NGINX Unit updated to 1.28.0. supporting UNIX sockets in address matching. forwarded header to replace client address and protocol. ability to get dynamic variables. more http variables support. added a new variable, $dollar, that translates to a literal "$" during variable substitution. an index file that didn't contain a file extension was incorrectly handled, and caused a use-after-free bug. increased the applications' startup timeout. NGINX Unit updated to 1.27.0. ability to specify a custom index file name when serving static files. variables support in the "location" option of the "return" action. support empty strings in the "location" option of the "return" action. added a new variable, $request_uri, that includes both the path and the query parts as per RFC 3986, sections 3-4. Ruby Rack environment parameter "SCRIPT_NAME" support. compatibility with GCC 12. Ruby Sinatra applications don't work without custom logging. the controller process could crash when a chain of more than four certificates was uploaded. some Perl applications failed to process the request body, notably with Plack. some Spring Boot applications failed to start, notably with Grails. incorrect Python protocol auto detection (ASGI or WSGI) for native callable object, notably with Falcon. ECMAScript modules did not work with the recent Node.js versions. NGINX Unit updated to 1.26.1. occasionally, the Unit daemon was unable to fully terminate; the bug had appeared in 1.26.0. a prototype process could crash on an application process exit; the bug had appeared in 1.26.0. the router process crashed on reconfiguration if "access_log" was configured without listeners. a segmentation fault occurred in the PHP module if chdir() or fastcgi_finish_request() was called in the OPcache preloading script. fatal errors on DragonFly BSD; the bug had appeared in 1.26.0. Initial release of Java 18 module for NGINX Unit. Initial release of Python 3.10 module for NGINX Unit. NGINX Unit updated to 1.26.0. the "share" option now specifies the entire path to the files it serves, rather than a document root directory to be prepended to the request URI. automatic adjustment of existing configurations to the new "share" behavior when updating from previous versions. variables support in the "share" option. multiple paths in the "share" option. variables support in the "chroot" option. PHP opcache is shared between application processes. request routing by the query string. the router and app processes could crash when the requests limit was reached by asynchronous or multithreaded apps. established WebSocket connections could stop reading frames from the client after the corresponding listener had been reconfigured. fixed building with glibc 2.34, notably Fedora 35. NGINX Unit updated to 1.25.0. client IP address replacement from a specified HTTP header field. TLS sessions cache. TLS session tickets. application restart control. process and thread lifecycle hooks in Ruby. the router process could crash on TLS connection open when multiple listeners with TLS certificates were configured; the bug had appeared in 1.23.0. TLS connections were rejected for configurations with multiple certificate bundles in a listener if the client did not use SNI. the router process could crash with frequent multithreaded application reconfiguration. compatibility issues with some Python ASGI apps, notably based on the Starlette framework. a descriptor and memory leak occurred in the router process when an app process stopped or crashed. the controller or router process could crash if the configuration contained a full-form IPv6 in a listener address. the router process crashed when a request was passed to an empty "routes" or "upstreams" using a variable "pass" option. the router process crashed while matching a request to an empty array of source or destination address patterns. Initial release of Java 17 module for NGINX Unit. Initial release of Java 16 module for NGINX Unit. NGINX Unit updated to 1.24.0. PHP added to the default MIME type list. arbitrary configuration of TLS connections via OpenSSL commands. the ability to limit static file serving by MIME types. support for chrooting, rejecting symlinks, and rejecting mount point traversal on a per-request basis when serving static files. a loader for automatically overriding the "http" and "websocket" modules in Node.js. multiple "targets" in Python applications. compatibility with Ruby 3.0. the router process could crash while closing a TLS connection. a segmentation fault might have occurred in the PHP module if fastcgi_finish_request() was used with the "auto_globals_jit" option enabled. NGINX Unit updated to 1.23.0. support for multiple certificate bundles on a listener via the Server Name Indication (SNI) TLS extension. "--mandir" ./configure option to specify the directory for man page installation. the router process could crash on premature TLS connection close; the bug had appeared in 