Releases: libp2p/go-libp2p
v0.48.0
A relatively minor update. Most changes were related to internal cleanup and getting the transport interop tests running again.
🔦 Highlights
- When listening on
0.0.0.0,BasicHost.AllAddrsreturns all the interface addrs of the machine. In v0.47 we'd unwittingly introduced this change, but on discussion decided to commit to it as returning all the addresses was correct. In the absence of this behaviour, there's no way for a user to get all the addrs the libp2p host is listening on. See #3460 for the discussion about this. #3468 - Fix Deterministic WebTransport Key Generation for Go 1.26 #3320
- Fix mocknet: make stream deadline methods noop instead of returning error
What's Changed
- update go-netroute dependency by @MarcoPolo in #3421
- add backwards compatibility for doctur with legacy behavior by @jpserrat in #3457
- quicreuse: fix incorrect skip in TestReuseListenOnSpecificInterface by @MarcoPolo in #3417
- Update to Go 1.25 by @MarcoPolo in #3462
- refactor: apply go fix modernizers from Go 1.26 by @gammazero in #3463
- webrtc: upgrade pion deps by @sukunrt in #3469
- fix(mocknet): make stream deadline methods noop instead of returning error by @walldiss in #3471
- basichost: advertise all interface addrs for unspecified listen addrs by @sukunrt in #3468
- Bump transport interop Go toolchain by @MarcoPolo in #3477
- ci: remove go-version parameter to default to go.mod version by @MarcoPolo in #3474
- refactor(webtransport): Use keygen package for deterministic ecdsa key by @MarcoPolo in #3320
- CI: Ignore known incompatibility with webtransport versions in interop test by @MarcoPolo in #3478
New Contributors
Full Changelog: v0.47.0...v0.48.0
Contributors
Assets 2
v0.47.0
A relatively small release. The main changes are dependency updates and a couple of bug fixes. #3435 changes autonatv2 reachability logic, which should be a net win for most users.
Breaking Changes
- A WebTransport Client in this version cannot dial older (pre v0.47.0) go-libp2p WebTransport servers. The reverse works. This is partly due to a handshake change in the latest draft RFC for WebTransport. WebTransport remains experimental while the RFC is in draft, but we expect no more breaking changes.
AllAddrs()Actually returns all interface addresses when listening on0.0.0.0. See #3460 for more context. This changes an earlier intentional decision from #911.
What's Changed
- fix(autonatv2): secondary addrs inherit reachability from primary by @lidel in #3435
- Update simnet by @MarcoPolo in #3449
- mod tidy test-plans package by @MarcoPolo in #3450
- fix(basic_host):
stream.Close()blocks indefinitely on unresponsive peers by @lidel in #3448 - fix: handle error from mh.Sum in IDFromPublicKey by @MozirDmitriy in #3437
- update webtransport-go to v0.10.0 and quic-go to v0.59.0 by @marten-seemann in #3452
- rcmgr: expose resource limits to Prometheus by @sneaxhuh in #3433
New Contributors
- @MozirDmitriy made their first contribution in #3437
- @sneaxhuh made their first contribution in #3433
Full Changelog: v0.46.0...v0.47.0
Contributors
Assets 2
v0.46.0
Contributors
Assets 2
v0.45.0
A small release that adjust some noisy logging levels and adds a method for dynamically change the slog Handler for better integration with applications that use go-log.
What's Changed
- fix(websocket): use debug level for operational noise errors by @lidel in #3413
- chore: Update Drips ownedBy address in FUNDING.json by @p-shahi in #3422
- feat(gologshim): Add SetDefaultHandler by @lidel in #3418
Full Changelog: v0.44.0...v0.45.0
Contributors
Assets 2
v0.44.0
Highlights
Address Pipeline:
- Observed Address Manager has been moved out of identify to its own package,
github.com/libp2p/go-libp2p/p2p/host/obsaddrs ⚠️ Identify Service doesn't support theDisableObservedAddrManagerOption. The top level libp2p optionDisableIdentifyAddressDiscoveryworks as it used to.
