Documentation Index
Fetch the complete documentation index at: https://docs.streamnative.io/llms.txt
Use this file to discover all available pages before exploring further.
StreamNative Weekly Release Notes v4.1.3.1
Download
Distributions
Packages
Images
General Changes
Apache Pulsar
(#25269) [improve][broker] Optimize AsyncTokenBucket overflow solution further to reduce fallback to BigInteger
(#25262) [fix][broker] Guard AsyncTokenBucket against long overflow
(#25255) [fix][broker] Use compatible Avro name validator in JsonSchemaCompatibilityCheck
(#25193) [fix][broker] Use compatible Avro name validator to allow ’$’ in schema record names
(#25254) [fix][client] Reduce logging in OAuth auth to fix parsing of Pulsar cli command output
(#25253) [improve] Upgrade RoaringBitmap to 1.6.9 version
(#25251) [improve][fn] Upgrade Pulsar Python client version to 3.10.0
(#25246) [fix][meta] Metadata cache refresh might not take effect
(#25247) [fix][test] Fix ResourceQuotaCalculatorImplTest#testNeedToReportLocalUsage
(#25241) [fix][test] fix testBatchMetadataStoreMetrics.
(#25232) [improve] Upgrade Netty to 4.1.131.Final
(#25187))) Reapply “[improve][meta] PIP-453: Improve the metadata store threading model
(#25187))) Revert “[improve][meta] PIP-453: Improve the metadata store threading model
(#25231) [fix][broker] Fix transactionMetadataFuture completeExceptionally with null value
(#25229) [fix][client] Send all chunkMessageIds to broker for redelivery
(#25221) [improve][broker] Give the detail error msg when authenticate failed with AuthenticationException
(#25227) [fix][test] Fix Mockito stubbing race in TopicListServiceTest
(#25228) [fix][broker] Fix incomplete futures in topic property update/delete methods
(#25224) [improve][broker] Add idle timeout support for http
(#25052) [improve][client] Make authorization server metadata path configurable in AuthenticationOAuth2
(#24944) [feat][client] oauth2 trustcerts file and timeouts
(#25185) [improve][broker] Add strictAuthMethod to require explicit authentication method
(#25223) [fix][broker] Fix httpProxyTimeout config
(#25200) [improve][broker] Change log level from warn to debug when cursor mark-deleted position ledger doesn’t exist
(#25195) [feat][io] implement pip-297 for jdbc sinks
(#25127) [improve][admin] Add client side looping to analyze-backlog in Topics to avoid potential HTTP call timeout
(#25188) [fix][broker] Prevent missed topic changes in topic watchers and schedule periodic refresh with patternAutoDiscoveryPeriod interval
(#25207) [fix][client] Fix producer synchronous retry handling in failPendingMessages method
(#25199) [fix][broker]Fix ledgerHandle failed to read by using new BK API
(#25165) [fix][broker] Fix ManagedCursorImpl.asyncDelete() method may lose previous async mark delete properties in race condition
(#25216) [fix][test]Fix flaky ExtensibleLoadManagerImplTest_testGetMetrics
(#25211) [improve][proxy] Add regression tests for package upload with ‘Expect: 100-continue’
(#24994) [improve][monitor] Upgrade OpenTelemetry to 1.56.0, Otel instrumentation to 2.21.0 and Otel semconv to 1.37.0
(#25187) [improve][meta] PIP-453: Improve the metadata store threading model
(#25208) [fix][client] Fix race condition between isDuplicate() and flushAsync() method in PersistentAcknowledgmentsGroupingTracker due to incorrect use Netty Recycler
(#25209) [fix] [test] Upgrade docker-java to 3.7.0
(#25179) [fix][proxy] Close client connection immediately when credentials expire and forwardAuthorizationCredentials is disabled
(#25197) [fix][misc] Allow JWT tokens in OpenID auth without nbf claim
(#25186) [fix][test] Bump org.assertj:assertj-core from 3.27.5 to 3.27.7
(#25182) [improve][misc] Upgrade snappy version to 1.1.10.8
(#25178) [fix][client] ControlledClusterFailover avoid unnecessary reconnection.
(#25172) [improve][client]Reduce unnecessary getPartitionedTopicMetadata requests when using retry and DLQ topics.
