v1.4.3

Fix of security vulnerability introduced in v1.4.2, see below.

• If you are using Centrifugo v1.4.2 (previous versions not affected) with admin socket enabled (with --admin or --web options) and your admin endpoint not protected by firewall somehow then you must update to this version. Otherwise it's possible to connect to admin websocket endpoint and run any command without authentication. It's recommended to update your secret key after upgrade. So sorry for this.

v1.4.2

No backwards incompatible changes here.

• Redis Sentinel support for Redis high availability setup. Docs
• Redis Engine now uses Redis pipeline for batching publish operations - this results in latency and throughput improvments when publish rate is high.
• Refactored admin websocket. New option admin to enable admin websocket. New option insecure_admin to make this endpoint insecure (useful when admin websocket endpoint/port protected by firewall rules). web_password option renamed to admin_password, web_secret option renamed to admin_secret, insecure_web renamed to insecure_admin. But all old option names still supported to not break things in existing setups. Also note, that when you run Centrifugo with web interface enabled - you also make admin websocket available, because web interface uses it. A little more info in pull request.
• Presence Redis Engine methods rewritten to lua to be atomic.
• Some Redis connection params now can be set over environment variables. See #81
• Fix busy loop when attempting to reconnect to Redis. Fixes large CPU usage while reconnecting.
• Shorter message uids (22 bytes instead of 36). This was made in order to get some performance improvements.

v1.4.1

• fix server crash on 32-bit architectures (due to this), see more details in #74.
• fix compatibility problem with gocent introduced in v1.4.0

v1.4.0

No backwards incompatible changes here for most usage scenarios, but look carefully on notes below.

• Timers in metrics marked as deprecated. time_api_mean, time_client_mean, time_api_max, time_client_max now return 0. This was made because timer's implementation used Timer from go-metrics library that does not suit very well for Centrifugo needs - so values were mostly useless in practice. So we decided to get rid of them for now to not confuse our users.
• New node API method to get information from single node. That information will contain counters without aggregation over minute interval (what stats method does by default). So it can be useful if your metric aggregation system can deal with non-aggregated counters over time period itself. Also note that to use this method you should send API request to each Centrifugo node separately - as this method returns current raw statistics about one node. See issue for motivation description.
• Centrifugo now handles SIGTERM in addition to SIGINT and makes shutdown when this signal received. During shutdown Centrifugo returns 503 status code on requests to handlers and closes client connections so clients will reconnect. If shutdown finished without errors in 10 seconds interval then Centrifugo exits with status code 0 (instead of 130 before, this fixes behaviour behind systemd after SIGTERM received).
• Maximum limit in bytes for client request was added. It can be changed using client_request_max_size config option. By default 65536 bytes (64kb).
• Packages for 64-bit Debian, Centos and Ubuntu hosted on packagecloud.io. If you are using Debian 7 or 8, Centos 6 or 7, Ubuntu 14.04 or Ubuntu 16.04 - you can find packages for those linux distribution following to packagecloud. Packages will be created every time we release new Centrifugo version.

v1.3.3

No backwards incompatible changes here

• fix automatic presence expire in Redis engine - could lead to small memory leaks in Redis when using presence. Also could result in wrong presence information after non-graceful Centrifugo node shutdown.
• configurable limit for amount of channels each client can subscribe to. Default 100. Can be changed using client_channel_limit configuration option.

v1.3.2

This release built using go 1.5.3 and includes security fix in Go lang

• empty errors not included in client response (this requires using Javascript client >= 1.1.0)
• optimization in Redis engine when using history - one round trip to Redis to publish message and save it into history instead of two. This was done over registering lua script on server start.
• client errors improvements - include error advice when error occurred (fix or retry at moment)

Also note that Javascript client will be fully refreshed soon. See this pull request

v1.3.1

• fix port configuration introduced in v1.3.0: --port should override default values for admin_port and api_port
• use the same (http/https) scheme for Sockjs default iframe script source.
• fix possible deadlock in shutdown

v1.3.0

See changelog for details of this release - there are lots of new features and some important fixes.

Big thanks to Paul Banks for a great work on improvements released in v1.3.0

v1.2.0

No backwards incompatible changes here.

• New recover option to automatically recover missed messages based on last message ID. See pull request and chapter in docs for more information. Note that you need centrifuge-js >= v1.1.0 to use new recover option
• New broadcast API method to send the same data into many channels. See issue and updated API description in docs
• Dockerfile now checks SHA256 sum when downloading release zip archive.
• release built using Go 1.5.2

v1.1.0

No backwards incompatible changes here.

• support enabling web interface over environment variable CENTRIFUGO_WEB
• close client's connection after its message queue exceeds 10MB (default, can be modified using max_client_queue_size configuration file option)
• fix theoretical server crash on start when reading from redis API queue