85/caddy-gitea/pkg/gitea

### ⚠️ Artifact update problem Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is. ♻ Renovate will retry this branch, including artifacts, only when one of the following happens: - any of the package files in this branch needs updating, or - the branch becomes conflicted, or - you click the rebase/retry checkbox if found above, or - you rename this PR's title to start with "rebase!" to trigger it manually The artifact failure details are included below: ##### File name: go.sum ``` Command failed: go get -d -t ./... go: -d flag is deprecated. -d=true is a no-op go: downloading github.com/BurntSushi/toml v1.3.2 go: downloading github.com/yuin/goldmark v1.7.1 go: downloading github.com/caddyserver/caddy/v2 v2.8.4 go: downloading github.com/caddyserver/certmagic v0.21.3 go: downloading github.com/cespare/xxhash/v2 v2.2.0 go: downloading github.com/google/uuid v1.6.0 go: downloading github.com/prometheus/client_golang v1.19.1 go: downloading github.com/quic-go/quic-go v0.44.0 go: downloading go.uber.org/zap v1.27.0 go: downloading go.uber.org/zap/exp v0.2.0 go: downloading golang.org/x/sys v0.20.0 go: downloading golang.org/x/term v0.20.0 go: downloading golang.org/x/time v0.5.0 go: downloading github.com/google/cel-go v0.20.1 go: downloading github.com/spf13/cobra v1.8.0 go: downloading golang.org/x/net v0.25.0 go: downloading github.com/mholt/acmez/v2 v2.0.1 go: downloading github.com/dlclark/regexp2 v1.11.0 go: downloading golang.org/x/text v0.15.0 go: downloading github.com/prometheus/client_model v0.5.0 go: downloading github.com/prometheus/common v0.48.0 go: downloading github.com/prometheus/procfs v0.12.0 go: downloading google.golang.org/protobuf v1.34.1 go: downloading github.com/caddyserver/zerossl v0.1.3 go: downloading github.com/klauspost/cpuid/v2 v2.2.7 go: downloading github.com/libdns/libdns v0.2.2 go: downloading github.com/miekg/dns v1.1.59 go: downloading github.com/zeebo/blake3 v0.2.3 go: downloading golang.org/x/crypto v0.23.0 go: downloading go.uber.org/multierr v1.11.0 go: downloading github.com/onsi/ginkgo/v2 v2.13.2 go: downloading go.uber.org/mock v0.4.0 go: downloading golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 go: downloading go.uber.org/automaxprocs v1.5.3 go: downloading github.com/smallstep/certificates v0.26.1 go: downloading github.com/tailscale/tscert v0.0.0-20240517230440-bbccfbf48933 go: downloading golang.org/x/crypto/x509roots/fallback v0.0.0-20240507223354-67b13616a595 go: downloading google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda go: downloading github.com/antlr4-go/antlr/v4 v4.13.0 go: downloading github.com/smallstep/truststore v0.13.0 go: downloading go.step.sm/crypto v0.45.0 go: downloading github.com/inconshreveable/mousetrap v1.1.0 go: downloading golang.org/x/tools v0.21.0 go: downloading golang.org/x/mod v0.17.0 go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.3 go: downloading go.step.sm/cli-utils v0.9.0 go: downloading go.step.sm/linkedca v0.20.1 go: downloading github.com/smallstep/nosql v0.6.1 go: downloading google.golang.org/grpc v1.63.2 go: downloading github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 go: downloading github.com/rs/xid v1.5.0 go: downloading github.com/urfave/cli v1.22.14 go: downloading github.com/go-jose/go-jose/v3 v3.0.3 go: downloading filippo.io/edwards25519 v1.1.0 go: downloading github.com/smallstep/pkcs7 v0.0.0-20231024181729-3b98ecc1ca81 go: downloading github.com/smallstep/scep v0.0.0-20231024192529-aee96d7ad34d go: downloading golang.org/x/sync v0.7.0 go: downloading github.com/google/pprof v0.0.0-20231212022811-ec68065c825e go: downloading go.etcd.io/bbolt v1.3.9 go: downloading github.com/go-sql-driver/mysql v1.7.1 go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20240506185236-b8a5c65736ae go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6 go: downloading github.com/jackc/pgx/v4 v4.18.3 go: downloading github.com/go-kit/kit v0.13.0 go: downloading github.com/golang/protobuf v1.5.4 go: downloading github.com/jackc/pgconn v1.14.3 go: downloading github.com/jackc/pgproto3/v2 v2.3.3 go: downloading github.com/jackc/pgtype v1.14.0 go: downloading github.com/golang/glog v1.2.0 go: downloading github.com/klauspost/compress v1.17.8 go: downloading github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a go: downloading github.com/mattn/go-isatty v0.0.20 go: downloading github.com/go-logfmt/logfmt v0.6.0 go: gitea.ocram85.com/OCram85/caddy-gitea imports gitea.orcram85.com/OCram85/caddy-gitea/pkg/gitea: cannot find module providing package gitea.orcram85.com/OCram85/caddy-gitea/pkg/gitea ```
Some checks failed
renovate/artifacts Artifact file update failure
This pull request can be merged automatically.
You are not authorized to merge this pull request.

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin renovate/github.com-caddyserver-caddy-v2-2.x:renovate/github.com-caddyserver-caddy-v2-2.x
git checkout renovate/github.com-caddyserver-caddy-v2-2.x
Sign in to join this conversation.
No description provided.