Unit 1.35.0 released
Liam Crilly
l.crilly at f5.com
Thu Sep 11 22:08:56 UTC 2025
[heart] Liam Crilly reacted to your message:
________________________________
From: unit <unit-bounces at nginx.org> on behalf of Andrew Clayton <ac at sigsegv.uk>
Sent: Thursday, September 11, 2025 10:05:18 PM
To: NGINX Unit Mailing List <unit at nginx.org>
Cc: Andrew Clayton <a.clayton at nginx.com>
Subject: Unit 1.35.0 released
CAUTION: This email has been sent from an external source. Do not click links, open attachments, or provide sensitive business information unless you can verify the sender’s legitimacy.
Hi, NGINX Unit community,
We are pleased to announce the release of NGINX Unit 1.35.0
Now for sad news. This will be the last release of NGINX Unit for the
foreseeable future. There will be *no* packaging done for this release.
The project has officially entered "Unsupported" status.
<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.repostatus.org%2F%23unsupported&data=05%7C02%7Cl.crilly%40f5.com%7Ca0c756c936c646b10ab808ddf17f5757%7Cdd3dfd2f6a3b40d19be0bf8327d81c50%7C0%7C0%7C638932252681047723%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=qQQI6Jh4KsxKnoFaCPcFgk31jTaMp%2FVwKHVO9wVahDo%3D&reserved=0<https://www.repostatus.org/#unsupported>)>
So, with that out of the way here's what 1.35.0 brings...
This release is comprised of 85 non-merge commits from 12 people
of which 7 are external contributors.
A shout out to our external contributors
) Andy Postnikov
) Kirill A. Korinsky
) Mark Thomas
) Remi Collet
) Tal Kedar
) Tobias Genannt
) skokalin
With a special thanks to Alejandro Colomar for his initial work on HTTP
compression support.
This release can be found at
<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnginx%2Funit%2Freleases%2Ftag%2F1.35.0&data=05%7C02%7Cl.crilly%40f5.com%7Ca0c756c936c646b10ab808ddf17f5757%7Cdd3dfd2f6a3b40d19be0bf8327d81c50%7C0%7C0%7C638932252681091534%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=A16Pu1Rk%2FzcjaDVvx6gJsEI8ZFhQd7jYIHul1fmKRps%3D&reserved=0<https://github.com/nginx/unit/releases/tag/1.35.0>>
Unit 1.35.0 includes numerous bug fixes, improved compatibility with
languages and language frameworks, GCC 15 support, all the fixes from
1.34.1 and 1.34.2, and last but not least, HTTP compression support.
HTTP compression support
========================
We are pleased to release the initial implementation of HTTP compression
support, an oft-asked for feature.
It supports any or all of zlib (deflate, gzip), zstd and brotli.
It will compress both static and application (with some restrictions)
responses.
If building from source, support can be enabled by specifying any or all
of
--zlib --zstd --brotli
to ./configure
This requires the development libraries for zlib, zstd and brotli, it
also requires pkgconf(1).
zlib can use either the traditional zlib library or the new
zlib-ng-compat library.
This can then be configured via the standard Unit configuration.
There is a new '/settings/http/compression' object that is used to
describe the compression configuration. E.g.
"compression": {
"types": [
"text/*"
],
"compressors": [
{
"encoding": "gzip",
"level": 3,
"min_length": 4096
},
{
"encoding": "deflate",
"min_length": 0
},
{
"encoding": "zstd",
},
{
"encoding": "br",
"min_length": 1024
}
]
}
The first item 'types' is an array of MIME types that are considered for
compression.
These are MIME types as recognised by Unit, you may need to add your own
via the '/settings/http/static/mime_types' object.
Then we have 'compressors' this is an array of objects describing the
compression methods to enable, if you specify a compression method here
that hasn't been built into Unit, you will get a configuration error.
Each compression object has a *required* 'encoding' member that defines
the compression method to enable.
An optional 'level' member with defines the compression level to use,
this value is specific to each compressor, if it's not specified then
the default for that compression method will be used.
An optional 'min_length' member that specifies the minimum amount of
data to be considered for compression. If set to 0 or not specified then
there is no minimum amount before compression may happen.
