Skip to content
@ajnavarro ajnavarro
v0.15.0
This tag was signed with the committer’s verified signature.
ajnavarro Antonio Navarro Perez
GPG key ID: AEB5762B5AF20FDA
Learn about vigilant mode.
3ae52a4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.15.0

Latest
Latest

🗣 Discuss

If you have comments, questions, or feedback on this release, please post here.

If you experienced any bugs with the release, please post an issue.

🔦 Highlights

This is a release mainly with bugfixing and library updates.
We are improving release speed and cadence trying to have a new release every 5 weeks.

#️⃣ Blake 3 support

You can now use blake3 as a valid hash function:

  • ipfs block put --mhtype=blake3
  • ipfs add --hash=blake3
    It uses a 32 bytes default size.
    And verify up to 128 bytes.
    Because blake3 is variable output hash function, you can use a different digest length, set mhlen: ipfs block put --mhtype=blake3 --mhlen=64, ipfs add doesn't have this option yet.

💉 Fx Options plugin

This adds a plugin interface that lets the plugin modify the fx options that are passed to fx when the app is initialized.
This means plugins can inject their own implementations of Kubo interfaces.
This enables granular customization of Kubo behavior by plugins, such as:

  • Bitswap with custom filters (e.g. for CID blocking)
  • Custom interface implementations such as Pinner or DAGService
  • Dynamic configuration of libp2p ...

Here's an example plugin that overrides the default Pinner with a custom one:

func (p *PinnerPlugin) Options(info core.FXNodeInfo) ([]fx.Option, error) {
	pinner := mypinner.New()    
	return append(info.FXOptions, fx.Replace(fx.Annotate(pinner, fx.As(new(pin.Pinner))))), nil
}

Extra plugin info here.

📁 $IPFS_PATH/gateway file

This adds a new file in the IPFS_PATH folder similar to $IPFS_PATH/api containing an address based on Addresses.Gateway configuration.

This file is in URL (RFC1738) format.

$ cat ~/.ipfs/gateway
http://127.0.0.1:8080

Changelog

Full Changelog

Contributors

Contributor Commits Lines ± Files Changed
Marten Seemann 129 +5612/-9895 345
Marco Munizaga 109 +7689/-3221 181
vyzo 64 +3972/-657 125
Jorropo 19 +1977/-1611 109
Steven Allen 30 +633/-593 54
Jeromy Johnson 5 +1032/-64 16
Marcin Rataj 21 +406/-200 59
Michael Muré 6 +335/-250 14
Gus Eggert 8 +336/-104 31
Claudia Richoux 3 +181/-63 9
Steve Loeppky 11 +95/-141 11
Ian Davis 4 +126/-58 6
hareku 3 +172/-6 7
Ivan Trubach 1 +98/-74 6
Raúl Kripalani 2 +69/-62 9
Seungbae Yu 1 +41/-41 13
Julien Muret 1 +60/-7 2
Mark Gaiser 1 +64/-0 5
Lars Gierth 1 +20/-29 4
Cole Brown 4 +27/-19 4
Chao Fei 2 +15/-30 9
Nuno Diegues 2 +25/-18 9
Jakub Sztandera 1 +37/-0 3
Wiktor Jurkiewicz 1 +13/-5 1
c r 1 +11/-6 3
Christian Stewart 1 +15/-2 4
Matt Robenolt 1 +15/-1 2
aarshkshah1992 2 +8/-2 2
link2xt 1 +4/-4 1
Aaron Riekenberg 1 +4/-4 4
web3-bot 3 +7/-0 3
Adrian Lanzafame 1 +3/-3 1
Dmitriy Ryajov 2 +2/-3 2
Brendan O'Brien 1 +5/-0 1
millken 1 +1/-1 1
lostystyg 1 +1/-1 1
kpcyrd 1 +1/-1 1
anders 1 +1/-1 1
Rod Vagg 1 +1/-1 1
Matt Joiner 1 +1/-1 1
Leo Balduf 1 +1/-1 1
Didrik Nordström 1 +2/-0 1
Daniel Norman 1 +1/-1 1
Antonio Navarro Perez 1 +1/-1 1
Adin Schmahmann 1 +1/-1 1
Lucas Molas 1 +1/-0 1

Assets

47
@ajnavarro ajnavarro
v0.15.0-rc1
This tag was signed with the committer’s verified signature.
ajnavarro Antonio Navarro Perez
GPG key ID: AEB5762B5AF20FDA
Learn about vigilant mode.
d577980
Compare
Choose a tag to compare

v0.15.0-rc1

Pre-release
Pre-release

See the related issue: #9152

The draft changelog is in TODO.

