1.1. 3.4.x Branch¶
1.1.1. Version 3.4.1¶
1.1.1.1. Highlights¶
#5255: Set
upgrade_hash_on_auth
tofalse
to disable automatic password hashing upgrades.
1.1.1.2. Bufixes¶
#5254: Handle the case when the QuickJS scanner has no valid views.
1.1.1.3. Tests¶
#5253: Increase timeout for couch_work_queue test.
1.1.1.4. Docs¶
#5256: Explain holding off 3.4.0 binaries and the reason for making a 3.4.1 release.
1.1.2. Version 3.4.0¶
1.1.2.1. Warning¶
CouchDB version 3.4.0 includes a feature to automatically upgrade password
hashes to a newer algorithm and a configuration option that enables this feature
by default. As a consequence, if you are upgrading to CouchDB version 3.4.0 from
an earlier version and then have to roll back to the earlier version, some of
your _users
documents might have already automatically ugpraded to the new
algorithm. Your older version of CouchDB does not understand the resulting
password hash and cannot authenticate the user any more until the earlier
password hash is restored manually by an adminstrator.
As a result, the CouchDB team has decided to issue a 3.4.1 release setting the configuration option to disable this new auto-upgrade feature.
The issue was found after the formal 3.4.0 release process has concluded, so the source release is available normally, but the CouchDB team has not made 3.4.0 convenience binaries available. The team recommends to upgrade to 3.4.1 instead when it is available.
The CouchDB team also recommends enabling the feature by setting the
upgrade_hash_on_auth
configuration option to true
as soon as you are
safely running on 3.4.1 and have no more need to roll back the version.
1.1.2.2. Breaking Changes¶
#5046: JWT: require valid
exp
claim by defaultUsers of JWT rightly expect tokens to be considered invalid once they expire. It is a surprise to some that this requires a change to the default configuration. In the interest of security we will now require a valid
exp
claim in tokens. Administrators can disable the check by changingrequired_claims
back to the empty string.We recommend adding
nbf
as a required claim if you know your tokens will include it.#5203: Continuous change feeds with
descending=true&limit=N
Changes requests with
feed=continuous&descending=true&limit=N
, whenN
is greater than the number of db updates, will no longer wait on db changes and then repeatedly re-send the first few update sequences. The request will return immediately after all the existing update sequences are streamed back to the client.
1.1.2.3. Highlights¶
.-.
/ |
/\ | .-._.) ( ) .-..-. .-. ) (
/ \ |( )( )( / ./.-'_( | ( )
.-' / \| `-' `--': \_/ (__.' `-'-'`--':
(__.' `.
#4291: Introducing Nouveau (beta) a modern, from-the-ground-up implementation of Lucene-based full-text search for CouchDB. Please test this thoroughly and report back any issues you might find.
Advantages over SpiderMonkey:
Significantly smaller and easier to integrate codebase. We’re using ~6 C files vs 700+ SM91 C++ files.
Built with Apache CouchDB as opposed having to maintain a separate SpiderMonkey package for OSs that don’t support it (*cough*RedHat9*cough*).
Better sandboxing support.
Preliminary test results show multiple performance improvements.
4x faster than SpiderMonkey 1.8.5.
5x faster than SpiderMonkey 91.
6x reduced memory usage per
couchjs
process (5MB vs 30MB).Allows compiling JavaScript bytecode ahead of time.
QuickJS can be built alongside SpiderMonkey and toggled on/off at runtime:
./configure --dev --js-engine=quickjsThis makes it the default engine. But SpiderMonkey can still be set in the config option:
[couchdb] js_engine = spidermonkey | quickjsCouchDB also now includes a scanner plugin that, when enabled, can scan all design docs in all your databases in the background and report incompatibilities between SpiderMonkey and QuickJS. This allows you to safely migrate to QuickJS.
#4570, #4578, #4576: Adopt xxHash in favour of md5 for
couch_file
checksums and ETag calculation. 30% performance increase for large (128K) docs. No difference for smaller docs.#4814: Introduce PBKDF2-SHA256 for password hashing. The existing PBKDF2-SHA1 variant is now deprecated. Increases the default iteration count to
600000
. Also introduce a password hash in-memory cache with a low iteration number, to keep interactive requests fast for a fixed time.Entries in the password hash cache are time-limited, unused entries are automatically deleted, and there is a capacity bound.
Existing hashed user doc entries will be automatically upgraded during the next successful authentication. To disable auto-upgrading set the
[chttpd_auth] upgrade_hash_on_auth
config setting tofalse
.#4512: Mango: add keys-only covering indexes. Improves query response times for certain queries up to 10x at p(95).