Compression will happen for both static and application responses.
For application responses, compressed responses will be sent chunked.
Also with application responses we will only consider compressing output
where we know the content length.
Improved compatibility
======================
Unit 1.35.0 introduces support for PHP 8.5, Ruby 3.4 and Django 5.x
Websockets with the Python Litestar framework has been fixed. Also a
long standing issue related to Firefox and websockets has also been
fixed.
njs
===
This version of Unit requires njs >= 0.9.0
Changes
=======
We now flow the correct server listen socket port number through to
applications via SERVER_PORT rather than hard coding it to 80.
Thus the SERVER_PORT variable will now contain the port number that the
connection was accept(2)ed on.
Developers
==========
GCC 15 introduced a new warning, Wunterminated-string-initialization to
catch things like
static const char str[11] = "Hello World";
which will now produce a warning with
-Wunterminated-string-initialization or -Wextra
However there are often times when you want non-NUL terminated string
literals. E.g.
static const char hex[16] = "0123456789ABCDEF";
which is used as a lookup table and will only ever be accessed via
individual indices 0-15.
To accommodate such things we introduce a new macro
NXT_NONSTRING
which is an alias for
__attribute__((__nonstring__))
which will quell the warning, e.g.
static const char hex[16] NXT_NONSTRING = "0123456789ABCDEF";
========================================================================
Changes with Unit 1.35.0 03 Sep 2025
*) Security: fix missing websocket payload length validation in the
Java language module which could lead to Java language
module processes consuming excess CPU. (CVE-2025-1695).
*) Change: if building with njs, version 0.9.0 or later is now
required.
*) Feature: HTTP compression.
*) Feature: PHP 8.5 compatibility.
*) Feature: Ruby 3.4 compatibility.
*) Feature: Django 5.x compatibility.
*) Feature: Python Litestar WebSockets compatibility.
*) Feature: GCC 15 compatibility.
*) Bugfix: set SERVER_PORT to the actual value.
*) Bugfix: fix issue in node.js with duplicate headers in response.
*) Bugfix: fix WebSockets with Firefox.
*) Bugfix: fix incorrect websocket payload length calculation in the
Java language module.
*) Bugfix: fix instability issues due to OpenTelemetry (OTEL)
support.
*) Bugfix: fix issues with building OpenTelemetry (OTEL) support on
various platforms, including macOS.
------------------------------------------------------------------------
Changes since 1.34.0 are as follows:
Andrew Clayton (60):
Version bump
auto/otel: Make use of nxt_feature_name
auto/make: s/NXT_OTEL_LIB_LOC/NXT_OTEL_LIB_STATIC/
auto/make: Fix various issues with building OTEL
Update copyright notice
ruby: Fix build failures with Ruby 3.4
Fix build with GCC 15
python: Fix Litestar WebSockets compatibility
http: Fix WebSockets with Firefox
ci: Update to actions/upload-artifact at v4 in cifuzz.yml
python: Add Django 5.x compatibility
auto/clang: Add a NXT_NONSTRING macro
Tag various character arrays with NXT_NONSTRING
auto/cc: gcc: Don't disable -Wunterminated-string-initialization
tests: Fix TLS tests with Python 3.13
rust: Update rust crates
pkg/contrib: Bump wasmtime to 31.0.0
Fully initialise nxt_port_msg_t msg structures
Fully initialise the oob struct in nxt_socket_msg_oob_init()
http: Add a mime_type member to nxt_http_response_t
http: Add NXT_HTTP_NOT_ACCEPTABLE enum value
http: Add core http compression code
http: Add zlib compression support
http: Add support for zstd compression
http: Add support for brotli compression
http: Wire up HTTP compression to the build system
http: Wire up HTTP compression support to the config system
http: compress: Add a couple of helper functions
http: Compress static responses