Assets

47
@Jorropo Jorropo
v0.14.0
This tag was signed with the committer’s verified signature.
Jorropo
GPG key ID: C5B8248338D8A171
Learn about vigilant mode.
e0fabd6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.14.0

Kubo v0.14 release

Overview

Below is an outline of all that is in this release, so you get a sense of all that's included.

🛠 BREAKING CHANGES

Removed mdns_legacy implementation

The modern DNS-SD compatible zeroconf implementation
(based on this specification)
has been running next to the mdns_legacy for a while (since v0.11). During
this transitional period Kubo nodes were sending twice as many LAN packets,
which ends with this release: we've removed the legacy implementation.

🔦 Highlights

🛣️ Delegated Routing

Content routing is the a term used to describe the problem of finding providers for a given piece of content.
If you have a hash, or CID of some data, how do you find who has it?
In IPFS, until now, only a DHT was used as a decentralized answer to content routing.
Now, content routing can be handled by clients implementing the Reframe protocol.

Example configuration usage using the Filecoin Network Indexer:

ipfs config Routing.Routers.CidContact --json '{
  "Type": "reframe",
  "Parameters": {
    "Endpoint": "https://cid.contact/reframe"
  }
}'

👥 Rename to Kubo

We've renamed Go-IPFS to Kubo (details).

Published artifacts use kubo now, and are available at:

To minimize the impact on infrastructure that autoupdates on a new release,
the same binaries are still published under the old name at:

The libp2p identify useragent of Kubo has also been changed from go-ipfs to kubo.

🎒 ipfs repo migrate

This new command allows the you to run the repo migration without starting the daemon.

See ipfs repo migrate --help for more info.

🚀 Emoji support in Multibase

Kubo now supports base256emoji encoding in all Multibase contexts. Use it for testing Unicode support, as visual aid while explaining Multiformats, or just for fun:

$ echo -n "test" | ipfs multibase encode -b base256emoji -
🚀😈✋🌈😈

$ echo -n "🚀😈✋🌈😈" | ipfs multibase decode -
test

$ ipfs cid format -v 1 -b base256emoji bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi
🚀🪐⭐💻😅❓💎🌈🌸🌚💰💍🌒😵🐶💁🤐🌎👼🙃🙅☺🌚😞🤤⭐🚀😃✈🌕😚🍻💜🐷⚽✌😊

/ipfs/🚀🪐⭐💻😅❓💎🌈🌸🌚💰💍🌒😵🐶💁🤐🌎👼🙃🙅☺🌚😞🤤⭐🚀😃✈🌕😚🍻💜🐷⚽✌😊

Changelog

Full Changelog

Contributors

Contributor Commits Lines ± Files Changed
Marten Seemann 376 +11584/-15055 894
Jorropo 18 +11649/-11249 81
noot 43 +5974/-3332 170
Steven Allen 173 +5206/-3124 282
Yusef Napora 49 +1911/-3606 124
Juan Batiz-Benet 14 +3933/-53 48
Jeromy 84 +2140/-1328 240
vyzo 51 +2057/-1126 79
Raúl Kripalani 39 +1993/-867 103
Jeromy Johnson 52 +1700/-1081 233
Antonio Navarro Perez 4 +1874/-729 34
Aarsh Shah 24 +1428/-504 54
Marcin Rataj 19 +1051/-855 251
Alex Browne 25 +1207/-582 49
Jakub Sztandera 29 +898/-335 63
Friedel Ziegelmayer 11 +491/-284 18
Will Scott 6 +240/-319 17
Marco Munizaga 11 +377/-141 17
Hlib 8 +269/-135 15
Gus Eggert 5 +325/-63 19
lnykww 1 +275/-50 4
Łukasz Magiera 3 +196/-58 7
Matt Joiner 14 +79/-55 17
Eric Myhre 4 +122/-6 5
Andrew Gillis 1 +111/-6 4
Fazlul Shahriar 2 +84/-31 5
tg 1 +70/-15 2
Cory Schwartz 4 +50/-28 11
Lars Gierth 3 +33/-26 3
Cole Brown 2 +37/-16 9
web3-bot 7 +38/-11 18
Alvin Reyes 1 +34/-14 1
Hector Sanjuan 4 +34/-8 5
Guilhem Fanton 2 +28/-10 6
Brian Meek 1 +14/-17 4
Hlib Kanunnikov 1 +25/-3 1
Adin Schmahmann 5 +15/-13 5
Henrique Dias 1 +24/-2 4
Dennis Trautwein 1 +20/-4 2
galargh 2 +18/-2 2
M. Hawn 3 +10/-10 7
Can ZHANG 1 +12/-3 1
Masih H. Derkani 1 +4/-10 2
gammazero 1 +6/-6 2
Ikko Ashimine 1 +6/-6 2
Daniel N 2 +6/-5 2
watjurk 1 +8/-2 1
John Steidley 2 +4/-4 3
Aaron Bieber 1 +6/-2 1
Kishan Mohanbhai Sagathiya 1 +6/-1 1
siiky 3 +3/-3 3
Lucas Molas 1 +5/-1 1
Kevin Atkinson 1 +3/-3 1
Aayush Rajasekaran 1 +5/-1 1
T Mo 1 +2/-2 1
Piotr Galar 1 +2/-2 1
Arber Avdullahu 1 +2/-2 1
Russell Dempsey 1 +2/-1 1
anders 1 +1/-1 1
RubenKelevra 1 +1/-1 1
Jonathan Rudenberg 1 +1/-1 1
Ettore Di Giacinto 1 +2/-0 1
Daniel Norman 1 +1/-1 1
Chawye Hsu 1 +1/-1 1
Aliabbas Merchant 1 +1/-1 1
can 1 +1/-0 1
Ed Mazurek 1 +0/-0 1

