All notable changes to this project will be documented in this file.
0.7.0 - 2026-01-30
- Extensible SslDigest to save user-defined TLS context
- Add ConnectionFilter trait for early TCP connection filtering
- Add ConnectionFilter trait for early TCP connection filtering
- Introduce a virtual L4 stream abstraction
- Add support for verify_cert and verify_hostname using rustls
- Exposes the HttpProxy struct to allow external crates to customize the proxy logic.
- Exposes a new_mtls method for creating a HttpProxy with a client_cert_key to enable mtls peers.
- Add SSLKEYLOGFILE support to rustls connector
- Allow spawning background subrequests from main session
- Allow Extensions in cache LockCore and user tracing
- Add body-bytes tracking across H1/H2 and proxy metrics
- Allow setting max_weight on MissFinishType::Appended
- Allow adding SslDigestExtensions on downstream and upstream
- Add Custom session support for encapsulated HTTP
- Use write timeout consistently for h2 body writes
- Prevent downstream error prior to header from canceling cache fill
- Fix debug log and new tests
- Fix size calculation for buffer capacity
- Fix cache admission on header only misses
- Fix duplicate zero-size chunk on cache hit
- Fix chunked trailer end parsing
- Lock age timeouts cause lock reacquisition
- Fix transfer fd compile error for non linux os
- Removed atty
- Upgrade lru to >= 0.16.3 crate version because of RUSTSEC-2026-0002
- Add tracing to log reason for not caching an asset on cache put
- Evict when asset count exceeds optional watermark
- Remove trailing comma from Display for HttpPeer
- Make ProxyHTTP::upstream_response_body_filter return an optional duration for rate limiting
- Restore daemonize STDOUT/STDERR when error log file is not specified
- Log task info when upstream header failed to send
- Check cache enablement to determine cache fill
- Update meta when revalidating before lock release
- Add ForceFresh status to cache hit filter
- Pass stale status to cache lock
- Bump max multipart ranges to 200
- Downgrade Expires header warn to debug log
- CI and effective msrv bump to 1.83
- Add default noop custom param to client Session
- Use static str in ErrorSource or ErrorType as_str
- Use bstr for formatting byte strings
- Tweak the implementation of and documentation of
connection_filterfeature - Set h1.1 when proxying cacheable responses
- Add or remove accept-ranges on range header filter
- Update msrv in github ci, fixup .bleep
- Override request keepalive on process shutdown
- Add shutdown flag to proxy session
- Add ResponseHeader in pingora_http crate's prelude
- Add a configurable upgrade for pingora-ketama that reduces runtime cpu and memory
- Add to cache api spans
- Increase visibility of multirange items
- Use seek_multipart on body readers
- Log read error when reading trailers end
- Re-add the warning about cache-api volatility
- Default to close on downstream response before body finish
- Ensure idle_timeout is polled even if idle_timeout is unset so notify events are registered for h2 idle pool, filter out closed connections when retrieving from h2 in use pool.
- Add simple read test for invalid extra char in header end
- Allow customizing lock status on Custom NoCacheReasons
- Close h1 conn by default if req header unfinished
- Add configurable retries for upgrade sock connect/accept
- Deflake test by increasing write size
- Make the version restrictions on rmp and rmp-serde more strict to prevent forcing consumers to use 2024 edition
- Rewind preread bytes when parsing next H1 response
- Add epoch and epoch_override to CacheMeta
0.6.0 - 2025-08-15
- This release bumps the minimum h2 crate dependency to guard against the MadeYouReset H2 attack
- Log runtime names during Server shutdown
- Enabling tracking the execution phase of a server
- Allow using in-memory compression dicts
- Make H2Options configurable at HttpServer, HttpProxy Also adds HttpServerOptions to the HttpServer implementation, and updates the HttpEchoApp to use HttpServer for easier adhoc testing.