#4681: Introduce optional countermeasures as we run out of disk space.
#4847: Require auth for
_replicate
endpoint. This continues the 3.x closed-by-default design goal.#5032: Temporarily block access by client IP for repeated authentication failures. Can be disabled in config.
Many small performance improvements, see the Performance section.
1.1.2.4. Features and Enhancements¶
#5212: Allow configuring TLS
signature_algs
andeccs
curves for the clustered port.#5136: Print log dir on
dev/run
startup.#5150: Ensure
rexi_buffer
metric includes the internal buffered messages.#5145: Add aggregate
rexi_server
andrexi_buffer
message queue metrics.#5093, #5178: Ensure replication jobs migrate after any the shard map changes.
#5079: Move to Erlang 25 minimum.
#5069: Update Fauxton to v1.3.1.
#5067: Support Erlang/OTP 27.
#5053: Use the built-in
crypto:pbkdf2_hmac
function.#5036: Remove
replication_job_supervisor
.#5035: Modernise
couch_replicator_supervisor
.#5019: Remove unused build files.
#5017: Remove unused
boot_dev_cluster.sh
.#5014: Add Couch Scanner module.
#5013: Improve dist diagnostics.
#4990: Add
dbname
to mango exec stats.#4987: Replace
khash
with maps inddoc_cache_lru
.#4984: Fabric: switch to maps for view rows.
#4979: Git ignore top level
clouseau
directory.#4977: Replace
khash
with maps incouch_event_server
.#4976: Add metrics for fast vs slow password hashing.
#4965: Handle multiple response copies for
_purged_infos
API.#4878: Add an option to scrub some sensitive headers from external json.
#4834: Wait for newly set admin creds to be hashed in setup.
#4821: Do not fail compactions if the last step is delayed by
ioq
.#4810: Mango: add
$beginsWith
operator.#4769: Improve replicator error handling.
#4766: Add new HTTP endpoint
/_node/_local/_smoosh/status
.#4736: Stop client process and clean up if client disconnects.
#4703: Add
_purged_infos
endpoint.#4685: Add
"CouchDB-Replicator/..."
user agent to replicator/_session
requests.#4680: Shard splitting: allow resumption of failed jobs and make timeout configurable.
#4677: Crash replication jobs on unexpected
4xx
errors.#4670: Allow setting of additional
ibrowse
options likeprefer_ipv6
.#4662: Mango: extend
_explain
with candidate indexes and selector hints.#4625: Add optional logging of security issues when replicating.
#4623: Better upgrade handling of
instance_start_time
in replicator.#4613: Add option to suppress version info via HTTP header.
#4601: Add simple
fabric
benchmark.#4581: Support Erlang/OTP 26.
#4575: Add
{verify, verify_peer}
for TLS validation.#4569: Mango: add
keys_examined
forexecution_stats
.#4558: Make Erlang/OTP 24 the minimum supported Erlang version.
#4513: Make timeouts for
_view
and_search
configurable.#4483: Add RFC5424 compliant report logging.
#4475: Add type and descriptions to prometheus output.
#4443: Automatically enable FIPS mode at runtime.
#4438: Upgrade hash algorithm for proxy auth.
#4432: Hide shard-sync and purge documents from
_local_docs
.#4431: Allow definition of JWT roles claim as comma-separated list.
#4404: Respond with 503 immediately if search not available.
#4347: Remove failed
couch_plugins
experiment.#5046: JWT: require valid exp claim by default.
#5065: Update Fauxton UI to version v1.3.1.
1.1.2.5. Performance¶
#5172: Remove
unique_integer
bottleneck fromcouch_lru
.#5168: Update
couch_lru
to use maps.#5104: Update xxhash from upstream tag
v0.8.2
.#5037: Optimise
fabric:all_dbs()
.#4911: Optimise and clean up
couch_multidb_changes
.#4852: Optimise
_active_tasks
.#4786, #4789: Add extra timing stats for
couch_js
engine commands.#4679: Fix multipart parse
attachment longer than expected
error.#4672: Remove
folsom
and reimplement required functionality with new Erlang/OTP primitives resulting in up to 19x faster histogram operations.#4617: Use a faster sets implementation available since OTP 24.
#4608: Add metrics for fsync calls and query engine operations.
#4604: 6x speedup for common
mem3:dbname/1
function.#4603: Update
vm.args
settings, increased Erlang distribution buffer size to 32MB.#4598: Speed up internal replicator.
#4505: Treat JavaScript internal errors as fatal.
#4494: Treat single-element keys as key.
#4473: Avoid re-compiling filter view functions.