Assets

47
@Jorropo Jorropo
v0.14.0-rc1
This tag was signed with the committer’s verified signature.
Jorropo
GPG key ID: C5B8248338D8A171
Learn about vigilant mode.
10c3cc1
Compare
Choose a tag to compare

v0.14.0-rc1

Pre-release
Pre-release

See the related issue: #9032

Or the draft changelog: docs/changelogs/v0.14.md

Assets

44
@Jorropo Jorropo
v0.13.1
This tag was signed with the committer’s verified signature.
Jorropo
GPG key ID: C5B8248338D8A171
Learn about vigilant mode.
8ffc7a8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.13.1

go-ipfs v0.13.1 Release

This release includes security fixes for various DOS vectors when importing untrusted user input with ipfs dag import
and the v0/dag/import endpoint.

View the linked security advisory for more information.

Changelog

Full Changelog
  • github.com/ipfs/go-ipfs:
    • chore: update car
  • github.com/ipld/go-car (v0.3.2 -> v0.4.0) & (v2.1.1 -> v2.4.0):
    • Bump version in prep for releasing go-car v0
    • Revert changes to insertionindex
    • Revert changes to index.Index while keeping most of security fixes
    • Return error when section length is invalid varint
    • Drop repeated package name from CarStats
    • Benchmark Reader.Inspect with and without hash validation
    • Use consistent CID mismatch error in Inspect and BlockReader.Next
    • Use streaming APIs to verify the hash of blocks in CAR Inspect
    • test: add fuzzing for reader#Inspect
    • feat: add block hash validation to Inspect()
    • feat: add Reader#Inspect() function to check basic validity of a CAR and return stats
    • Remove support for ForEach enumeration from car-index-sorted
    • Use a fix code as the multihash code for CarIndexSorted
    • Fix testutil assertion logic and update index generation tests
    • fix: tighter constraint of singleWidthIndex width, add index recommentation docs
    • fix: explicitly disable serialization of insertionindex
    • feat: MaxAllowed{Header,Section}Size option
    • feat: MaxAllowedSectionSize default to 32M
    • fix: use CidFromReader() which has overread and OOM protection
    • fix: staticcheck catches
    • fix: revert to internalio.NewOffsetReadSeeker in Reader#IndexReader
    • fix index comparisons
    • feat: Refactor indexes to put storage considerations on consumers
    • test: v2 add fuzzing of the index
    • fix: v2 don't divide by zero in width indexes
    • fix: v2 don't allocate indexes too big
    • test: v2 add fuzzing to Reader
    • fix: v2 don't accept overflowing offsets while reading v2 headers
    • test: v2 add fuzzing to BlockReader
    • fix: v2 don't OOM if the header size is too big
    • test: add fuzzing of NewCarReader
    • fix: do bound check while checking for CIDv0
    • fix: don't OOM if the header size is too big
    • Add API to regenerate index from CARv1 or CARv2
    • PrototypeChooser support (#305) (ipld/go-car#305)
    • bump to newer blockstore err not found (#301) (ipld/go-car#301)
    • Car command supports for largebytes nodes (#296) (ipld/go-car#296)
    • fix(test): rootless fixture should have no roots, not null roots
    • Allow extracton of a raw unixfs file (#284) (ipld/go-car#284)
    • cmd/car: use a better install command in the README
    • feat: --version selector for car create & update deps
    • feat: add option to create blockstore that writes a plain CARv1 (#288) (ipld/go-car#288)
    • add car detach-index list to list detached index contents (#287) (ipld/go-car#287)
    • add car root command (#283) (ipld/go-car#283)
    • make specification of root cid in get-dag command optional (#281) (ipld/go-car#281)
    • Update version.json after manual tag push
    • Update v2 to context datastores (#275) (ipld/go-car#275)
    • update context datastore (ipld/go-car#273)
    • Traversal-based car creation (#269) (ipld/go-car#269)
    • Seek to start before index generation in ReadOnly blockstore
    • support extraction of unixfs content stored in car files (#263) (ipld/go-car#263)
    • Add a barebones readme to the car CLI (#262) (ipld/go-car#262)
    • sync: update CI config files (#261) (ipld/go-car#261)
    • fix!: use -version=n instead of -v1 for index command
    • feat: fix get-dag and add version=1 option
    • creation of car from file / directory (#246) (ipld/go-car#246)
    • forEach iterates over index in stable order (#258) (ipld/go-car#258)
  • github.com/multiformats/go-multicodec (v0.4.1 -> v0.5.0):
    • Bump version to 0.5.0
    • Bump version to 0.4.2
    • deps: update stringer version in go generate command
    • docs(readme): improved usage examples (#66) (multiformats/go-multicodec#66)