1.17.0. a connection leak occurred on premature TLS connection close; the bug had appeared in 1.6. a descriptor and memory leak occurred in the router process when processing small WebSocket frames from a client; the bug had appeared in 1.19.0. a descriptor leak occurred in the router process when removing or reconfiguring an application; the bug had appeared in 1.19.0. persistent storage of certificates might've not worked with some filesystems in Linux, and all uploaded certificate bundles were forgotten after restart. the controller process could crash while requesting information about a certificate with a non-DNS SAN entry. the controller process could crash on manipulations with a certificate containing a SAN and no standard name attributes in subject or issuer. the Ruby module didn't respect the user locale for defaults in the Encoding class. the PHP 5 module failed to build with thread safety enabled; the bug had appeared in 1.22.0. Initial release of Python 3.9 module for NGINX Unit. NGINX Unit updated to 1.22.0. the ServerRequest and ServerResponse objects of Node.js module are now compliant with Stream API. support for specifying multiple directories in the "path" option of Python apps. a memory leak occurred in the router process when serving files larger than 128K; the bug had appeared in 1.13.0. apps could stop processing new requests under high load; the bug had appeared in 1.19.0. app processes could terminate unexpectedly under high load; the bug had appeared in 1.19.0. invalid HTTP responses were generated for some unusual status codes. the PHP_AUTH_USER, PHP_AUTH_PW, and PHP_AUTH_DIGEST server variables were missing in the PHP module. the router process could crash with multithreaded apps under high load. Ruby apps with multithreading configured could crash on start under load. mount points weren't unmounted when the "mount" namespace isolation was used; the bug had appeared in 1.21.0. the router process could crash while removing or reconfiguring an app that used WebSocket. a memory leak occurring in the router process when removing or reconfiguring an application; the bug had appeared in 1.19.0. Initial release of Java 15 module for NGINX Unit. Initial release of Java 14 module for NGINX Unit. Initial release of Java 13 module for NGINX Unit. NGINX Unit updated to 1.21.0. procfs is mounted by default for all languages when "rootfs" isolation is used. any characters valid according to RFC 7230 are now allowed in HTTP header field names. HTTP header fields with underscores ("_") are now discarded from requests by default. optional multithreaded request processing for Java, Python, Perl, and Ruby apps. regular expressions in route matching patterns. compatibility with Python 3.9. the Python module now supports ASGI 2.0 legacy applications. the "protocol" option in Python applications aids choice between ASGI and WSGI. the fastcgi_finish_request() PHP function that finalizes request processing and continues code execution without holding onto the client connection. the "discard_unsafe_fields" HTTP option that enables discarding request header fields with irregular (but still valid) characters in the field name. the "procfs" and "tmpfs" automount isolation options to disable automatic mounting of eponymous filesystems. the router process could crash when running Go applications under high load; the bug had appeared in 1.19.0. some language dependencies could remain mounted after using "rootfs" isolation. various compatibility issues in Java applications. the Java module built with the musl C library couldn't run applications that use "rootfs" isolation. NGINX Unit updated to 1.20.0. the PHP module is now initialized before chrooting; this enables loading all extensions from the host system. AVIF and APNG image formats added to the default MIME type list. functional tests migrated to the pytest framework. the Python module now fully supports applications that use the ASGI 3.0 server interface. the Python module now has a built-in WebSocket server implementation for applications, compatible with the HTTP & WebSocket ASGI Message Format 2.1 specification. automatic mounting of an isolated "/tmp" file system into chrooted application environments. the $host variable contains a normalized "Host" request value. the "callable" option sets Python application callable names. compatibility with PHP 8 RC 1. Thanks to Remi Collet. the "automount" option in the "isolation" object allows to turn off the automatic mounting of language module dependencies. "pass"-ing requests to upstreams from a route was broken; the bug had appeared in 1.19.0. Thanks to 洪志道 (Hong Zhi Dao) for discovering and fixing it. the router process could crash during reconfiguration. a memory leak occurring in the router process; the bug had appeared in 1.18.0. the "!" (non-empty) pattern was matched incorrectly; the bug had appeared in 1.19.0. fixed building on platforms without sendfile() support, notably NetBSD; the