Releases: launchdarkly/ld-relay
v7.0.0
[7.0.0] - 2022-12-07
The latest version of the Relay Proxy supports LaunchDarkly's new custom contexts feature. Contexts are an evolution of a previously-existing concept, "users." Contexts let you create targeting rules for feature flags based on a variety of different information, including attributes pertaining to users, organizations, devices, and more. You can even combine contexts to create "multi-contexts."
This feature is only available to members of LaunchDarkly's Early Access Program (EAP). If you're in the EAP, and the SDK you are using also has an EAP release, you can use contexts by updating your SDK to the latest version and, updating your Relay Proxy. Outdated SDK versions do not support contexts, and will cause unpredictable flag evaluation behavior.
If you are not in the EAP, only use single contexts of kind "user", or continue to use the user type if available. If you try to create contexts, the context will be sent to LaunchDarkly, but any data not related to the user object will be ignored.
For detailed information about this version, please refer to the list below.
Added:
- Added support for new context-based features in flag evaluations.
- Added evaluation endpoints that are used by new versions of client-side SDKs.
Changed:
- When building the Relay Proxy from source code or using its packages from application code, the minimum Go version is now 1.18.
- The pre-built binaries and Docker image are now built with Go 1.19.
Removed:
- Removed support for obsolete evaluation endpoints that were used by very old client-side SDKs.
v6.7.14
[6.7.14] - 2022-10-26
This is a security patch release.
Fixed:
- Updated Go runtime version in the Docker image to 1.19.2, to address multiple vulnerability reports in Go 1.17.x and 1.18.x. (#205)
- Updated Consul API module version as a workaround for a false-positive report of CVE-2022-40716. (#205)
- Removed a transitive dependency on AWS SDK v1, which was causing vulnerability reports for CVE-2020-8911 and CVE-2020-8912; in practice, this functionality was never being used by the Relay Proxy. (#204)
- Enforce a minimum TLS version of 1.2 when connecting to a secure Redis instance.
- In offline mode, added a check to prevent a maliciously crafted archive file from causing file data to be written outside of the directory where the archive is being expanded.
- Minor code changes to avoid using the deprecated
ioutilpackage. - CI tests now include Go 1.18 and 1.19.
v6.7.13
v6.7.12
[6.7.12] - 2022-07-28
Fixed:
- When using DynamoDB with Big Segments, if the configuration specified a different table name for each environment, that name was being ignored. The Relay Proxy was only respecting the per-environment table name setting for regular data storage, not for Big Segments. This has been fixed so Big Segments data now uses the correct table name. (#199)
v6.7.11
v6.7.10
[6.7.10] - 2022-07-12
Fixed:
- Updated
libcryptoandlibsslin the Docker image to address an OpenSSL vulnerability. Although the Relay Proxy does not use OpenSSL (it uses the Go runtime's TLS implementation), our policy is to patch all vulnerabilities detected in the Alpine OS used in our Docker image. (#195)
v6.7.9
[6.7.9] - 2022-07-01
Changed:
- If the Relay Proxy receives multiple server-side SDK connections for the same environment at nearly the same time, it can now prepare the flag/segment payload for all of them at once using a single buffer. Previously, a new buffer was always used for each connection, which could cause high transient memory usage if many SDKs connected in rapid succession and if the flag/segment data was large.
(Thanks, moshegood!)
v6.7.8
[6.7.8] - 2022-06-13
Fixed:
- Updated Alpine version to 3.16.0 to address an OpenSSL vulnerability. Although the Relay Proxy does not use OpenSSL (it uses the Go runtime's TLS implementation), our policy is to patch all vulnerabilities detected in the Alpine OS used in our Docker image. (#191)
- Removed the unnecessary installation of
curlin the Docker image, which caused security warnings about a vulnerable version oflibcurleven though it was not being used. (#191)
v6.7.7
[6.7.7] - 2022-05-10
Fixed:
- Fixed an inefficiency in the SSE server implementation that could cause unnecessarily large temporary memory usage spikes when the Relay Proxy was sending large flag data sets to server-side SDK clients.
v6.7.6
[6.7.6] - 2022-04-29
Fixed:
- Setting allowable CORS origin domains with any of the
allowedOrigin/ALLOWED_ORIGINconfiguration options did not work correctly: requests with a matching domain would return empty responses. (Thanks, joshuaeilers!)