Release 23.3.6 | v23.3.4 Hotfixes | October'24 release | +semver: patch#2185
Merged
raman-m merged 5 commits intorelease/23.3from Oct 31, 2024
Merged
Release 23.3.6 | v23.3.4 Hotfixes | October'24 release | +semver: patch#2185raman-m merged 5 commits intorelease/23.3from
raman-m merged 5 commits intorelease/23.3from
Conversation
raman-m
added
release
raman-m
force-pushed
the
raman-m/23.3.6
branch
from
4379b2a to
e80f677
Compare
Member
Author
Release Notes🔥 Hot fixing v23.3.4 (version 24.1.0-raman-m-23-3-6-0001) aka October'24 release
❤️ A heartfelt "Thank You" to Nikolai Masson and Nikolay Kuksov for their contributions! ℹ️ AboutThis release provides minor bug fixes from the previous 23.3.4 release. All bugs have been addressed in the October'24 milestone. 📓 For projects utilizing the Service Discovery feature, it is recommended to update to this version to benefit from the unstable release 23.3.4, which includes fixes for both 🧑💻 Technical InformationThe Ocelot solution encountered a significant issue with the disabled scope validation of services in the DI-container, affecting both testing projects and the core library. Initially, this was not problematic when services were designed as singletons by previous contributors and our team. However, with the introduction of more scoped services by the Ocelot team, it became clear that our testing projects could not adequately handle them. The patch enhances functionality for two primary Service Discovery providers:
❗ Breaking ChangesUpgrading from 23.3.4 to 24.1.0-raman-m-23-3-6-0001 introduces no breaking changes. However, upgrading from 23.3.0 or earlier versions may result in some incompatibilities. For further information, please refer to the release notes of v23.3.4. Starring ⭐ aka Release Influencers
|
raman-m
force-pushed
the
raman-m/23.3.6
branch
from
8b5e123 to
75f2391
Compare
Reuse iterators of Top Contributors as Starring iterators.
This was referenced Oct 30, 2025
This was referenced Dec 22, 2025
sloweyyy
added a commit
to sloweyyy/cloud-native-ecommerce-platform
that referenced
this pull request
Mar 22, 2026
Updated [Ocelot](https://github.com/ThreeMammals/Ocelot) from 23.3.3 to 23.4.3. <details> <summary>Release notes</summary> _Sourced from [Ocelot's releases](https://github.com/ThreeMammals/Ocelot/releases)._ ## 23.4.3 ## 🔥 Hot fixing #2246 issue (version 23.4.3) aka v[23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) patch 📦 > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.3/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.3/pdf/) > Hot fixed version: [23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) ### ℹ️ About 🔥 Hot fixed issue: #2246 ❤️ A sincere and heartfelt "Thank You" to **Donny Tian**, @donnytian for reporting the bug. ###⚠️ Warning 1. Consider this patch as the last one supporting .NET 6 and 7 frameworks. For more details, refer to the [previous version notes](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2). 2. No further patches for this minor version are expected. The next major release will be [.NET 9](https://github.com/ThreeMammals/Ocelot/milestone/11), version **24.0**. ### ❗ Breaking Changes Upgrading from [23.4.0](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.0)-[23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) to [23.4.3](https://github.com/Threeammals/Ocelot/releases/tag/23.4.3) introduces **no breaking changes**. However, some internal interfaces have been updated, which should not introduce IBC for 99.99% of projects. For further information, refer to the source code. ### What's Changed * #2246 Review Core cache and redesign `Regex` caching by @raman-m in ThreeMammals/Ocelot#2251 * Release 23.4.3 | Hot fixing #2246 | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2252 **Full Changelog**: ThreeMammals/Ocelot@23.4.2...23.4.3 ## 23.4.2 ## 📦 End of .NET 6, 7 Support (version 23.4.2) > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.2/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.2/pdf/) > Hot fixed version: [23.4.1](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.1) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) This is the last patched version for .NET 6 and 7 frameworks. The upcoming major release, version [24.0](https://github.com/ThreeMammals/Ocelot/milestone/11), will target .NET 9 alongside the LTS .NET 8. Projects targeting .NET 6 or 7 should update to this version while considering an upgrade to .NET 8 or 9 in the future. ### ℹ️ About - All package versions have been updated to latest versions targeting the `net6.0` and `net7.0` frameworks, along with the LTS `net8.0`. - Dependabot alerts concerning [reported vulnerabilities](https://github.com/ThreeMammals/Ocelot/security/dependabot) related to `IdentityServer4` have not yet been addressed; these will be resolved in the next major release (refer to **Warnings** further information). ### ❗ Warning 1. Releasing a patched `23.4.*` is possible. 2. In the next major version, the Ocelot team will remove references to the [IdentityServer4](https://www.nuget.org/packages/IdentityServer4) package from testing projects due to its "[Public Archive](https://github.com/DuendeArchive/IdentityServer4)" status; the version, [4.1.2](https://github.com/DuendeArchive/IdentityServer4/releases/tag/4.1.2), was [released](https://github.com/DuendeArchive/IdentityServer4/releases) on July 7, 2021. 3. The main Ocelot package is not integrated with `IdentityServer4`, allowing Ocelot users to utilize [any authentication provider](ThreeMammals/Ocelot#2194), as Ocelot's [Authentication](https://github.com/ThreeMammals/Ocelot/blob/main/docs/authentication.rst) feature is provider-agnostic. 