Log message:
rabbitmq: updated to 3.13.7

RabbitMQ 3.13.7

Core Broker

Bug Fixes

Streams recover better from certain node process failures that may leave behind \ 
orphaned segment files
(that is, segment files that do not have a corresponding index file) or index \ 
files without a corresponding
segment file.

Kudos to @sysupbda for providing detailed reproduction steps and verifying the \ 
fix in the affected environment.

Config file peer discovery now logs warnings for certain common user mistakes.

Queue declaration operations now return more useful errors when Khepri is \ 
enabled and there's only a minority
of nodes online.

Logging is now more defensive around exception handling. Previously a (very \ 
rare) logger exception could
lead to the amq.rabbitmq.log handler and exchange to be removed.

Contributed by @gomoripeti.

rabbitmq-upgrade revive unintentionally tried to perform operations on replicas \ 
that are not local to the node.
This could result in an exceptions some of which were not handled and the \ 
command failed.
Re-running the command usually helped.

Enhancements

Enabling an experimental feature flag now involves an explicit confirmation.

Khepri projections are registered in a safer manner during node boot.

MQTT

Bug Fixes

Clients that use JWT tokens are now disconnected when their token expires. \ 
Previously all newly attempted
operations with an expired token would be rejected but a completely passive \ 
connection was not closed.

Enhancements

Connection that provide incorrect credentials now closed with a delay, just like \ 
for several
other protocols supported by RabbitMQ, as a throttling mechanism.

CLI Tools

Bug Fixes

When the Khepri feature flag is not enabled, rabbitmq-diagnostics \ 
metadata_store_status will not try to retrieve
and display its status.

Enhancements

rabbitmq-upgrade await_quorum_plus_one now produces more log messages when the \ 
operation times out.
When Khepri is enabled, it now also treats Khepri as a critical Raft-based \ 
component that may depend on replica quorum
just like queues and streams do.

Management Plugin

Bug Fixes

When no virtual host limits are set, the limits collection was returned as a \ 
JSON array (and not a JSON object)
by GET /api/vhost-limits.

Enhancements

GET /api/queues/quorum/{vhost}/{name}/status is a new endpoint that allows \ 
clients to retrieve several key quorum queue
replica and Raft metrics.

Contributed by @SimonUnge.

Shovel Plugin

Bug Fixes

GET /api/shovels/{vhost}/{name} now correctly returns a single shovel instead of \ 
all shovels in the target
virtual host.

Consistent Hashing Exchange Plugin

Bug Fixes

For an exchange declared with a hash-header, publishing failed with an exception \ 
when the client (usually unintentionally)
did not set that header.

Dependency Changes

Osiris was upgraded to 1.8.3
Cuttlefish was upgraded to 3.4.0
observer_cli was upgraded to 1.7.5

Log message:
rabbitmq: updated to 3.13.6

RabbitMQ 3.13.6

Core Broker

Bug Fixes

Quorum queue validation on startup was too strict and prevented upgrades from \ 
certain older versions from succeeding.
This validation has been reduced from an error to a warning.

Enhancements

Stream replication port range now can be configured via rabbitmq.conf:

stream.replication.port_range.min = 4000
stream.replication.port_range.max = 4600

Dependency Changes

Ra was upgraded to 2.13.5

Log message:
rabbitmq: updated to 3.13.2

RabbitMQ 3.13.2

Core Broker

Bug Fixes

Several Quorum queues WAL and segment file operations are now more resilient to \ 
certain filesystem operation failures.

Classic queues v2 could run into an exception after a node restart.

Peer discovery failed in some IPv6-only environments. This behavior was new in \ 
3.13.x.

rabbitmqctl stop_app is now faster, in particular for nodes that are not under \ 
significant load.

x-death counter was not incremented for messages that expired due to message TTL.
This behavior was new in 3.13.x.

Quorum queue replica removal now more resilient in clusters under close to peak load,
a condition that can trigger timeouts for certain operations involving multiple \ 
nodes.

rabbitmq-server (the shell script) now propagetes the exit code from the runtime \ 
process.

