83 lines
6.1 KiB
Markdown
83 lines
6.1 KiB
Markdown
# v4.3.22
|
|
|
|
This marks the last release of EMQX v4.3 Opensource Edition.
|
|
|
|
## Enhancements
|
|
|
|
- Make sure listener's `tls_versions` config value is one or more of `tlsv1`, `tlsv1.1`, `tlsv1.2`, `tlsv1.3` [#9260](https://github.com/emqx/emqx/pull/9260).
|
|
|
|
- Remove useless information from the dashboard listener failure log [#9260](https://github.com/emqx/emqx/pull/9260).
|
|
|
|
- We now trigger the `'message.acked'` hook after the CoAP gateway sends a message to the device and receives the ACK from the device [#9264](https://github.com/emqx/emqx/pull/9264).
|
|
With this change, the CoAP gateway can be combined with the offline message caching function (in the
|
|
emqx enterprise), so that CoAP devices are able to read the missed messages from the database when
|
|
it is online again.
|
|
|
|
- Support to use placeholders like `${var}` in the HTTP `Headers` of rule-engine's Webhook actions [#9239](https://github.com/emqx/emqx/pull/9239).
|
|
|
|
- Asynchronously refresh the resources and rules during emqx boot-up [#9199](https://github.com/emqx/emqx/pull/9199).
|
|
This is to avoid slowing down the boot if some resources spend long time establishing the connection.
|
|
|
|
- Add a warning log if the ACL check failed for subscription [#9124](https://github.com/emqx/emqx/pull/9124).
|
|
This is to make the ACL deny logging for subscription behave the same as for publish.
|
|
|
|
- JWT ACL claim supports `all` action to imply the rules applie to both `pub` and `sub` [#9044](https://github.com/emqx/emqx/pull/9044).
|
|
|
|
- Added a log censor to avoid logging sensitive data [#9189](https://github.com/emqx/emqx/pull/9189).
|
|
If the data to be logged is a map or key-value list which contains sensitive key words such as `password`, the value is obfuscated as `******`.
|
|
|
|
- Enhanced log security in ACL modules, sensitive data will be obscured [#9242](https://github.com/emqx/emqx/pull/9242).
|
|
|
|
- Add `management.bootstrap_apps_file` configuration to bulk import default app/secret when EMQX initializes the database [#9273](https://github.com/emqx/emqx/pull/9273).
|
|
|
|
- Added two new configs for deterministic order of authentication and ACL checks [#9283](https://github.com/emqx/emqx/pull/9283).
|
|
The two new global config names are `auth_order` and `acl_order`.
|
|
When multiple ACL or auth plugins (or modules) are enabled, without this config, the order (in which each backend is queried)
|
|
is determined by the start/restart order of the plugin (or module).
|
|
Meaning, if a plugin (or module) is restarted after initial boot, it may get ordered to the end of the list.
|
|
With this config, you may set the order with a comma-speapated ACL or auth plugin names (or aliases).
|
|
For example: `acl_order = jwt,http`, this will make sure `jwt` is always checked before `http`,
|
|
meaning if JWT is not found (or no `acl` cliam) for a client, then the ACL check will fallback to use the HTTP backend.
|
|
|
|
- Added configurations to enable more `client.disconnected` events (and counter bumps) [#9267](https://github.com/emqx/emqx/pull/9267).
|
|
Prior to this change, the `client.disconnected` event (and counter bump) is triggered when a client
|
|
performs a 'normal' disconnect, or is 'kicked' by system admin, but NOT triggered when a
|
|
stale connection had to be 'discarded' (for clean session) or 'takeovered' (for non-clean session) by new connection.
|
|
Now it is possible to set configs `broker.client_disconnect_discarded` and `broker.client_disconnect_takeovered` to `on` to enable the event in these scenarios.
|
|
|
|
- For Rule-Engine resource creation failure, delay before the first retry [#9313](https://github.com/emqx/emqx/pull/9313).
|
|
Prior to this change, the retry delay was added *after* the retry failure.
|
|
|
|
## Bug fixes
|
|
|
|
- Fix that after uploading a backup file with an non-ASCII filename, HTTP API `GET /data/export` fails with status code 500 [#9224](https://github.com/emqx/emqx/pull/9224).
|
|
|
|
- Improve the display of rule's 'Maximum Speed' counter to only reserve 2 decimal places [#9185](https://github.com/emqx/emqx/pull/9185).
|
|
This is to avoid displaying floats like `0.30000000000000004` on the dashboard.
|
|
|
|
- Fix the issue that emqx prints too many error logs when connecting to mongodb but auth failed [#9184](https://github.com/emqx/emqx/pull/9184).
|
|
|
|
- Fix that after receiving publish in `idle mode` the emqx-sn gateway may panic [#9024](https://github.com/emqx/emqx/pull/9024).
|
|
|
|
- "Pause due to rate limit" log level demoted from warning to notice [#9134](https://github.com/emqx/emqx/pull/9134).
|
|
|
|
- Restore old `emqx_auth_jwt` module API, so the hook callback functions registered in older version will not be invalidated after hot-upgrade [#9144](https://github.com/emqx/emqx/pull/9144).
|
|
|
|
- Fixed the response status code for the `/status` endpoint [#9210](https://github.com/emqx/emqx/pull/9210).
|
|
Before the fix, it always returned `200` even if the EMQX application was not running. Now it returns `503` in that case.
|
|
|
|
- Fix message delivery related event encoding [#9226](https://github.com/emqx/emqx/pull/9226)
|
|
For rule-engine's input events like `$events/message_delivered`, and `$events/message_dropped`,
|
|
if the message was delivered to a shared-subscription, the encoding (to JSON) of the event will fail.
|
|
Affected versions: `v4.3.21`, `v4.4.10`, `e4.3.16` and `e4.4.10`.
|
|
|
|
- Make sure Rule-Engine API supports Percent-encoding `rule_id` and `resource_id` in HTTP request path [#9190](https://github.com/emqx/emqx/pull/9190).
|
|
Note that the `id` in `POST /api/v4/rules` should be literals (not encoded) when creating a `rule` or `resource`.
|
|
See docs [Create Rule](https://www.emqx.io/docs/zh/v4.3/advanced/http-api.html#post-api-v4-rules) [Create Resource](https://www.emqx.io/docs/zh/v4.3/advanced/http-api.html#post-api-v4-resources).
|
|
|
|
- Calling 'DELETE /alarms/deactivated' now deletes deactived alarms on all nodes, including remote nodes, not just the local node [#9280](https://github.com/emqx/emqx/pull/9280).
|
|
|
|
- When republishing messages or bridge messages to other brokers, check the validity of the topic and make sure it does not have topic wildcards [#9291](https://github.com/emqx/emqx/pull/9291).
|
|
|
|
- Disable authorization for `api/v4/emqx_prometheus` endpoint on management api listener (default 8081) [#9294](https://github.com/emqx/emqx/pull/9294).
|