bug had appeared in 1.16.0. NGINX Unit updated to 1.19.0. reworked IPC between the router process and the applications to lower latencies, increase performance, and improve scalability. support for an arbitrary number of wildcards in route matching patterns. chunked transfer encoding in proxy responses. basic variables support in the "pass" option. compatibility with PHP 8 Beta 1. Thanks to Remi Collet. the router process could crash while passing requests to an application under high load. a number of language modules failed to build on some systems; the bug had appeared in 1.18.0. time in error log messages from PHP applications could lag. reconfiguration requests could hang if an application had failed to start; the bug had appeared in 1.18.0. memory leak during reconfiguration. the daemon didn't start without language modules; the bug had appeared in 1.18.0. the router process could crash at exit. Node.js applications could crash at exit. the Ruby module could be linked against a wrong library version. NGINX Unit updated to 1.18.0. the "rootfs" isolation option for changing root filesystem for an application. multiple "targets" in PHP applications. support for percent-encoding in the "uri" and "arguments" matching options and in the "pass" option. NGINX Unit updated to 1.17.0. a "return" action with optional "location" for immediate responses and external redirection. fractional weights support for upstream servers. accidental 502 "Bad Gateway" errors might have occurred in applications under high load. memory leak in the router; the bug had appeared in 1.13.0. segmentation fault might have occurred in the router process when reaching open connections limit. "close() failed (9: Bad file descriptor)" alerts might have appeared in the log while processing large request bodies; the bug had appeared in 1.16.0. existing application processes didn't reopen the log file. incompatibility with some Node.js applications. broken build on DragonFly BSD; the bug had appeared in 1.16.0. NGINX Unit updated to 1.16.0. basic load-balancing support with round-robin. a "fallback" option that performs an alternative action if a request can't be served from the "share" directory. reduced memory consumption by dumping large request bodies to disk. stripping UTF-8 BOM and JavaScript-style comments from uploaded JSON. negative address matching in router might work improperly in combination with non-negative patterns. Java Spring applications failed to run; the bug had appeared in 1.10.0. PHP 7.4 was broken if it was built with thread safety enabled. compatibility issues with some Python applications. NGINX Unit updated to 1.15.0. extensions of dynamically requested PHP scripts were restricted to ".php". compatibility with Ruby 2.7. segmentation fault might have occurred in the router process with multiple application processes under load; the bug had appeared in 1.14.0. receiving request body over TLS connection might have stalled. NGINX Unit updated to 1.14.0. the Go package import name changed to "unit.nginx.org/go". Go package now links to libunit instead of including library sources. ability to change user and group for isolated applications when Unit daemon runs as an unprivileged user. request routing by source and destination addresses and ports. memory bloat on large responses. Initial release of Go 1.13 module for NGINX Unit. Initial release of Go 1.12 module for NGINX Unit. Initial release of Python 3.8 module for NGINX Unit. NGINX Unit updated to 1.13.0. basic support for HTTP reverse proxying. compatibility with Python 3.8. memory leak in Python application processes when the close handler was used. threads in Python applications might not work correctly. Ruby on Rails applications might not work on Ruby 2.6. backtraces for uncaught exceptions in Python 3 might be logged with significant delays. explicit setting a namespaces isolation option to false might have enabled it. NGINX Unit updated to 1.12.0. compatibility with PHP 7.4. descriptors leak on process creation; the bug had appeared in 1.11.0. TLS connection might be closed prematurely while sending response. segmentation fault might have occurred if an irregular file was requested. NGINX Unit updated to 1.11.0. basic support for serving static files. isolation of application processes with Linux namespaces. built-in WebSocket server implementation for Java Servlet Containers. direct addressing of API configuration options containing slashes "/" using URI encoding (%2F). segmentation fault might have occurred in Go applications under high load. WebSocket support was broken if Unit was built with some linkers other than GNU ld (e.g. gold or LLD). missed header files added to unit development package. NGINX Unit updated to 1.10.0. matching of cookies in routes made case sensitive. decreased log level of common errors when clients close connections. removed the Perl module's "--include=" ./configure option. built-in WebSocket server