(#25177) [fix][ml] Fix NoSuchElementException in EntryCountEstimator caused by a race condition
(#25166) [improve][broker] Upgrade bookkeeper to 4.17.3
(#25132) [improve][broker] Ensure metadata session state visibility and improve Unstable observability for ServiceUnitStateChannelImpl
(#25070) [improve][broker] PIP-442: Add memory limits for topic list watcher (part 2)
(#25157) [fix][fn] Fix graceful Pulsar Function shutdown so that consumers and producers are closed
(#25151) [fix][broker] Fence reset cursor by timestamp to avoid concurrent timestamp-based position lookups
(#25148) [fix][ml] Retry offload reads when OffloadReadHandleClosedException is encountered
(#25149) [fix][admin] Fix offload policy incompatible issue.
(#25142) [fix][proxy] Fix memory leaks in ParserProxyHandler
(#25140) [fix][fn] complete flushAsync before closeAsync in ProducerCache and wait for completion in closing the cache
(#25031) [fix][broker] Avoid split non-existent bundle
(#25136) [fix][broker] Fix regex matching of namespace name which might contain a regex char
(#25110) [fix][broker] Fix markDeletedPosition race condition in ManagedLedgerImpl.maybeUpdateCursorBeforeTrimmingConsumedLedger() method
(#25125) [fix][test] Wait for txn.abort() to complete to avoid AdminApiTransactionTest.testAnalyzeSubscriptionBacklogWithTransactionMarker() flaky test
(#25114) [fix][broker]Topic deleting failed after removed local cluster from namespace policies
(#25130) [improve][broker] Change the log level from error to info when throwing NotAllowedException
(#25048) [improve][broker] Enhance logging for adding schema failures in ServerCnx
(#25121) [fix][broker] Fix MultiRolesTokenAuthorizationProvider error when subscription prefix doesn’t match.
(#25119) [fix][broker] Fix compaction horizon might be reset to an old position when phase two is interrupted
(#25104) [improve][broker] Fix thread safety issue in ManagedCursorImpl.removeProperty
(#25091) [improve][admin] Add counter for marker messages in PersistentTopics.analyzeSubscriptionBacklog() rest api
(#25089) [fix][ml] Fix cursor backlog size to account for individual acks
(#25077) [fix][broker] Fix chunked message loss when no consumers are available
(#25101) [fix][test] Fix ManagedCursorTest and NonDurableCursorTest flaky tests
(#25106) [fix][client]Producer stuck or geo-replication stuck due to wrong value of message.numMessagesInBatch
(#25105) [fix][broker]pulsar_ml_reads_inflight_bytes and pulsar_ml_reads_available_inflight_bytes are 0 at the same time
(#25087) [fix][broker] Fix cursor position persistence in ledger trimming
(#25085) [improve][io] Replace Qpid in tests with RabbitMQ in Testcontainers and upgrade RabbitMQ client version
(#25084) [fix][build] Activate jdk21 and jdk24 profiles on Java 25
(#25073) [fix][broker]Infinitely failed to delete topic if the first time failed and enabled transaction
(#25047) [fix][broker]Fix incorrect backlog if use multiple acknowledge types on the same subscription
(#24980) [fix][broker] fix prepareInitPoliciesCacheAsync in SystemTopicBasedTopicPoliciesService
(#24658) [improve][broker] Optimize Reader creation in TopicPoliciesService
(#25053) [improve][broker] Use atomic counter for ongoing transaction count
(#25069) [fix][client] Fix invalid parameter type passed to Map.get in TopicsImpl.getListAsync method
(#25066) [fix][broker] PIP-442: Fix race condition in async semaphore permit updates that causes memory limits to become ineffective
(#25044) [improve][broker] Improve replicated subscription snapshot cache so that subscriptions can be replicated when mark delete position update is not frequent
(#25067) [fix][broker] Force EnsemblePolicies to resolve network location after rackInfoMap is updated due to changes in /ledgers/available znode
(#25050) [fix][admin] Refactor bookie affinity group sync operations to async in rest api
(#25059) [fix][broker] Fix various error-prone detected errors mainly in logging and String.format parameters
(#25054) [improve][build] Upgrade errorprone to 2.45.0 version
(#25056) [fix][cli] Fix output of —print-metadata in cli consume
(#25051) [fix][cli] Fix some pulsar-admin topicPolicies commands exiting before async operations complete
(#16651) [improve][broker] Fix replicated subscriptions race condition with mark delete update and snapshot completion
(#25027) [improve][misc] Add log4j-layout-template-json to server distribution to enable e.g. ECS template support in log4j configurations for Pulsar server components.
