Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.streamnative.io/llms.txt

Use this file to discover all available pages before exploring further.

StreamNative Weekly Release Notes v4.0.8.8

Download

Distributions

Packages

Images

General Changes

Apache Pulsar

(#25231) [fix][broker] Fix transactionMetadataFuture completeExceptionally with null value (#25229) [fix][client] Send all chunkMessageIds to broker for redelivery (#25221) [improve][broker] Give the detail error msg when authenticate failed with AuthenticationException (#25227) [fix][test] Fix Mockito stubbing race in TopicListServiceTest (#25228) [fix][broker] Fix incomplete futures in topic property update/delete methods (#25224) [improve][broker] Add idle timeout support for http (#25052) [improve][client] Make authorization server metadata path configurable in AuthenticationOAuth2 (#24944) [feat][client] oauth2 trustcerts file and timeouts (#25185) [improve][broker] Add strictAuthMethod to require explicit authentication method (#25223) [fix][broker] Fix httpProxyTimeout config (#25195) [feat][io] implement pip-297 for jdbc sinks (#25188) [fix][broker] Prevent missed topic changes in topic watchers and schedule periodic refresh with patternAutoDiscoveryPeriod interval (#25207) [fix][client] Fix producer synchronous retry handling in failPendingMessages method (#25199) [fix][broker]Fix ledgerHandle failed to read by using new BK API (#25165) [fix][broker] Fix ManagedCursorImpl.asyncDelete() method may lose previous async mark delete properties in race condition (#25216) [fix][test]Fix flaky ExtensibleLoadManagerImplTest_testGetMetrics (#25187) [improve][meta] PIP-453: Improve the metadata store threading model (#25211) [improve][proxy] Add regression tests for package upload with ‘Expect: 100-continue’ (#24994) [improve][monitor] Upgrade OpenTelemetry to 1.56.0, Otel instrumentation to 2.21.0 and Otel semconv to 1.37.0 (#25208) [fix][client] Fix race condition between isDuplicate() and flushAsync() method in PersistentAcknowledgmentsGroupingTracker due to incorrect use Netty Recycler (#25209) [fix] [test] Upgrade docker-java to 3.7.0 (#25197) [fix][misc] Allow JWT tokens in OpenID auth without nbf claim (#25172) [improve][client]Reduce unnecessary getPartitionedTopicMetadata requests when using retry and DLQ topics. (#25173) [improve][pip] PIP-453: Improve the metadata store threading model (#25178) [fix][client] ControlledClusterFailover avoid unnecessary reconnection. (#25179) [fix][proxy] Close client connection immediately when credentials expire and forwardAuthorizationCredentials is disabled (#25182) [improve][misc] Upgrade snappy version to 1.1.10.8 (#25186) [fix][test] Bump org.assertj:assertj-core from 3.27.5 to 3.27.7

KoP

Some operations can’t work with super-user role Fix race condition in concurrent Schema Registry requests handling [branch-4.0] Upgrade pulsar version to 4.0.8.8 [branch-4.1] Upgrade unified rbac dependency to 1.7.3 Fix potential concurrent modification issue Return references when getting schema by subject and version Fix flaky test IdempotentProducerTest

StreamNative Pulsar Plugins

898f3b879 fix incompatible with pulsar Upgrade detector build image to 1.25 07dfa85d0 fix: update pulsar and sn.bom versions to 4.0.8.8 in pom.xml b1f864ff0 fix: update Maven command to include update flag for dependencies db522f9ed build detector multi-platform d9b7c56ec fix: remove opentelemetry-sdk-testing dependency from pom.xml dd9968bc1 using streamnative-bom opentelemetry version fix: patch CVE-2025-61726, CVE-2025-61728, CVE-2025-61730 in stdlib Fix OIDCServlet to use local metadata store instead of configuration metadata store fix: upgrade zookeeper to 3.9.4 to patch CVE-2025-58457

pulsarctl

fix: upgrade Go to 1.25.7 to fix CVE-2025-68121 fix: upgrade Go from 1.25.5 to 1.25.6 to patch CVE-2025-61726, CVE-2025-61728, CVE-2025-61730

Cloud Pulsar Plugins

a2882f8 Revert “Add OpenTelemetry SDK extension dependency to test pom.xml” 93ed760 Add OpenTelemetry SDK extension dependency to test pom.xml

Function Mesh Worker Service

3b32d782 Fix CI Reuse authorization service when possible a448fef3 Enhance CI

Security Fixes

Apache Pulsar

(#25095) [fix][sec] Upgrade jose4j to 0.9.6 to address CVE-2024-29371 (#25206) [fix][sec] Upgrade OpenSearch to 2.19.4 to remediate CVE-2025-9624 (#25198) [fix][sec] Exclude org.lz4:lz4-java and standardize on at.yawk.lz4-java to remediate CVE-2025-12183 and CVE-2025-66566 (#25175) [fix][sec] Bump org.apache.solr:solr-core from 9.8.0 to 9.10.1 in /pulsar-io/solr