Contributors

Contributor Commits Lines ± Files Changed
Masih H. Derkani 27 +1494/-1446 100
Rod Vagg 31 +2021/-606 105
Will 19 +1898/-151 69
Jorropo 27 +1638/-248 76
Aayush Rajasekaran 1 +130/-100 10
whyrusleeping 1 +24/-22 4
Marcin Rataj 1 +27/-1 1

Assets

47
@guseggert guseggert
v0.13.0
This tag was signed with the committer’s verified signature.
guseggert Gus Eggert
GPG key ID: 08403467A64C485E
Learn about vigilant mode.
c9d51bb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.13.0

go-ipfs v0.13.0 Release

We're happy to announce go-ipfs 0.13.0, packed full of changes and improvements!

As usual, this release includes important fixes, some of which may be critical for security. Unless the fix addresses a bug being exploited in the wild, the fix will not be called out in the release notes. Please make sure to update ASAP. See our release process for details.

Overview

Below is an outline of all that is in this release, so you get a sense of all that's included.

🛠 BREAKING CHANGES

ipfs block put command

ipfs block put command returns a CIDv1 with raw codec by default now.

  • ipfs block put --cid-codec makes block put return CID with alternative codec
    • This impacts only the returned CID; it does not trigger any validation or data transformation.
    • Retrieving a block with a different codec or CID version than it was put with is valid.
    • Codec names are validated against tables from go-multicodec library.
  • ipfs block put --format is deprecated. It used incorrect codec names and should be avoided for new deployments. Use it only if you need the old, invalid behavior, namely:
    • ipfs block put --format=v0 will produce CIDv0 (implicit dag-pb)
    • ipfs block put --format=cbor will produce CIDv1 with dag-cbor (!)
    • ipfs block put --format=protobuf will produce CIDv1 with dag-pb (!)

ipfs cid codecs command

  • Now lists codecs from go-multicodec library.
  • ipfs cid codecs --supported can be passed to only show codecs supported in various go-ipfs commands.

ipfs cid format command

  • --codec was removed and replaced with --mc to ensure existing users are aware of the following changes:
    • --mc protobuf now correctly points to code 0x50 (was 0x70, which is dab-pg)
    • --mc cbor now correctly points to code 0x51 (was 0x71, which is dag-cbor)

Swarm configuration

  • Daemon will refuse to start if long-deprecated RelayV1 config key Swarm.EnableAutoRelay or Swarm.DisableRelay is set to true.
  • If Swarm.Transports.Network.Relay is disabled, then Swarm.RelayService and Swarm.RelayClient are also disabled (unless they have been explicitly enabled).

Circuit Relay V1 is deprecated

  • By default, Swarm.RelayClient does not use Circuit Relay V1. Circuit V1 support is only enabled when Swarm.RelayClient.StaticRelays are specified.

ls requests for /multistream/1.0.0 are removed

  • go-libp2p 0.19 removed support for undocumented ls command (PR). If you are still using it for internal testing, it is time to refactor (example)

Gateway Behavior

Directory listings returned by the HTTP Gateway won't have size column if the directory is bigger than Gateway.FastDirIndexThreshold config (default is 100).

To understand the wider context why we made these changes, read Highlights below.

🔦 Highlights

🧑‍💼 libp2p Network Resource Manager (Swarm.ResourceMgr)

You can now easily bound how much resource usage libp2p consumes! This aids in protecting nodes from consuming more resources then are available to them.