Enhancements

Definition import did not handle a scenario where some virtual hosts did not have
the default queue type metadata key set.

When a virtual host is deleted, several more internal events are emitted: for \ 
example,
the events related to removal of user permissions and runtime parameters associated
with the virtual host.

CLI Tools

Bug Fixes

rabbitmqctl list_unresponsive_queues now supports the (queue) type column.

MQTT Plugin

Bug Fixes

MQTT clients that did not configure a will (message) delay interval could run into
an exception due to an unnecessary permission check on the will target.

Messages published by MQTT clients were missing the timestamp_in_ms (the more \ 
precise header).
This behavior was new in 3.13.x.

Messages published using QoS 0 were unintentionally marked as durable internally.

Management Plugin

Bug Fixes

GET /api/queues/{vhost}/{name} could return duplicate keys for quorum queues.

Several endpoints responded with a 500 instead of a 404 when target virtual host
was non-existent.

OAuth 2 AuthN/AuthZ Plugin

Enhancements

The OpenID Connect RP-Initiated Logout feature is now only used if the identity \ 
provider service
lists it as supported.

Kubernetes Peer Discovery Plugin

Enhancements

More TLS client settings now can be configured:

cluster_formation.k8s.tls.cacertfile = /path/to/kubernetes/api/ca/certificate.pem
cluster_formation.k8s.tls.certfile = /path/to/client/tls/certificate.pem
cluster_formation.k8s.tls.keyfile = /path/to/client/tls/private_key.pem

cluster_formation.k8s.tls.verify = verify_peer
cluster_formation.k8s.tls.fail_if_no_peer_cert = true

JMS Topic Exchange Plugin

Enhancements

The plugin now stores its state on multiple nodes.

Shovel Plugin

Bug Fixes

Shovel metrics and internal state are now deleted when their shovel is, \ 
regardless of what node
it was hosted on and what node was targeted by the deleting (CLI or HTTP API) \ 
operation.

rabbitmqctl list_shovels CLI command now will list shovels running on all \ 
cluster nodes
and not just the target node.

Dependency Changes

ra was updated to 2.10.0

Log message:
rabbitmq: updated to 3.13.1

RabbitMQ 3.13.1

Core Broker

Bug Fixes

Classic queue v2 message store compaction could fail behind under high enough load,
significantly increasing node's disk space footprint.

Improved quorum queue safety in mixed version clusters.

When Khepri was enabled and virtual host recovery failed, subsequent recovery
attempts also failed.

Messages published without any headers set on them did not have a header property
set on them. This change compared to 3.12.x was not intentional.

Free disk space monitor on Windows ran into an exception if external call
to win32sysinfo.exe timed out.

Enhancements

channel_max_per_node is a new per-node limit that allows to put a cap on the number
of AMQP 0-9-1 channels that can be concurrently opened by all clients connected \ 
to a node:

# rabbitmq.conf
channel_max_per_node = 5000
This is a guardrail mean to protect nodes from application-level channel leaks.

Stream Plugin

Bug Fixes

Avoids a Windows-specific stream log corruption that affected some deployments.

When a super stream cannot be created because of a duplicate partition name,
a more informative error message is now used.

CLI Tools

Bug Fixes

rabbitmq-plugins list --formatter=json --silent will no longer emit any warnings
when some of the plugins in the enabled plugins file are missing.

OAuth 2 Plugin

Bug Fixes

Configuring a JWKS URL without specifying a CA certificate resulted
in an exception with Erlang 26's TLS implementation.

Management Plugin

Bug Fixes

Set default sort query parameter value for better compatibility with an external
Prometheus scraper. Note that the built-in Prometheus plugin
is the recommended way of monitoring RabbitMQ using Prometheus-compatible tools.

When a tab (Connections, Queues and Streams, etc) is switched, a table \ 
configuration pane
from the previously selected tab is now hidden.

Enhancements

GET /api/queues/{vhost}/{name} now supports enable_queue_totals as well as \ 
disable_stats.
This combination of query parameters can be used to retrieve message counters while
greatly reducing the number of metrics returned by the endpoints.