- Fix: read body without discard
- Try loading each LRU shard individually and warn on errors
- Update LRU save to disk to be atomic
- Allow cache to spawn_async_purge
- Pass hit handler in hit filter
- Cache hit filter can mutate cache, allow resetting cache lock
- Persist keepalive_timeout between requests on same stream
- Properly check for H2 io ReadError retry types
- Add cache lock wait timeout for readers
- Fix CacheLock status timeout conditions
- Handle close on partial chunk head
- Allow optional to reset session timeouts
- Clippy fixes for 1.87, add 1.87 to GitHub CI
- Run
range_{header,body}_filterafter disabling cache - Convert
InterpretCacheControlmembers toDuration - Disable downstream ranging on max file size
- Allow explicit infinite keepalive timeout to be respected Note that a necessary follow up is to refactor the infinite keepalive timeout to only apply to first read between requests on reused conns.
- Add method to disable keepalive if downstream is unfinished
- Discard extra upstream body and disable keepalive
- Explicitly disable keepalive on upstream connection when excess body (content-length) is detected.
- Add brief sleep to shutdown signal tests to avoid flake
- Allow override of cache lock timeouts
- Allow arbitrary bytes in CacheKey instead of just Strings
- Corrects out-of-order data return after multiple peek calls with different buffer sizes.
- Mark previously too large chunked assets as cacheable
- Boring/OpenSSL load cert chain from connector options
- Add initial support for multipart range requests
- Adds a callback to HttpHealthCheck for collecting detailed backend summary information
- Multipart range filter state fixes
- Explanation of request_body_filter phase
0.5.0 - 2025-05-09
- Add tweak_new_upstream_tcp_connection hook to invoke logic on new upstream TCP sockets prior to connection
- Add ability to configure max retries for upstream proxy failures
- Allow tcp user timeout to be configurable
- Add peer address to downstream handshake error logs
- Allow proxy to set stream level downstream read timeout
- Improve support for sending custom response headers and bodies for error messages
- Allow configuring multiple listener tasks per endpoint
- Add get_stale and get_stale_while_update for memory-cache
- Fix deadloop if proxy_handle_upstream exits earlier than proxy_handle_downstream
- Check on h2 stream end if error occurred for forwarding HTTP tasks
- Check for content-length underflow on end of stream h2 header
- Correctly send empty h2 data frames prior to capacity polling
- Signal that the response is done when body write finishes to avoid h1 downstream/h2 upstream errors
- Ignore h2 pipe error when finishing an H2 upstream
- Add finish_request_body() for HTTP healthchecks so that H2 healthchecks succeed
- Fix Windows compile errors by updating
impl<T> UniqueIDto use correct return type - Fixed compilation errors on Windows
- Poll for H2 capacity before sending H2 body to propagate backpressure
- Fix for write_error_response for http2 downstreams to set EOS
- Always drain v1 request body before session reuse
- Fixes HTTP1 client reads to properly timeout on initial read
- Fixes issue where if TLS client never sends any bytes, hangs forever
- Add builder api for pingora listeners
- Better handling for h1 requests that contain both transfer-encoding and content-length
- Allow setting raw path in request to support non-UTF8 use cases
- Allow reusing session on errors prior to proxy upstream
- Avoid allocating large buffer in the accept() loop
- Ensure HTTP/1.1 when forcing chunked encoding
- Reject if the HTTP header contains duplicated Content-Length values
- proxy_upstream_filter tries to reuse downstream by default
- Allow building server that avoids std::process::exit during shutdown
- Update Sentry crate to 0.36
- Update the bounds on
MemoryCachemethods to accept broader key types - Flush already received data if upstream write errors
- Allow modules to receive HttpTask::Done, flush response compression on receiving Done task
- API signature changes as part of experimental proxy cache support
- Note MSRV was effectively bumped to 1.82 from 1.72 due to a dependency update, though older compilers may still be able to build by pinning dependencies, e.g.
cargo update -p backtrace --precise 0.3.74.
0.4.0 - 2024-11-01
- Add preliminary rustls support
- Add experimental support for windows
- Add the option to use no TLS implementation
- Add support for gRPC-web module to bridge gRPC-web client requests to gRPC server requests
- Add the support for h2c and http1 to coexist
- Add the support for custom L4 connector
- Support opaque extension field in Backend
- Add the ability to ignore informational responses when proxying downstream
- Add un-gzip support and allow decompress by algorithm
- Add the ability to observe backend health status
- Add the support for passing sentry release
- Add the support for binding to local port ranges
- Support retrieving rx timestamp for TcpStream
- Handle bare IPv6 address in raw connect Host
- Set proper response headers when compression is enabled
- Check the current advertised h2 max streams
- Other bug fixes and improvements
- Make sentry an optional feature
- Make timeouts Sync
- Retry all h2 connection when encountering graceful shutdown
- Make l4 module pub to expose Connect
- Auto snake case set-cookie header when downgrade to from h2 to http1.1
- shutdown h2 connection gracefully with GOAWAYs
- Other API signature updates
0.3.0 - 2024-07-12
- Add support for HTTP modules. This feature allows users to import modules written by 3rd parties.