implementation for Node.js module. splitting PATH_INFO from request URI in PHP module. request routing by scheme (HTTP or HTTPS). support for multipart requests body in Java module. improved API compatibility with Node.js 11.10 or later. reconfiguration failed if "listeners" or "applications" objects were missing. applying a large configuration might have failed. Initial release of Go 1.11 module for NGINX Unit. NGINX Unit updated to 1.9.0. request routing by arguments, headers, and cookies. route matching patterns allow a wildcard in the middle. POST operation for appending elements to arrays in configuration. support for changing credentials using CAP_SETUID and CAP_SETGID capabilities on Linux without running main process as privileged user. memory leak in the router process might have happened when a client prematurely closed the connection. applying a large configuration might have failed. PUT and DELETE operations on array elements in configuration did not work. request schema in applications did not reflect TLS connections. restored compatibility with Node.js applications that use ServerResponse._implicitHeader() function; the bug had appeared in 1.7. various compatibility issues with Node.js applications. Initial release of Java common packages for NGINX Unit. Initial release of Java 8 module for NGINX Unit. Initial release of Java 10 module for NGINX Unit. Initial release of Java 11 module for NGINX Unit. NGINX Unit updated to 1.8.0. now three numbers are always used for versioning: major, minor, and patch versions. now QUERY_STRING is always defined even if the request does not include the query component. basic internal request routing by Host, URI, and method. experimental support for Java Servlet Containers. segmentation fault might have occurred in the router process. various potential memory leaks. TLS connections might have stalled. some Perl applications might have failed to send the response body. some compilers with specific flags might have produced non-functioning builds; the bug had appeared in 1.5. Node.js package had wrong version number when installed from sources. NGINX Unit updated to 1.7.1. a heap memory buffer overflow might have been caused in the router process by a specially crafted request, potentially resulting in a segmentation fault or other unspecified behavior (CVE-2019-7401). install of Go module failed without prior building of Unit daemon; the bug had appeared in 1.7. Initial release of Python 3.7 module for NGINX Unit. NGINX Unit updated to 1.7. now rpath is set in Ruby module only if the library was not found in default search paths; this allows to meet packaging restrictions on some systems. "disable_functions" and "disable_classes" PHP options set via Control API did not work. Promises on request data in Node.js were not triggered. various compatibility issues with Node.js applications. a segmentation fault occurred in Node.js module if application tried to read request body after request.end() was called. a segmentation fault occurred in Node.js module if application attempted to send header twice. names of response header fields in Node.js module were erroneously treated as case-sensitive. uncatched exceptions in Node.js were not logged. global install of Node.js module from sources was broken on some systems; the bug had appeared in 1.6. traceback for exceptions during initialization of Python applications might not be logged. PHP module build failed if PHP interpreter was built with thread safety enabled. NGINX Unit updated to 1.6. "make install" now installs Node.js module as well if it was configured. "--local" ./configure option to install Node.js module locally. Node.js module might have crashed due to broken reference counting. asynchronous operations in Node.js might not have worked. various compatibility issues with Node.js applications. "freed pointer is out of pool" alerts might have appeared in log. module discovery did not work on 64-bit big-endian systems like IBM/S390x. NGINX Unit updated to 1.5. the "type" of application object for Go was changed to "external". initial version of Node.js package with basic HTTP request-response support. compatibility with LibreSSL. --libdir and --incdir ./configure options to install libunit headers and static library. connection might be closed prematurely while sending response; the bug had appeared in 1.3. application processes might have stopped handling requests, producing "last message send failed: Resource temporarily unavailable" alerts in log; the bug had appeared in 1.4. Go applications did not work when Unit was built with musl C library. corrected instructions for launching sample application. the "saveconfig" and "loadconfig" action scripts were removed. NGINX Unit updated to 1.4. the control API maps the configuration object only at "/config/". TLS support for client connections. TLS certificates storage control API. Unit library (libunit) to streamline language module