If you have comments, questions, or feedback on this release, please post here.
If you experienced any bugs with the release, please post an issue.
🔦 Highlights
libp2p resource management enabled by default
To help protect nodes from DoS (resource exhaustion) and eclipse attacks,
go-libp2p released a Network Resource Manager with a host of improvements throughout 2022.
The resource manager is now enabled by default to protect nodes.
The defaults balance providing protection from various attacks while still enabling normal usecases to work as expected.
how to access prometheus metrics and view grafana dashboards of resource usage, and
how to set explicit "allow lists" to protect against eclipse attacks.
Implicit connection manager limits
Starting with this release, ipfs init will no longer store the default
Connection Manager
limits in the user config under Swarm.ConnMgr.
Users are still free to use this setting to set custom values, but for most use
cases, the defaults provided with the latest Kubo release should be sufficient.
... (truncated)
Commits
4485d6b Merge pull request #9395 from ipfs/release-v0.17.0
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/ipfs/kubo from 0.16.0-rc1 to 0.17.0.
Release notes
Sourced from github.com/ipfs/kubo's releases.
... (truncated)
Commits
4485d6b
Merge pull request #9395 from ipfs/release-v0.17.0d007b2a
docs: udpate changeloge4f1e87
Merge pull request #9427 from ipfs/bump-version-v0.17.0baafe9d
chore: bump version to v0.17.07a7ba20
Merge pull request #9414 from ipfs/bump-release-version9246cda
chore: bump version to v0.17.0-rc283034d8
Doc improvements and changelog for resource manager (#9413)9de9c12
chore(ci): bigger box for webui and interop1127a15
fix: update go-unixfs lib to v0.4.1db3d1cd
fix(docs): typoDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)