Changelog
Features
- c851293: feat(blocking): log the matched rule in the block reason (#2091) (@0xERR0R)
- 87be127: feat(cache): Shard the result cache to remove the single-lock read ceiling (#2097) (@0xERR0R)
- 7c6da15: feat(config): structurally merge config folder files (#1827) (#2112) (@0xERR0R)
- e7958e0: feat(lists): opt-in on-disk download cache with conditional revalidation (#2087) (@0xERR0R)
- b82199b: feat(querylog): ignore domains (exact/wildcard/regex) in query log (#2084) (@0xERR0R)
- bee2d8b: feat(resolver): UDP-first plain-DNS upstream and EDNS0 buffer floor (#2100) (@0xERR0R)
- 0b70e5c: feat(resolver): add DNS rebinding protection (#2111) (@0xERR0R)
- 1b8e08a: feat(resolver): pool DoT connections and enable TLS session resumption (#2098) (@0xERR0R)
- 4018d9e: feat: in-memory statistics subsystem with /api/stats REST endpoint (#2093) (@0xERR0R)
- 7abca44: feat: support PROXY protocol on proxied DoT/DoH listeners (#2094) (@kastakhov)
Bug fixes
- 2496d12: fix(dnssec): close DNSSEC validation bypass & cache-scope pollution (GHSA-x845-2f78-7v36) (#2119) (@0xERR0R)
- 06555e0: fix(metrics): bound reason label cardinality for blocked responses (#2114) (@0xERR0R)
- e0ea9b3: fix(resolver): eliminate recursive RLock deadlock in blocking group resolution (#2106) (@0xERR0R)
- 80f742e: fix(server): answer browser CORS preflights for custom headers and Private Network Access (#2109) (@0xERR0R)
- 9702c8f: fix(stats): populate allow/denylist counts in /api/stats at startup (#2113) (@0xERR0R)
Build and dependencies
- 821e378: build(deps): bump codecov/codecov-action from 6 to 7 (#2089) (@dependabot[bot])
- d63f84b: build(deps): bump github.com/0xERR0R/expiration-cache from 0.1.0 to 0.2.0 (#2095) (@dependabot[bot])
- 81f2b2a: build(deps): bump github.com/onsi/ginkgo/v2 from 2.29.0 to 2.30.0 (#2108) (@dependabot[bot])
- 9c5abdf: build(deps): bump github.com/onsi/ginkgo/v2 from 2.30.0 to 2.31.0 (#2116) (@dependabot[bot])
- 6c0ec5f: build(deps): bump github.com/onsi/gomega from 1.41.0 to 1.42.0 (#2115) (@dependabot[bot])
- 4beb9fe: build(deps): bump github.com/quic-go/quic-go from 0.59.1 to 0.60.0 (#2090) (@dependabot[bot])
- 8fe2202: build(deps): bump golang.org/x/net from 0.55.0 to 0.56.0 (#2101) (@dependabot[bot])
- 52fa6a4: build(deps): bump golang.org/x/sys from 0.45.0 to 0.46.0 (#2096) (@dependabot[bot])
Misc
- 1c9f717: ci(e2e): speed up e2e job via Ginkgo proc oversubscription (#2085) (@0xERR0R)
- 8d49922: ci: cross-compile multi-arch docker image instead of QEMU emulation (#2081) (@0xERR0R)
- 355a9a1: docs(grafana): redesign Grafana dashboard and update integration guide (#2110) (@0xERR0R)
- c791e80: perf(e2e): probe blocky healthcheck at 250ms during start period (#2086) (@0xERR0R)
- a0fb375: perf(lists): speed up blocklist loading (cache build + parsing) (#2083) (@0xERR0R)
- 316b073: perf(resolver): pre-classify client groups to cut per-query allocations (#2103) (@0xERR0R)
- d502806: perf(server): let Truncate decide response compression (#2102) (@0xERR0R)
- 8b32512: test(e2e): de-flake PROXY protocol and upstream init.strategy specs (#2099) (@0xERR0R)
❤️ Support Blocky
Blocky is free and open source, developed in my spare time — no telemetry, no ads, no hidden
filtering. If it's useful to you, please consider supporting its continued development:
GitHub Sponsors ·
thanks.dev ·
Liberapay ·
Ko-fi ·
PayPal
Thank you to everyone supporting Blocky! 🙏
Contributors
kastakhov, 0xERR0R, and dependabot