(#25032) [fix][test] Replace LZ4FastDecompressor with LZ4SafeDecompressor in test
(#25034) [improve][misc]introduce log4j Console appender ConsoleJson
(#25039) [fix][broker] Fix potential NPE in InMemTransactionBuffer.appendBufferToTxn by returning a valid Position
(#25026) [improve][broker]Add test for getting partitioned topic metadata with PulsarAdmin client
(#25029) [improve][io] Upgrade Debezium version to 3.2.5.Final
(#25036) [improve][client] Add null checks for MessageAcknowledger methods to prevent NullPointerException
(#25037) [fix][broker]Incorrect backlog that is larger than expected
(#24994))) Revert “[improve][monitor] Upgrade OpenTelemetry to 1.56.0, Otel instrumentation to 2.21.0 and Otel semconv to 1.37.0
(#25022) [fix] Upgrade gson to 2.13.2
(#25018) [improve][broker]Remove the warn log that frequently prints
(#25016) [fix][broker]Fix memory leak when using a customized ManagedLedger implementation
(#25015) [fix][client] Fix AutoProduceBytesSchema.clone() method
(#25014) [fix][client] Fix thread-safety of AutoProduceBytesSchema
(#25013) [improve][client] Test no exception could be thrown for invalid epoch in message
(#25011) [improve] Eliminate unnecessary duplicate schema lookups for partitioned topics in client and geo-replication
(#25004) [fix][broker] Add schema version in rest produce api
(#25012) [fix][broker] Fix issue with schemaValidationEnforced in geo-replication
(#25008) [fix][client] Fix double recycling of the message in isValidConsumerEpoch method
(#25007) [fix][client] PIP-84: Skip processing a message in the message listener if the consumer epoch is no longer valid
(#25006) [fix][client] Skip processing messages in the listener when the consumer has been closed
(#24994) [improve][monitor] Upgrade OpenTelemetry to 1.56.0, Otel instrumentation to 2.21.0 and Otel semconv to 1.37.0
(#24997) [fix][broker] Fix creation of replicated subscriptions for partitioned topics
(#24983) [improve] Upgrade Apache Commons library versions
(#24995) [improve][test] Use Oxia project docker container for integration tests
(#24986) [fix] Handle TLS close_notify to avoid SslClosedEngineException: SSLEngine closed already
(#24982) [improve][build] Upgrade Testcontainers to 1.21.3
(#24975) [improve][broker]Improve error response of failed to delete topic if it has replicators connected
(#24938) [fix][broker]Wrong backlog: expected 0 but got 1
(#24985) [improve] Upgrade Log4j2 to 2.25.2 and slf4j to 2.0.17
(#24984) [improve] Upgrade Caffeine to 3.2.3
(#24871) [fix][test] Fixed Non-Guaranteed Order in PoliciesDataTest.propertyAdmin
(#24981) [fix][build] Remove Confluent and Restlet maven repositories from top level pom.xml
(#24976) [feat][meta] upgrade oxia version to 0.7.2
Security Fixes
Apache Pulsar
(#25256) [fix][sec] Upgrade aircompressor to 2.0.3 to resolve CVE-2025-67721
(#25250) [fix][sec] Upgrade Python protobuf version to 6.33.5 to address CVE-2026-0994
(#25095) [fix][sec] Upgrade jose4j to 0.9.6 to address CVE-2024-29371
(#25206) [fix][sec] Upgrade OpenSearch to 2.19.4 to remediate CVE-2025-9624
(#25198) [fix][sec] Exclude org.lz4:lz4-java and standardize on at.yawk.lz4-java to remediate CVE-2025-12183 and CVE-2025-66566
(#25175) [fix][sec] Bump org.apache.solr:solr-core from 9.8.0 to 9.10.1 in /pulsar-io/solr
(#25152) [fix][sec] Upgrade vertx to address CVE-2026-1002
(#25102) [fix][sec] Upgrade log4j to 2.25.3 to address CVE-2025-68161
(#25095) [fix][sec] Upgrade jose4j to 0.9.6 to address CVE-2024-29371
(#25078) [fix][sec] Upgrade Netty to 4.1.130.Final
(#25045) [fix][sec] Bump at.yawk.lz4:lz4-java from 1.9.0 to 1.10.1 in /pulsar-common
(#25024) [fix][sec] Eliminate commons-collections dependency
(#24987) [fix][sec] Bump github.com/dvsekhvalnov/jose2go from 1.6.0 to 1.7.0 in /pulsar-function-go