integration. "408 Request Timeout" responses while closing HTTP keep-alive connections. improvements in OpenBSD support. Thanks to David Carlier. a segmentation fault might have occurred after reconfiguration. building on systems with non-default locale might be broken. "header_read_timeout" might not work properly. header fields values with non-ASCII bytes might be handled incorrectly in Python 3 module. NGINX Unit updated to 1.3. UTF-8 characters are now allowed in request header field values. configuration of the request body size limit. configuration of various HTTP connection timeouts. Ruby module now automatically uses Bundler where possible. http.Flusher interface in Go module. various issues in HTTP connection errors handling. requests with body data might be handled incorrectly in PHP module. individual PHP configuration options specified via control API were reset to previous values after the first request in application process. NGINX Unit updated to 1.2. configuration of environment variables for application processes. customization of php.ini path. setting of individual PHP configuration options. configuration of execution arguments for Go applications. keep-alive connections might hang after reconfiguration. Initial release of Go 1.10 module for NGINX Unit. NGINX Unit updated to 1.1. Python applications that use the write() callable did not work. virtual environments created with Python 3.3 or above might not have worked. the request.Read() function in Go applications did not produce EOF when the whole body was read. a segmentation fault might have occurred while access log reopening. in parsing of IPv6 control socket addresses. loading of application modules was broken on OpenBSD. a segmentation fault might have occurred when there were two modules with the same type and version; the bug had appeared in 1.0. alerts "freed pointer points to non-freeble page" might have appeared in log on 32-bit platforms. NGINX Unit updated to 1.0. configuration object moved into "/config/" path. basic access logging. 503 error occurred if Go application did not write response header or body. Ruby applications that use encoding conversions might not have worked. various stability issues. NGINX Unit updated to 0.7. Initial release of Ruby module for NGINX Unit. Ruby application module. in discovering modules. various race conditions on reconfiguration and during shutting down. tabs and trailing spaces were not allowed in header fields values. a segmentation fault occurred in Python module if start_response() was called outside of WSGI callable. a segmentation fault might have occurred in PHP module if there was an error while initialization. NGINX Unit updated to 0.6. the main process died when the "type" application option contained version; the bug had appeared in 0.5. NGINX Unit updated to 0.5. Initial release of Perl module for NGINX Unit. the "workers" application option was removed, the "processes" application option should be used instead. the "processes" application option with prefork and dynamic process management support. Perl application module. in reading client request body; the bug had appeared in 0.3. some Python applications might not have worked due to missing "wsgi.errors" environ variable. HTTP chunked responses might be encoded incorrectly on 32-bit platforms. infinite looping in HTTP parser. segmentation fault in router. NGINX Unit updated to 0.4. compatibility with DragonFly BSD. "configure php --lib-static" option. HTTP request body was not passed to application; the bug had appeared in 0.3. HTTP large header buffers allocation and deallocation fixed; the bug had appeared in 0.3. some PHP applications might not have worked with relative "root" path. Initial release of Go 1.9 module for NGINX Unit. Initial release of Python 3.6 module for NGINX Unit. NGINX Unit updated to 0.3. the Go package name changed to "nginx/unit". in the "limits.timeout" application option: application start time and time in queue now are not accounted. the "limits.requests" application option. application request processing latency optimization. HTTP keep-alive connections support. the "home" Python virtual environment configuration option. Python atexit hook support. various Go package improvements. various crashes fixed. Initial release of Go module for NGINX Unit. Initial release of Go 1.7 module for NGINX Unit. Initial release of Go 1.8 module for NGINX Unit. Initial release of Python module for NGINX Unit. Initial release of Python 2.7 module for NGINX Unit. Initial release of Python 3.4 module for NGINX Unit. Initial release of Python 3.5 module for NGINX Unit. Initial release of PHP module for NGINX Unit. configuration persistence. improved handling of configuration errors. application "timeout" property. POST request for PHP were handled incorrectly. the router exited abnormally if all listeners had been deleted. the router crashed under load. memory leak in the router. First public release.