The libp2p Network Resource Manager is disabled by default, but can be enabled via:

ipfs config --json Swarm.ResourceMgr.Enabled true

When enabled, it applies some safe defaults that can be inspected and adjusted with:

  • ipfs swarm stats --help
  • ipfs swarm limit --help

User changes persist to config at Swarm.ResourceMgr.

The Resource Manager will be enabled by default in a future release.

🔃 Relay V2 client with auto discovery (Swarm.RelayClient)

All the pieces are enabled for hole-punching by default, improving connecting with nodes behind NATs and Firewalls!

This release enables Swarm.RelayClient by default, along with circuit v2 relay discovery provided by go-libp2p v0.19.0. This means:

  1. go-ipfs will coordinate with the counterparty using a relayed connection, to upgrade to a direct connection through a NAT/firewall whenever possible.
  2. go-ipfs daemon will automatically use public relays if it detects that it cannot be reached from the public internet (e.g., it's behind a firewall). This results in a /p2p-circuit address from a public relay.

Notes:

🌉 HTTP Gateway improvements

HTTP Gateway enables seamless interop with the existing Web, clients, user agents, tools, frameworks and libraries.

This release ships the first batch of improvements that enable creation of faster and smarter CDNs, and unblocks creation of light clients for Mobile and IoT.

Details below.

🍱 Support for Block and CAR response formats

Alternative response formats from Gateway can be requested to avoid needing to trust a gateway.

For now, {format} is limited to two options:

  • raw – fetching single block
  • car – fetching entire DAG behind a CID as a CARv1 stream

When not set, the default UnixFS response is returned.

Why these two formats? Requesting Block or CAR for /ipfs/{cid} allows a client to use gateways in a trustless fashion. These types of gateway responses can be verified locally and rejected if digest inside of requested CID does not match received bytes. This enables creation of "light IPFS clients" which use HTTP Gateways as inexpensive transport for content-addressed data, unlocking use in Mobile and IoT contexts.

Future releases will add support for dag-json and dag-cbor responses.

There are two ways for requesting CID specific response format:

  1. HTTP header: Accept: application/vnd.ipld.{format}
  1. URL paramerer: ?format=
  • Useful for creating "Download CAR" links.

Usage examples:

  1. Downloading a single raw Block and manually importing it to the local datastore:
$ curl  -H 'Accept: application/vnd.ipld.raw' "http://127.0.0.1:8080/ipfs/QmZULkCELmmk5XNfCgTnCyFgAVxBRBXyDHGGMVoLFLiXEN" --output block.bin
$ cat block.bin | ipfs block put 
$ ipfs cat QmZULkCELmmk5XNfCgTnCyFgAVxBRBXyDHGGMVoLFLiXEN
hello
  1. Downloading entire DAG as a CAR file and importing it:
$ ipfs resolve -r  /ipns/webui.ipfs.io
/ipfs/bafybeiednzu62vskme5wpoj4bjjikeg3xovfpp4t7vxk5ty2jxdi4mv4bu
$ curl  -H 'Accept: application/vnd.ipld.car' "http://127.0.0.1:8080/ipfs/bafybeiednzu62vskme5wpoj4bjjikeg3xovfpp4t7vxk5ty2jxdi4mv4bu" --output webui.car
$ ipfs dag import webui.car
$ ipfs dag stat bafybeiednzu62vskme5wpoj4bjjikeg3xovfpp4t7vxk5ty2jxdi4mv4bu --offline
Size: 27684934, NumBlocks: 394

See also:

🐎 Fast listing generation for huge directories

Added Gateway.FastDirIndexThreshold configuration, which allows for fast listings of big directories, without the linear slowdown caused by reading size metadata from child nodes.

As an example, the CID bafybeiggvykl7skb2ndlmacg2k5modvudocffxjesexlod2pfvg5yhwrqm represents UnixFS directory with over 10k (10100) of files.

Opening it with go-ipfs 0.12 would require fetching size information of each file, which would take a long long time, most likely causing timeout in the browser or CDN, and introducing unnecessary burden on the gateway node.

go-ipfs 0.13 opens it instantly, because the number of items is bigger than the default Gateway.FastDirIndexThreshold and only the root UnixFS node needs to be resolved before the HTML Dir Index is returned to the user.

Notes:

  • The default threshold is 100 items.
  • Setting to 0 will enable fast listings for all directories.
  • CLI users will note that this is equivalent to running ipfs ls -s --size=false --resolve-type=false /ipfs/bafybeiggvykl7skb2ndlmacg2k5modvudocffxjesexlod2pfvg5yhwrqm. Now the same speed is available on the gateways.

🎫 Improved Etag and If-None-Match for bandwidth savings

Every response type has an unique Etag which can be used by the client or CDN to save bandwidth, as a gateway does not need to resend a full response if the content was not changed.