- Add
request_body_filter. Now request body can be inspected and modified. - Add H2c support.
- Add TCP fast open support.
- Add support for server side TCP keep-alive.
- Add support to get TCP_INFO.
- Add support to set DSCP.
- Add
or_err()/or_err_withAPI to convertOptionstopingora::Error. - Add
or_fail()API to convertimpl std::error::Errortopingora::Error. - Add the API to track socket read and write pending time.
- Compression: allow setting level per algorithm.
- Fixed a panic when using multiple H2 streams in the same H2 connection to upstreams.
- Pingora now respects the
Connectionheader it sends to upstream. - Accept-Ranges header is now removed when response is compressed.
- Fix ipv6_only socket flag.
- A new H2 connection is opened now if the existing connection returns GOAWAY with graceful shutdown error.
- Fix a FD mismatch error when 0.0.0.0 is used as the upstream IP
- Dependency: replace
structoptwithclap - Rework the API of HTTP modules
- Optimize remove_header() API call
- UDS parsing now requires the path to have
unix:prefix. The support for the path without prefix is deprecated and will be removed on the next release. - Other minor API changes
0.2.0 - 2024-05-10
- Add support for downstream h2 trailers and add an upstream h2 response trailer filter
- Add the ability to set TCP recv buf size
- Add a convenience function to retrieve Session digest
- Add
body_bytes_read()method to Session - Add
cache_not_modified_filter - Add
SSLKEYLOGsupport for tls upstream - Add
Service<HttpProxy<T>>constructor for providing name - Add
purge_responsecallback - Make
pop_closedpub, to simplify DIY drains
- Fixed gRPC trailer proxying
- Fixed
response_body_filterend_of_streamalways being false - Fixed compile error in Rust <= 1.73
- Fixed non linux build
- Fixed the counting problem of used_weight data field in
LruUnit<T> - Fixed
cargo run --example servermissing cert - Fixed error log string interpolation outside of proper context
- Fixed tinylfu test flake
- API change:
Server::run_forevernow takes ownership and ensures exit semantics - API change:
cleanup()method ofServerApptrait is now async - Behavior change: Always return
HttpTask::Bodyon body done instead ofHttpTask::done - Behavior change: HTTP/1 reason phrase is now parsed and proxied
- Updated
h2dependency for RUSTSEC-2024-0332 - Updated zstd dependencies
- Code optimization and refactor in a few crates
- More examples and docs
0.1.1 - 2024-04-05
Server::newnow acceptsInto<Option<T>>- Implemented client
HttpSession::get_keepalive_valuesfor Keep-Alive parsing - Expose
ListenFdsandFdsto fix a voldemort types issue - Expose config options in
ServerConf, provide newServerconstructor upstream_response_filternow runs on upstream 304 responses during cache revalidation- Added
server_addrandclient_addrAPIs toSession - Allow body modification in
response_body_filter - Allow configuring grace period and graceful shutdown timeout
- Added TinyUFO sharded skip list storage option
- Fixed build failures with the
boringsslfeature - Fixed compile warnings with nightly Rust
- Fixed an issue where Upgrade request bodies might not be handled correctly
- Fix compilation to only include openssl or boringssl rather than both
- Fix OS read errors so they are reported as
ReadErrorrather thanReadTimeoutwhen reading http/1.1 response headers
- Performance improvements in
pingora-ketama - Added more TinyUFO benchmarks
- Added tests for
pingora-cachepurge - Limit buffer size for
InvalidHTTPHeadererror logs - Example code: improvements in pingora client, new LB cluster example
- Typo fixes and clarifications across comments and docs
- First Public Release of Pingora 🎉