Caddy 2.7.4 rounds out some bug fixes from the 2.7 release. For example, Go made a last-minute breaking change to a new API that broke quic-go (HTTP/3) on Go 1.21 just before Go 1.21 was released; we resolved a few issues with on-demand TLS that are now much improved from the 2.6 tree; a couple race conditions were fixed in dynamic reverse proxy upstreams. We hope you will be pleased with this new version!
Caddy is on feature freeze until after 2.8 so we can improve our testing situation. These patches have all been tried to ensure they work as intended, but if you notice any issues please report them!
We encourage all users to test this new version and then upgrade. Thanks to all who get involved!
Changelog
080db938 caddytls: Update docs for on-demand config
d8135505 cmd: Require config for caddy validate (fix #5612) (#5614)
We're pleased to present Caddy 2.7, which makes significant strides in areas of scaling, performance, and niche features.
Special thank-you to @francislavoie, @Mohammed90, and other core team members for the ongoing dedication of their time to help maintain the project and help in our forums.
And a big thank-you to everyone else who contributed! You're awesome, and we're glad this project has so many contributors and sponsors to make it possible.
Docs are being updated and will be pushed live shortly. Thank you for your patience and for using Caddy!
(Note: Versions 2.7.0-2.7.2 contain bugs that were hotfixed within minutes and hours and a day of the release. Thank you to everyone who helped with that! And sorry for the trouble, we have learned lessons to help mitigate that in the future.)
Highlights
The in-memory TLS certificate cache is no longer purged and recreated during config reloads, making reloads extremely lightweight even when managing thousands of certificates.
Significant HTTP/3 performance improvements (upstream in quic-go) including enabling 0-RTT. Caddy users should notice significantly better throughput for HTTP/3. Thanks for the fantastic work, @marten-seemann!
New default template for the file server's "browse" listings - more modern, easier to use, grid view, filetype-specific icons, and better dark mode (see #5427 for more screenshots and info)
The reverse proxy now supports the PROXY protocol. Using external modules is no longer required; specifically, the plugin by @mastercactapus is now built-in. (#5424)
Caddyfile now supports Heredoc syntax for long embedded strings/documents. (#5385)
@francislavoie implemented a suite of enhancements to bring you more reliable, trustworthy client IP information, even through proxies and CDNs (#5104)
Certificate private keys will no longer be reused when renewing certificates.
Caddyfile import arg placeholders support slice syntax, e.g. {args[2:]} (#5249)
Customizable "fallback" policy for reverse proxy in case the primary policy isn't applicable. (#5488)
Etags are generated more sensibly for NixOS environments which all have Modified time of 1; and if you set your own Etag, it will not be overwritten.
EXPERIMENTAL: New short flags for the CLI. (#5379)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/caddyserver/caddy/v2 from 2.6.4 to 2.7.4.
Release notes
Sourced from github.com/caddyserver/caddy/v2's releases.
... (truncated)
Commits
f11c3c9
go.mod: Upgrade CertMagic and quic-go936ee91
reverseproxy: Always return new upstreams (fix #5736) (#5752)d6f86cc
ci: use gci linter (#5708)2d7d806
fileserver: Slightly more fitting iconsd813550
cmd: Require config for caddy validate (fix #5612) (#5614)1116688
Fix tests080db93
caddytls: Update docs for on-demand configa8492c0
fileserver: Don't repeat error for invalid method inside error context (#5705)6cdcc2a
ci: Update to Go 1.21 (#5719)fbb0ecf
ci: Add riscv64 (64-bit RISC-V) to goreleaser (#5720)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show