What's Changed
- fix: clean up associations for closed listeners. by @Prabhat1308 in #3306
- swarm: move AddCertHashes to swarm by @sukunrt in #3330
- refactor(quicreuse): use errors.Join in Close method by @crStiv in #3363
- network: rename NAT Types by @sukunrt in #3331
- feat(metrics): add Reset and TrimIdle methods to reporter interface by @cpeliciari in #3343
- feat(simlibp2p): Simulated libp2p Networks by @MarcoPolo in #3262
- Support Go 1.24 & 1.25 by @MarcoPolo in #3366
- basichost: move observed address manager to basichost by @sukunrt in #3332
- ci: uci/update-go by @web3-bot in #3371
- feat: Migrate to log/slog by @MarcoPolo in #3364
- AI tooling must be disclosed for contributions by @MarcoPolo in #3372
- docs: remove broken link by @MarcoPolo in #3375
- enhancement: include non public relay addresses to be advertised too #3361 #3365 by @shoriwe in #3379
- fix: self-healing NAT mappings with request deduplication by @lidel in #3367
- feat(network): Add ConnAs by @MarcoPolo in #3338
- refactor: replace context.WithCancel with t.Context by @cargoedit in #3383
- chore: add help comment by @MarcoPolo in #3385
- README: remove Drand from notable users section by @marten-seemann in #3388
- docs: Update contribute section by @MarcoPolo in #3387
- fix: assignment to entry in nil map by @dennis-tra in #3395
- Refactor pre core module by @MarcoPolo in #3396
- basichost: move EvtLocalAddrsChanged to addrs_manager by @sukunrt in #3355
- ci: move to github actions runner by @MarcoPolo in #3398
- basichost: fix lint error by @sukunrt in #3400
New Contributors
- @crStiv made their first contribution in #3363
- @shoriwe made their first contribution in #3379
- @cargoedit made their first contribution in #3383
Full Changelog: v0.43.0...v0.44.0
Contributors
Assets 2
v0.43.0
Highlights
This is a small release to allow users to upgrade to the latest quic-go version as the quic-go API was changed heavily in quic-go v0.53
What's Changed
- quic: upgrade quic-go to v0.53 by @sukunrt in #3323
- basichost: fix Addrs docstring by @sukunrt in #3341
- basichost: fix deadlock with addrs_manager by @sukunrt in #3348
- chore: upgrade quic-go to v0.54.0 by @sukunrt in #3351
Full Changelog: v0.42.0...v0.43.0
Contributors
Assets 2
v0.42.1
What's Changed
- addrsmanager: extract out addressing logic from basichost by @sukunrt in #3075
- fix: fix incorrect nil return value by @huochexizhan in #3219
- fix(libp2phttp): bound NewStream timeout by @algorandskiy in #3225
- webrtc: fix memory leak with udpmux.muxedConnection context by @sukunrt in #3243
- connmgr: fix transport association bug by @sukunrt in #3221
- connmgr: remove WithEmergencyTrim by @sukunrt in #3217
- fix: Add wrapped error type in
stream.goby @Prabhat1308 in #3237 - autonatv2: fix server dial data request policy by @sukunrt in #3247
- autonatv2: explicitly handle dns addrs by @sukunrt in #3249
- transport: add GatedMaListener type by @sukunrt in #3186
- chore(examples): p2p-forge/client v0.4.0 by @lidel in #3211
- optimize: using t.TempDir() replace os.MkdirTemp in testfile by @argentpapa in #3222
- peerstore: remove unused badger tests by @sukunrt in #3252
- chore: p2p-forge v0.5.0 by @lidel in #3257
- ci: uci/copy-templates by @web3-bot in #3254
- fix(relay): fix data-race in relayFinder by @b00f in #3258
- identify: reduce timeout to 5 seconds by @sukunrt in #3259
- peerstore: remove leveldb tests by @sukunrt in #3260
- webrtc: support receiving 256kB messages by @sukunrt in #3255
- rcmgr: use netip.Prefix as map key instead of string by @sukunrt in #3264
- chore(certificate): update test vectors by @vladopajic in #3242
- build(test_analysis): use
modernc.org/sqlitedirectly by @levisyin in #3227 - ci: add golangci-lint for linting by @sukunrt in #3269
- fix: Improve NAT port mapping failure logging by @VolodymyrBg in #3261
- Add missing log for failed GC record unmarshalling in
purgeStore()by @vipocenka in #3273 - identify: rate limit id push protocol by @sukunrt in #3266
- quicreuse: add some documentation for the package by @sukunrt in #3279
- eventbus: change slow consumer event from error to warn by @guillaumemichel in #3286
- chore: use tcort/github-action-markdown-link-check by @sukunrt in #3291
- swarm_test: support more transports for GenSwarm by @sukunrt in #3130
- go-clock migration by @guillaumemichel in #3293
- fix: Ensure tcpGatedMaListener wrapping on both metrics and non-metri… by @GarmashAlex in #3275
- ci: uci/copy-templates by @web3-bot in #3282
- Revert "go-clock migration" by @guillaumemichel in #3303
- basichost: use autonatv2 to verify reachability by @sukunrt in #3231
- quic: gate connections before handshake by @sukunrt in #3283
- autonatv2: add Unknown addrs to event by @sukunrt in #3305
- chore: fix errors reported by golangci-lint by @galargh in #3295
- autonatv2: add metrics by @sukunrt in #3308
- mocknet: notify listeners on listen by @sukunrt in #3310
- ci: go-check now support golangci-lint by @galargh in #3309
- chore: update deps by @sukunrt in #3312
- Release v0.42.0 by @sukunrt in #3318
New Contributors
- @huochexizhan made their first contribution in #3219
- @algorandskiy made their first contribution in #3225
- @Prabhat1308 made their first contribution in #3237
- @argentpapa made their first contribution in #3222
- @b00f made their first contribution in #3258
- @vladopajic made their first contribution in #3242
- @levisyin made their first contribution in #3227
- @VolodymyrBg made their first contribution in #3261
- @vipocenka made their first contribution in #3273
- @GarmashAlex made their first contribution in #3275
Full Changelog: v0.41.0...v0.42.1
Contributors
Assets 2
v0.42.0
⚠ Breaking Changes
Added a new method, VerifySourceAddress(net.Addr) bool, to the Resource Manager interface.