#4401: Enforce doc ids
_changes
filter optimisation limit and raise it from100
to1000
.#4394: Mango: push
fields
selection down to data nodes.
1.1.2.6. Bugfixes¶
#5223, #5228, #5226: Fix handling IPv6 addresses for
_session
endpoints in replicator.#5191, #5193: Fix error loop with system freeze when removing a node from a cluster.
#5188: Fix units for replicator
cluster_start_period
config setting.#5185: Use an explicit message for replicator doc processor delayed init. Fixes a rare case when the replicator will never start scanning and monitoring
_replicator
dbs for changes.#5184: Remove compatibility
couch_rand
module.#5179: Do not leak
fabric_rpc
workers if coordinator is killed.#5205: Cleanly abort responses when path doesn’t start with slash.
#5204, #5203, #5200, #5201: Fix continuous changes feeds with a limit greater than total.
#5169: Make sure we never get an inconsistent
couch_lru
cache.#5167: Remove unused
close_lru
gen_server
call.#5160: Ensure we run fabric worker cleanup in more cases.
#5158: Fix PowerShell
PSScriptAnalyzer
warnings.#5153, #5156: Upgrade recon and fix Erlang/OTP 27 compiler warnings.
#5154: Replace
0/1
tofalse/true
for config keys.#5152: Improve worker cleanup on early coordinator exit to reduce the occurrence of spurious
exit:timeout
errors in the log.#5151: Use atom for config key
with_spidermonkey
.#5147: Add passively closed client monitoring to search.
#5144: Cleanup deprecated and unused functionality in
rexi
.#5143: Remove unused external functions and local external calls.
#5130, #5132, #5138, #5163, #5170: Implement persistent node names.
#5131: Remove unused
couch_db_header
module.#5084, #5126: Simplify and fix hyper. Remove external
hyper
dependency.#5111, #5114: Make sure config reload finds new
.ini
files in.d
directories.#5110: Remove last remnant of snap install in
./configure
. That happens incouchdb-pkg
now.#5101: Fix replicator scheduler job stopping crash.
#5100: Simplify
couchdb.cmd.in
and remove app version.#5097: Remove
couch_io_logger
module.#5066: Handle multiple
Set-Cookie
headers in replicator session plugin.#5060: Cleanup a few clauses in
fabric_view_changes
.#5030: Always commit if we upgrade 2.x view files. Fixes misleading
wrong signature
error.#5025: Fix
seedlist
to not return duplicate json keys.#5008: Fix case clause error in replicator
_scheduler/docs
response.#5000: Remove repetitive word in source commends (5000!).
#4962: Make multidb changes shard map aware.
#4958: Mango: use rolling execution statistics.
#4921: Make sure to reply to
couch_index_server
clients.#4910:
couch_passwords:verify
should always return false for bad inputs.#4908: Mango: communicate rows read for global stats collection.
#4906: Flush
chttpd_db
monitor refs on demonitor.#4904: Git ignore all .hypothesis directories.
#4887: Look up search node name in config for weatherreport.
#4837: Fix update bug in
ets_lru
.#4811: Prevent delayed opener error from crashing index servers.
#4794: Fix incorrect raising of
database_does_not_exist
error.#4784: Fix parsing of node name from
ERL_FLAGS
inremsh
.#4782, #4891: Mango: prevent occasional duplication of paginated text results.
#4761: Fix badrecord error when replicator is logging HTTP usage.
#4759: TLS: use HTTP rules for hostname verification.
#4758: Remove sensitive headers from the
mochiweb
request inpdict
.#4751: Mango: correct behaviour of
fields
on_explain
.#4722: Fix badmatch error when purge requests time out.
#4716: Fix pending count for reverse changes feed.
#4709: Mango: improve handling of invalid fields.
#4682:
_design_doc/queries
withkeys
should only return design docs.#4669: Allow for more than two replicator socket options.
#4666: Improve error handling in config API.
#4659: Mango: remove duplicates from
indexable_fields/1
results.#4658: Fix undefined range in
mem3_rep
purge replication logic.#4653: Fix ability to use
;
inside of config values.#4629: Fix prometheus to survive
mem3_sync
termination.#4626: Fix purge infos replicating to the wrong shards during shard splitting.
#4602: Fix error handling for the
_index
endpoint and document_index/_bulk_delete
.#4555: Fix race condition when creating indexes.
#4524: Querying
_all_docs
with non-string key should return an empty list.#4514: GET invalid path under
_index
should not cause 500 response.#4509: Make
remsh
work with quoted cookie.#4503: Add
error_info
clause for410 Gone
.#4491: Fix
couch_index
to avoid crashes under certain conditions.#4485: Catch and log any error from
mem3:local_shards
inindex_server
.#4473: Fix prometheus counter metric naming.