Federation Plugin

Enhancements

Exchange federation now can be configured to use a custom queue type for their \ 
internal buffers.

To use a quorum queue, set the queue-type federation policy key to quorum.

rabbitmq_federation_running_link_count is a new metric provided via Prometheus.

Dependency Changes

osiris was updated to 1.8.1
khepri was upgraded to 0.13.0
cowboy was updated to 2.12.0

Log message:
rabbitmq: updated to 3.12.13

RabbitMQ 3.12.13

Core Broker

Bug Fixes

When a channel is closed, its consumer metric samples will now be cleared differently
depending on the number of them. In 9356, it was over optimized for the uncommon \ 
case with
a very large number of consumers per channel, hurting the baseline case with one \ 
or a few consumers
per channel.

In part contributed by @SimonUnge (AWS).

CLI Tools

Enhancement

CLI tool startup time was reduced.

Bug Fixes

JSON output formatter now avoids ANSI escape sequences.

Contributed by @ariel-anieli.

ANSI escape sequences are no longer used on Windows.

Contributed by @ariel-anieli.

Stream Plugin

Bug Fixes

If a stream publisher cannot be set up, a clearer message will be logged.

Management Plugin

Bug Fixes

GET /api/nodes/{name} failed with a 500 when called with a non-existed node name.

Federation Plugin

Bug Fixes

Upstream node shutdown could produce a scary looking exception in the log.

Exchange federation links could run into an exception.

Contributed by @gomoripeti (CloudAMQP).

Dependency Changes

cowboy was updated to 2.11.0

Log message:
rabbitmq: updated to 3.12.12

RabbitMQ 3.12.12

Core Broker

Bug Fixes

Environments with a lot of quorum queues could experience a large Erlang process
build-up. The build-up was temporary but with a sufficiently large number of
quorum queues it could last until the next round of periodic operations,
making it permanent and depriving the node of CPU resources.

RabbitMQ core failed to propagate more authentication and authorization context, \ 
for example,
MQTT client ID in case of MQTT connections, to authN and authZ backends. This \ 
was not intentional.

Nodes now takes more precaution about persisting feature flag state
(specifically the effects of in-flight changes) during node shutdown.

Enhancements

Simplified some type specs.

Contributed by @ariel-anieli.

Stream Plugin

One returned error value did not match the RabbitMQ Stream Protocol specification.

MQTT Plugin

Bug Fixes

Recovering connections from QoS 0 consumers (subscribers) could fail if they \ 
were previously connected to a failed node.

Log message:
rabbitmq: updated to 3.12.9

RabbitMQ 3.12.9

Core Broker

Bug Fixes

When a topic permission was deleted, an internal event of type permission.deleted
was emitted in some cases, instead of topic.permission.deleted.

Shovel Plugin

Bug Fixes

Shovels on 3.12.8 nodes failed during a rolling cluster upgrade due to internal
identifier format changes.

Starting with this release, both old and new formats are supported for upgrade \ 
safety.

Grafana Dashboard

Enhancements

Global counters for producers are now available in the dashboard.

MQTT Plugin

Bug Fixes

Avoids an unnecessary warning in the logs.

CLI Tools

Enhancements

rabbitmq-diagnostics list_policies_that_match [queue name] is a new command
that simplifies troubleshooting of policy conflicts.

Management Plugin

Enhancements

Nodes that have OAuth 2 enabled now redirect the user to the original landing \ 
page (if any)
after successful login with the IDP.

Log message:
rabbitmq: updated to 3.12.8

RabbitMQ 3.12.8

Core Server

Bug Fixes

Avoids a potential exception in the autoheal partition handler.

Contributed by @Ayanda-D.

Enhancements

raft.segment_max_entries is now validated to prevent the value from overflowing \ 
its 16-bit segment file field.
Maximum supported value is now 65535.

Shovel Plugin

Enhancements

Significantly faster Shovel startup in environments where there are many of them \ 
(one thousand or more).

AMQP 1.0 Erlang Client

Enhancements

User-provided credentials are now obfuscated using an one-off key pair generated \ 
on node boot.
This keeps sensitive client state information from being logged by the runtime \ 
exception logger.