For more details see the Source Address Verification section.
For custom implementation which want to opt out of Source Address Verification and keep the existing behavior, return false from the method.
🔦 Highlights
Per Address Reachability via AutoNAT v2
libp2p hosts can now determine reachability for individual addresses using AutoNATV2. To opt in to reachability checking use the EnableAutoNATV2 libp2p option. Using this nodes can now determine their IPv4, IPv6, and browser address reachability separately. In a future release, AutoRelay will use this information and make appropriate relay reservations accordingly. https://pkg.go.dev/github.com/libp2p/go-libp2p#EnableAutoNATv2
To query addresses by their reachability, ConfirmedAddrs() (reachable, unreachable, unknown []ma.Multiaddr) that provides Reachability information per host address. https://pkg.go.dev/github.com/libp2p/go-libp2p/p2p/host/basic#BasicHost.ConfirmedAddrs
For notifications, Subscribe to the event event.EvtHostReachableAddrsChanged https://pkg.go.dev/github.com/libp2p/go-libp2p/core/event#EvtHostReachableAddrsChanged
Rate Limiting
We've introduced the package github.com/libp2p/go-libp2p/x/rate for rate limiting. The struct rate.Limiter provides Global, Network Specific, and Subnet Specific rate limiting. The Subnet specific rate limits allows for better DoS Protection by rate limiting malicious IPs. https://pkg.go.dev/github.com/libp2p/go-libp2p/x/rate
Use Limit(f func(s network.Stream)) func(s network.Stream) on Limiter to limit specific stream handlers. For example, within libp2p, the Identify Service uses this as
ids.Host.SetStreamHandler(IDPush, ids.rateLimiter.Limit(ids.handlePush)) to rate limit the number of times peers can perform identify push.
For non Stream use cases use the Allow(ip) method on the limiter.
Connection Rate Limiting
New connection requests are now rate limited per IP. By default we allow 1 connection every 5 seconds from an IP address with a burst of 16 connections per IP. The burst is high enough that this should only block malicious peers.
To configure the connection rate limits, use the WithConnRateLimiters option on the Resource Manager. https://pkg.go.dev/github.com/libp2p/go-libp2p/p2p/host/resource-manager#WithConnRateLimiters
Source Address Verification for QUIC
This release introduces Source Address Verification for QUIC, preventing DoS attacks by spoofing IP addresses. See: https://www.rfc-editor.org/rfc/rfc9000.html#section-8 for details.
We are now gating incoming QUIC connections before the handshake is started. This further improves DoS protection by not wasting CPU on handshaking QUIC connections which would have been dropped by the Resource Manager.
Other changes
- WebRTC Direct peers can now send messages of up to 256 kB (see spec: libp2p/specs#628)
- Refactored the addressing code within BasicHost and moved it into Address Manager. In a future release, this will be exposed to users with an improved Address API for the libp2p Host.