Gateway evaluates Etags sent by a client in If-None-Match and returns status code 304 (Not Modified) on strong or weak match (RFC 7232, 2.3).

⛓️ Added X-Ipfs-Roots for smarter HTTP caches

X-Ipfs-Roots is now returned with every Gateway response. It is a way to indicate all CIDs required for resolving path segments from X-Ipfs-Path. Together, these two headers are meant to improve interop with existing HTTP software (load-balancers, caches, CDNs).

This additional information allows HTTP caches and CDNs to make better decisions around cache invalidation: not just invalidate everything under specific IPNS website when the root changes, but do more fine-grained cache invalidation by detecting when only a specific subdirectory (branch of a DAG) changes.

🌡️ Added metrics per response type

New metrics can be found at /debug/metrics/prometheus on the RPC API port (127.0.0.1:5001 is the default):

  • gw_first_content_block_get_latency_seconds – the time until the first content block is received on GET from the gateway (no matter the content or response types)
  • gw_unixfs_file_get_duration_seconds – the time to serve an entire UnixFS file from the gateway
  • gw_unixfs_gen_dir_listing_get_duration_seconds – the time to serve a generated UnixFS HTML directory listing from the gateway
  • gw_car_stream_get_duration_seconds – the time to GET an entire CAR stream from the gateway
  • gw_raw_block_get_duration_seconds – The time to GET an entire raw Block from the gateway

🕵️ OpenTelemetry tracing

Opt-in tracing support with many spans for tracing the duration of specific tasks performed by go-ipfs.

See Tracing for details.

We will continue to add tracing instrumentation throughout IPFS subcomponents over time.

How to use Jaeger UI for visual tracing?

One can use the jaegertracing/all-in-one Docker image to run a full Jaeger stack and configure go-ipfs to publish traces to it (here, in an ephemeral container):

$ docker run --rm -it --name jaeger \
    -e COLLECTOR_ZIPKIN_HOST_PORT=:9411 \
    -p 5775:5775/udp \
    -p 6831:6831/udp \
    -p 6832:6832/udp \
    -p 5778:5778 \
    -p 16686:16686 \
    -p 14268:14268 \
    -p 14250:14250 \
    -p 9411:9411 \
    jaegertracing/all-in-one

Then, in other terminal, start go-ipfs with Jaeger tracing enabled:

$ OTEL_TRACES_EXPORTER=jaeger ipfs daemon

Finally, the Jaeger UI is available at http://localhost:16686

Below are examples of visual tracing for Gateway requests. (Note: this a preview how useful this insight is. Details may look different now, as we are constantly improving tracing annotations across the go-ipfs codebase.)

CAR Block File Directory
2022-04-01_01-46 block_2022-04-01_01-47 2022-04-01_01-49 dir_2022-04-01_01-48

🩺 Built-in ipfs diag profile to ease debugging

The diag profile command has been expanded to include all information that was previously included in the collect-profiles.sh script, and the script has been removed. Profiles are now collected in parallel, so that profile collection is much faster. Specific profiles can also be selected for targeted debugging.

See ipfs diag profile --help for more details.

For general debugging information, see the debug guide.

🔑 Support for PEM/PKCS8 for key import/export

It is now possible to import or export private keys wrapped in interoperable PEM PKCS8 by passing --format=pem-pkcs8-cleartext to ipfs key import and export commands.

This improved interop allows for key generation outside of the IPFS node:

$ openssl genpkey -algorithm ED25519 > ed25519.pem
$ ipfs key import test-openssl -f pem-pkcs8-cleartext ed25519.pem

Or using external tools like the standard openssl to get a PEM file with the public key:

  $ ipfs key export testkey --format=pem-pkcs8-cleartext -o privkey.pem
  $ openssl pkey -in privkey.pem -pubout > pubkey.pem

🧹 Using standard IPLD codec names across the CLI/HTTP API

This release makes necessary (breaking) changes in effort to use canonical codec names from multicodec/table.csv. We also switched to CIDv1 in block put. The breaking changes are discussed above.

🐳 Custom initialization for Docker

Docker images published at https://hub.docker.com/r/ipfs/go-ipfs/ now support custom initialization by mounting scripts in the /container-init.d directory in the container. Scripts can set custom configuration using ipfs config, or otherwise customize the container before the daemon is started.

Scripts are executed sequentially and in lexicographic order, before the IPFS daemon is started and after ipfs init is run and the swarm keys are copied (if the IPFS repo needs initialization).

For more information, see:

RPC API docs for experimental and deprecated commands

https://docs.ipfs.io/reference/http/api/ now includes separate sections for experimental and deprecated commands.