http: Compress application responses
Add SUPPORT.md
auto/modules/wasm: Remove an unneeded compiler option
auto/compression: Error out if requested library not found
ci: Build Unit with --zlib --zstd --brotli
njs: Update for version 0.9.0 API changes
ci: clang-ast: Update to openjdk-21-jdk
Use NULL instead of 0 as null pointer constant
Set SERVER_PORT appropriately
otel: Update crates
tools/unitctl: Update crates
wasm-wc: Update crates
wasm-wc: Update to wasmtime 35.0.0
docs: Update unit-openapi.yaml for HTTP compression
http: compression: Set the temporary file name in n_h_c_c_s_r()
http: compression: Add a missed nxt_http_comp_compress() return check
Don't leak file descriptor in nxt_main_port_access_log_handler()
java: Update classgraph to the latest version
http: compression: Don't set buf->parent
http: compression: brotli: Don't leak memory on error
Fix formatting of README.md and SUPPORT.md
.mailmap: Add entry for Dave McAllister
pkg/contrib: Update to njs 0.9.1
pkg/contrib: Bump wasmtime to 35.0.0
tools/unitctl: Update for version 1.35.0
docs/unit-openapi.yaml: Update version for 1.35.0
pkg/docker: Update rust to 1.89.0
pkg/docker: Enable zlib. zstd and brotli compression
pkg/docker: Update dockerfiles for 1.35.0
docs/changes.xml: Add 1.35.0 changelog entries
Add 1.35.0 CHANGES
Andy Postnikov (2):
Treat a “broken pipe” on SSL_shutdown() as a normal close
php: Fix building with 8.5
Ava Hahn (2):
otel: fix segfaults when otel not configured
otel: remove deadcode
Dave McAllister (2):
Chnages to README and SUPPORT to reflect project change
Merge branch 'master' of https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnginx%2Funit&data=05%7C02%7Cl.crilly%40f5.com%7Ca0c756c936c646b10ab808ddf17f5757%7Cdd3dfd2f6a3b40d19be0bf8327d81c50%7C0%7C0%7C638932252681123027%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=j3zQ5bFbDsK9Tnr%2BBAdwY2NlKCWIUWkSJwOlEVNjWjI%3D&reserved=0<https://github.com/nginx/unit>
Kirill A. Korinsky (1):
tests: Fixed alt_names in test_tls_sni_same_alt
Konstantin Pavlov (3):
auto/make, otel: fix linking on macOS and Ubuntu
auto/otel: don't look for OpenSSL on Darwin
Docker: specify real names and handles of Maintainers
Mark Thomas (2):
java: websocket: Fix calculation of payload length for > 32bit values
java: websocket: Additional payload length validation
Remi Collet (2):
auto/make: Add missing NXT_OTEL_LIB_STATIC to some C tests
Packaging: Ensure sbindir is properly set on newer Fedora (42+)
Sergey A. Osokin (1):
java: update third-party components to their recent versions
Tal Kedar (1):
http: add `.mjs` extension to default mime types
Tobias Genannt (1):
tools/unitctl: Fixed waiting for control socket
dependabot[bot] (7):
otel, tools/unitctl: bump the openssl crate from 0.10.68 to 0.10.70
ci: unitctl: Bump actions/download-artifact from 4 to 5
ci: Bump actions/checkout from 4 to 5
tools/unitctl: Bump the slab crate from 0.4.10 to 0.4.11
rust, wasm-wc, otel: Bump the slab crate from 0.4.10 to 0.4.11
ci: Bump actions/setup-java from 4 to 5
otel: Bump the tracing-subscriber crate from 0.3.19 to 0.3.20
skokalin (2):
node.js: Fixed issue with duplicate headers in response
tests: nodejs: Added test for responses with duplicate headers
_______________________________________________
unit mailing list
unit at nginx.org
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailman.nginx.org%2Fmailman%2Flistinfo%2Funit&data=05%7C02%7Cl.crilly%40f5.com%7Ca0c756c936c646b10ab808ddf17f5757%7Cdd3dfd2f6a3b40d19be0bf8327d81c50%7C0%7C0%7C638932252681144155%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C40000%7C%7C%7C&sdata=VoKDOY8vbMJA36UAdWOjcryS%2B3CAV%2BBan4OVQxcqRW4%3D&reserved=0<https://mailman.nginx.org/mailman/listinfo/unit>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/unit/attachments/20250911/a0171f6a/attachment-0001.htm>
More information about the unit
mailing list