#4458: Mango: Fix text index selection for queries with
$regex
.#4416: Allow
_local
doc writes to the replicator dbs.#4370: Ensure design docs are uploaded individually when replicating with
bulk_get
.#4363: Fix replication
_scheduler/docs
total_rows
.#4360: Fix handling forbidden exceptions from workers in
fabric_doc_update
.#4353: Fix replication
job_link
.#4348: Fix undefined function warning in weatherreport.
#4343: Fix
undef
when parsing replication doc body.
1.1.2.7. Tests¶
#5219: Allow for overriding the host on running Mango tests.
#5192: Clean elixir build artifacts with
make clean
.#5190: Remove flaky couch key tree test.
#5187: Do not test SpiderMonkey libs when it is disabled on Windows.
#5183: Remove redundant and racy assertion in the
couchdb_os_proc_pool
test.#5182: Set minimum Elixir version to 1.15.
#5180: Bump Clouseau to 2.23.1 in CI.
#5128: Update Erlang in CI, support Elixir 1.17.
#5102: Use a shorter
4000
msec replicator scheduling interval for tests.#5078, #5085: Make app and release versions uniform. Remove the unused
rel
version.#5068: Fix flakiness in
fabric_bench
.#5054: Update a few deps and improve CI.
#5050: Update CI OSes.
#5048: Update CI Erlang versions.
#5040: Fix invalid call to
exit/2
incouch_server
.#5039: Improve fabric
all_dbs
test.#5024: Fix flaky
_changes
async test.#4982: Fix flaky password hashing test.
#4980: Fix password test timeout.
#4973: Handling node number configuration in
dev/run
.#4959: Enable Clouseau for more platforms.
#4953: Improve retries in dev/run cluster setup.
#4947: Add tests for
_changes
endpoint.#4938: Add tests for
_changes
with different parameters.#4903: Add extra rev tree changes tests.
#4902: Fix flaky tests by increasing timeout.
#4900: More flaky fixes for cluster setup.
#4899: Reduce EUnit log noise.
#4898: Simplify
couch_changes_tests.erl
using macro?TDEF_FE
.#4893: Relax restriction on
[admins]
in devlocal.ini
.#4889: Do not use admin party for integration tests.
#4873: Fix test for text index creation.
#4863: Fix flaky
users_db_security
test.#4808: Fix flaky
couch_stream
test.#4806: Mango: do not skip json tests when Clouseau installed.
#4803: Fix flaky
ddoc_cache
test some more.#4765: Fix flaky mem3 reshard test.
#4763: Plug hole in unit test coverage of view cursor functions.
#4726: Support Elixir 1.15.
#4691:
make elixir
should match what we run in CI.#4632: Fix test database recreation logic.
#4630: Add extra assert in flaky couch_file test.
#4620: Add Erlang/OTP 26 to Pull Request CI matrix.
#4453: Fix flaky LRU test that the new super fast macOS CI worker noticed.
#4422: Clean up JSON index selection and add unit tests.
#4345: Add test coverage for replicator
user_ctx
parser.
1.1.2.8. Docs¶
#5221: Add notes about JavaScript engine compatibility issues and how to use the new scanner feature.
#5162: Update CVE backport policy.
#5134: Remove
JSON2
reference as we no longer ship our own JSON.#5063: Fix duplicate keys in find query.
#5045: Create Python
virtualenv
on Windows for docs.#5038: Fix small detail about conflicts in Overview section.
#4999: Change server instance to cluster for UUID docs.
#4955: Revamp the installation instructions for FreeBSD.
#4951: Add extension for copying code blocks with just one click.
#4950: Improve changes feed API documentation.
#4948: Update Sphinx package version to 7.2.6.
#4946: Update Sphinx/RTD dependencies.
#4942: Fix invalid JSON in
_db_updates
example.#4940: Re-wrote snap installation guide lines for 3.3.
#4933: Set docs version numbers dynamically from file.
#4928: Add missing installation OSes for convenience binaries.
#4925: Break long lines for better readability within tables.
#4774: Amend description of
use_index
on/{db}/_find
.#4743: Ban the last monster.
#4684: Add
_design_docs/queries
and_local_docs/queries
.#4645: Add authentication data to examples.
#4636: Clarify default quorum calculation.
#4561: Clarify encoding length in performance section.
#4402: Fix example code in partitioned databases.
1.1.2.9. Builds¶
#4840: Add Debian 12 (bookworm) to CI and binary packages.
1.1.2.10. Other¶
What’s new, Scooby-Doo?