We also display a warning in the command line:

$ ipfs name pubsub state --help
WARNING:   EXPERIMENTAL, command may change in future releases

Yamux over Mplex

The more fully featured yamux stream multiplexer is now prioritized over mplex for outgoing connections.

Changelog

Full Changelog

Contributors

Contributor Commits Lines ± Files Changed
Marten Seemann 347 +14453/-12552 842
Rod Vagg 28 +8848/-4033 214
vyzo 133 +7959/-1783 231
hannahhoward 40 +3761/-1652 175
Will Scott 39 +2885/-1784 93
Daniel Martí 32 +3043/-969 103
Adin Schmahmann 48 +3439/-536 121
Gus Eggert 29 +2644/-788 123
Steven Allen 87 +2417/-840 135
Marcin Rataj 29 +2312/-942 75
Will 11 +2520/-62 56
Lucas Molas 28 +1602/-578 90
Raúl Kripalani 18 +1519/-271 38
Brian Tiger Chow 20 +833/-379 40
Masih H. Derkani 5 +514/-460 8
Jeromy Johnson 53 +646/-302 83
Łukasz Magiera 26 +592/-245 43
Artem Mikheev 2 +616/-120 5
Franky W 2 +49/-525 9
Laurent Senta 3 +468/-82 52
Hector Sanjuan 32 +253/-187 62
Juan Batiz-Benet 8 +285/-80 18
Justin Johnson 2 +181/-88 2
Thibault Meunier 5 +216/-28 8
James Wetter 2 +234/-1 2
web3-bot 36 +158/-66 62
gammazero 7 +140/-84 12
Rachel Chen 2 +165/-57 17
Jorropo 18 +108/-99 26
Toby 2 +107/-86 11
Antonio Navarro Perez 4 +82/-103 9
Dominic Della Valle 4 +148/-33 6
Ian Davis 2 +152/-28 6
Kyle Huntsman 2 +172/-6 5
huoju 4 +127/-41 6
Jeromy 19 +71/-58 31
Lars Gierth 12 +63/-54 20
Eric Myhre 3 +95/-15 8
Caian Benedicto 1 +69/-12 6
Raúl Kripalani 2 +63/-13 2
Anton Petrov 1 +73/-0 1
hunjixin 2 +67/-2 5
odanado 1 +61/-0 1
Andrew Gillis 2 +61/-0 3
Kevin Atkinson 6 +21/-34 7
Richard Ramos 1 +51/-0 2
Manuel Alonso 1 +42/-9 2
Jakub Sztandera 10 +37/-13 13
Aarsh Shah 1 +39/-5 2
Dave Justice 1 +32/-4 2
Tommi Virtanen 3 +23/-9 4
tarekbadr 1 +30/-1 1
whyrusleeping 1 +26/-4 3
Petar Maymounkov 2 +30/-0 4
rht 3 +17/-10 4
Miguel Mota 1 +23/-0 1
Manfred Touron 1 +21/-2 2
watjurk 1 +17/-5 1
SukkaW 1 +11/-11 5
Nicholas Bollweg 1 +21/-0 1
Ho-Sheng Hsiao 2 +11/-10 6
chblodg 1 +18/-2 1
Friedel Ziegelmayer 2 +18/-0 2
Shu Shen 2 +15/-2 3
Peter Rabbitson 1 +15/-2 1
galargh 2 +15/-0 2
ᴍᴀᴛᴛ ʙᴇʟʟ 3 +13/-1 4
aarshkshah1992 3 +12/-2 3
RubenKelevra 4 +5/-8 5
Feiran Yang 1 +11/-0 2
zramsay 2 +0/-10 2
Teran McKinney 1 +8/-2 1
Richard Littauer 2 +5/-5 5
Elijah 1 +10/-0 1
Dimitris Apostolou 2 +5/-5 5
Michael Avila 3 +8/-1 4
siiky 3 +4/-4 3
Somajit 1 +4/-4 1
Sherod Taylor 1 +0/-8 2
Eclésio Junior 1 +8/-0 1
godcong 3 +4/-3 3
Piotr Galar 3 +3/-4 3
jwh 1 +6/-0 2
dependabot[bot] 1 +3/-3 1
Volker Mische 1 +4/-2 1
Aayush Rajasekaran 1 +3/-3 1
rene 2 +3/-2 2
keks 1 +5/-0 1
Hlib 1 +4/-1 2
Arash Payan 1 +5/-0 1
Wayback Archiver 1 +2/-2 1
T Mo 1 +2/-2 1
Ju Huo 1 +2/-2 1
Ivan 2 +2/-2 2
Ettore Di Giacinto 2 +3/-1 2
Christian Couder 1 +3/-1 1
ningmingxiao 1 +0/-3 1
市川恭佑 (ebi) 1 +1/-1 1
star 1 +0/-2 1
alliswell 1 +0/-2 1
Preston Van Loon 1 +2/-0 1
Nguyễn Gia Phong 1 +1/-1 1
Nato Boram 1 +1/-1 1
Mildred Ki'Lya 1 +2/-0 2
Michael Burns 1 +1/-1 1
Glenn 1 +1/-1 1
George Antoniadis 1 +1/-1 1
David Florness 1 +1/-1 1
Daniel Norman 1 +1/-1 1
Coenie Beyers 1 +1/-1 1
Benedikt Spies 1 +1/-1 1
Abdul Rauf 1 +1/-1 1
makeworld 1 +1/-0 1
ignoramous 1 +0/-1 1
Omicron166 1 +0/-1 1
Jan Winkelmann 1 +1/-0 1
Dr Ian Preston 1 +1/-0 1
Baptiste Jonglez 1 +1/-0 1