What's Changed
- addrsmanager: extract out addressing logic from basichost by @sukunrt in #3075
- fix: fix incorrect nil return value by @huochexizhan in #3219
- fix(libp2phttp): bound NewStream timeout by @algorandskiy in #3225
- webrtc: fix memory leak with udpmux.muxedConnection context by @sukunrt in #3243
- connmgr: fix transport association bug by @sukunrt in #3221
- connmgr: remove WithEmergencyTrim by @sukunrt in #3217
- fix: Add wrapped error type in
stream.goby @Prabhat1308 in #3237 - autonatv2: fix server dial data request policy by @sukunrt in #3247
- autonatv2: explicitly handle dns addrs by @sukunrt in #3249
- transport: add GatedMaListener type by @sukunrt in #3186
- chore(examples): p2p-forge/client v0.4.0 by @lidel in #3211
- optimize: using t.TempDir() replace os.MkdirTemp in testfile by @argentpapa in #3222
- peerstore: remove unused badger tests by @sukunrt in #3252
- chore: p2p-forge v0.5.0 by @lidel in #3257
- ci: uci/copy-templates by @web3-bot in #3254
- fix(relay): fix data-race in relayFinder by @b00f in #3258
- identify: reduce timeout to 5 seconds by @sukunrt in #3259
- peerstore: remove leveldb tests by @sukunrt in #3260
- webrtc: support receiving 256kB messages by @sukunrt in #3255
- rcmgr: use netip.Prefix as map key instead of string by @sukunrt in #3264
- chore(certificate): update test vectors by @vladopajic in #3242
- build(test_analysis): use
modernc.org/sqlitedirectly by @levisyin in #3227 - ci: add golangci-lint for linting by @sukunrt in #3269
- fix: Improve NAT port mapping failure logging by @VolodymyrBg in #3261
- Add missing log for failed GC record unmarshalling in
purgeStore()by @vipocenka in #3273 - identify: rate limit id push protocol by @sukunrt in #3266
- quicreuse: add some documentation for the package by @sukunrt in #3279
- eventbus: change slow consumer event from error to warn by @guillaumemichel in #3286
- chore: use tcort/github-action-markdown-link-check by @sukunrt in #3291
- swarm_test: support more transports for GenSwarm by @sukunrt in #3130
- go-clock migration by @guillaumemichel in #3293
- fix: Ensure tcpGatedMaListener wrapping on both metrics and non-metri… by @GarmashAlex in #3275
- ci: uci/copy-templates by @web3-bot in #3282
- Revert "go-clock migration" by @guillaumemichel in #3303
- basichost: use autonatv2 to verify reachability by @sukunrt in #3231
- quic: gate connections before handshake by @sukunrt in #3283
- autonatv2: add Unknown addrs to event by @sukunrt in #3305
- chore: fix errors reported by golangci-lint by @galargh in #3295
- autonatv2: add metrics by @sukunrt in #3308
- mocknet: notify listeners on listen by @sukunrt in #3310
- ci: go-check now support golangci-lint by @galargh in #3309
- chore: update deps by @sukunrt in #3312
New Contributors
- @huochexizhan made their first contribution in #3219
- @algorandskiy made their first contribution in #3225
- @Prabhat1308 made their first contribution in #3237
- @argentpapa made their first contribution in #3222
- @b00f made their first contribution in #3258
- @vladopajic made their first contribution in #3242
- @levisyin made their first contribution in #3227
- @VolodymyrBg made their first contribution in #3261
- @vipocenka made their first contribution in #3273
- @GarmashAlex made their first contribution in #3275
Full Changelog: v0.41.0...v0.42.0
Contributors
Assets 2
v0.41.1
What's Changed
7059eb5 conngater: fix incorrect err return value (#3219)
74c6860 fix(libp2phttp): bound NewStream timeout (#3225)
ccc4849 webrtc: fix memory leak with udpmux.muxedConnection context (#3243)
99a511f connmgr: fix transport association bug (#3221)
eb3ff9f autonatv2: fix server dial data request policy (#3247)
8ce45df Release v0.41.1
Full Changelog: v0.41.0...v0.41.1
v0.41.0
⚠︎ Breaking Changes
- This release updates go-multiaddr to v0.15 which has some breaking changes. This should not affect most users, but reference the go-multiaddr v0.15.0 release notes for breaking changes: https://github.com/multiformats/go-multiaddr/releases/tag/v0.15.0.
🔦 Highlights
Overall this is a fairly minor release focused on supporting the go-multiaddr v0.15.0.
- Update to go-multiaddr v0.15. This is a pretty big release for go-multiaddr that should make it harder to misuse. See the v0.15.0 release notes for breaking changes: https://github.com/multiformats/go-multiaddr/releases/tag/v0.15.0
- Uniform HTTP Peer ID Auth over native HTTP transport and HTTP over libp2p streams. See the http.Host Autthenticated HTTP example in the Go doc for an example of usage.
- Some upnp fixes that should make upnp/nat-pmp more reliable and easier to debug. This fixes an issue with FRITZ!Box routers.
What's Changed
- ci: uci/update-go by @web3-bot in #3195
- autorelay: send addresses on eventbus; dont wrap address factory by @sukunrt in #3071
- basichost: add certhashes to addrs in place by @sukunrt in #3200
- chore: move go-nat to internal package by @MarcoPolo in #3154
- chore: update quic-go to v0.50.0 by @MarcoPolo in #3204
- chore: Update go-multiaddr to v0.15 by @MarcoPolo in #3145
- chore(identify): move log to debug level by @lidel in #3206
- feat(libp2phttp): More ergonomic auth by @MarcoPolo in #3188
- fix(dcutr): Fix end to end tests and add legacy behavior flag (default=true) by @MarcoPolo in #3044
- fix(libp2phttp): Fix relative to absolute multiaddr URI logic (#3208) @MarcoPolo
Full Changelog: v0.40.0...v0.41.0