Assets

47
@aschmahmann aschmahmann
v0.13.0-rc1
This tag was signed with the committer’s verified signature.
aschmahmann Adin Schmahmann
GPG key ID: D7A248B705EE4F69
Learn about vigilant mode.
8c5fefa
Compare
Choose a tag to compare

v0.13.0-rc1

Pre-release
Pre-release

Tracking Issue: #8640

Assets

47
@guseggert guseggert
v0.12.2
This tag was signed with the committer’s verified signature.
aschmahmann Adin Schmahmann
GPG key ID: D7A248B705EE4F69
Learn about vigilant mode.
0e8b121
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.12.2

go-ipfs v0.12.2 Release

This patch release fixes a security issue wherein traversing some malformed DAGs can cause the node to panic.

Given that some users haven't yet gone through the migration for v0.12.0, we have also backported this to v0.11.1.

See also the security advisory: GHSA-mcq2-w56r-5w2w

Changelog

Full Changelog - github.com/ipld/go-codec-dagpb (v1.3.0 -> v1.3.2): - fix: use protowire for Links bytes decoding

Contributors

Contributor Commits Lines ± Files Changed
Rod Vagg 1 +34/-19 2

Assets

47
@guseggert guseggert
v0.11.1
This tag was signed with the committer’s verified signature.
aschmahmann Adin Schmahmann
GPG key ID: D7A248B705EE4F69
Learn about vigilant mode.
a4d79f7
Compare
Choose a tag to compare

v0.11.1

go-ipfs v0.11.1 Release

This patch release covers a couple of security fixes

Malformed DAG Traversal

This patch release fixes a security issue wherein traversing some malformed DAGs can cause the node to panic.

This was backported from v0.12.2, since some users haven't yet gone through the v0.12 migration.

See also the security advisory: GHSA-mcq2-w56r-5w2w

Docker Compose Ports

This patch release fixes a security issue with the docker-compose.yaml file in which the IPFS daemon API listens on all interfaces instead of only the loopback interface, which could allow remote callers to control your IPFS daemon. If you use the included docker-compose.yaml file, it is recommended to upgrade.

See also the security advisory: GHSA-fx5p-f64h-93xc

Thanks to @LynHyper for finding and disclosing this.

Changelog

Full Changelog - github.com/ipfs/go-ipfs: - fix: listen on loopback for API and gateway ports in docker-compose.yaml - github.com/ipld/go-codec-dagpb (v1.3.0 -> v1.3.2): - fix: use protowire for Links bytes decoding

Contributors

Contributor Commits Lines ± Files Changed
Rod Vagg 1 +34/-19 2
guseggert 1 +10/-3 1

Assets

47
@guseggert guseggert
v0.12.1
This tag was signed with the committer’s verified signature.
guseggert Gus Eggert
GPG key ID: 08403467A64C485E
Learn about vigilant mode.
da2b9bd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: 4AEE18F83AFDEB23
Learn about vigilant mode.
Compare
Choose a tag to compare

v0.12.1

go-ipfs v0.12.1 Release

This patch release fixes a security issue with the docker-compose.yaml file in which the IPFS daemon API listens on all interfaces instead of only the loopback interface, which could allow remote callers to control your IPFS daemon. If you use the included docker-compose.yaml file, it is recommended to upgrade.

See also the security advisory: GHSA-fx5p-f64h-93xc

Thanks to @LynHyper for finding and disclosing this.

Changelog

Full Changelog
  • github.com/ipfs/go-ipfs:
    • fix: listen on loopback for API and gateway ports in docker-compose.yaml

Contributors

Contributor Commits Lines ± Files Changed
guseggert 1 +10/-3 1

Contributors

Winterhuman

Assets

50