4. Our plans to utilize the [ASP.NET Core Identity](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity) framework in testing projects due to industry standards, instead the `IdentityServer4` library. 5. Following the release of [.NET 9](https://github.com/ThreeMammals/Ocelot/milestone/11), the team will begin the deprecation of the Ocelot [extension-packages](https://www.nuget.org/profiles/ThreeMammals): `Ocelot.Cache.CacheManager`, `Ocelot.Tracing.Butterfly`, and `Ocelot.Tracing.OpenTracing`. ### What's Changed * Review Dependabot alerts for `net6.0` and `net7.0` target frameworks and bump all packages by @raman-m in ThreeMammals/Ocelot#2220 * Release 23.4.2 | End of .NET 6, 7 Support | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2221 **Full Changelog**: ThreeMammals/Ocelot@23.4.1...23.4.2 ## 23.4.1 ## 📦 Routing patch (version 23.4.1) > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.1/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.1/pdf/) > Hot fixed version: [23.4.0](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.0) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) :heart: A heartfelt "Thank You" to **[Guillaume Gnaegi](https://github.com/ggnaegi)** (@ggnaegi) ### ℹ️ About 🔥 Hot fixed issues: #2165 #2209 #2212 ### What's Changed * #2165 Global configuration `SecurityOptions` by @Fabman08 in ThreeMammals/Ocelot#2170 * #2209 Placeholders matching must work if RouteIsCaseSensitive = false by @ggnaegi in ThreeMammals/Ocelot#2210 * File-scoped namespaces everywhere by @raman-m in ThreeMammals/Ocelot#2211 * #2212 Incorrect calculation of placeholders, only the last placeholder should be allowed to match several segments by @ggnaegi in ThreeMammals/Ocelot#2213 * Release 23.4.1 | Routing patch | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2215 **Full Changelog**: ThreeMammals/Ocelot@23.4.0...23.4.1 ## 23.4.0 ## 🔀 Routing Update (version 23.4.0) aka [McDonald's](https://www.youtube.com/watch?v=_PgYAPdOs9M) release > Codenamed: **[McDonald's](https://www.youtube.com/watch?v=_PgYAPdOs9M)** > Read the Docs: [Ocelot 23.4.0](https://ocelot.readthedocs.io/en/23.4.0/) ### ℹ️ About This minor release significantly upgrades the [Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst) feature by supporting [embedded placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1) within path segments (between slashes). Additionally, the team has focused on enhancing the performance of `Regex` objects. ### 🆕 What's new? - **[Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst)**: Introducing the new "[Embedded Placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1)" feature by @ggnaegi. As of November 2024, Ocelot was unable to process multiple [placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#placeholders) embedded between two forward slashes. It was also challenging to differentiate the placeholder from other elements within the slashes. For example, `/{url}-2/` for `/y-2/` would yield `{url} = y-2`. We are excited to introduce an enhanced method for evaluating placeholders that allows for the resolution of [placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#placeholders) within complex URLs. For additional information, refer to PR #2200. ### 🆙 Focus On <details> <summary><b>Features</b>: Routing, Core, Rate Limiting, Middleware Injection</summary> - [Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst): The new feature is "[Embedded Placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1)" by @ggnaegi. - [Core](https://github.com/ThreeMammals/Ocelot/labels/Core): All `Regex` logic has been refactored by @EngRajabi. The Ocelot Core now boasts improved performance of `Regex` objects, striving to adhere to the [Best Practices for Regular Expressions in .NET](https://docs.microsoft.com/en-us/dotnet/standard/base-types/best-practices). It is estimated that each request could save from 1 to over 10 microseconds in processing time (though no benchmarks have been developed to measure this). - [Rate Limiting](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/ratelimiting.rst): The persistent issue with [Rate Limiting headers](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/ratelimiting.rst#global-configuration:~:text=headers) has been resolved by @jlukawska. The problem was the absence of unofficial `X-Rate-Limit-*` headers (found in the [RateLimitingHeaders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/src/Ocelot/RateLimiting/RateLimitingHeaders.cs) class) in the `RateLimitingMiddleware`'s response. For more details, see PR #1307. Note that these unofficial headers have not yet been documented, so they may be subject to change since [Ocelot's RateLimiting headers do not align with industry standards](https://github.com/ThreeMammals/Ocelot/blob/27d3df2d0fdfbf5acde12d9442dfc08836e8b982/src/Ocelot/RateLimiting/RateLimitingHeaders.cs#L6). - [Middleware Injection](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/middlewareinjection.rst): The `OcelotPipelineConfiguration.ClaimsToHeadersMiddleware` property has been introduced by @kesskalli. This new property enables the overriding of the [ClaimsToHeadersMiddleware](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/middlewareinjection.rst#middleware-injection:~:text=ClaimsToHeadersMiddleware). For additional information, refer to PR #1403. </details> <details> <summary><b>Documentation</b> for <a href="https://ocelot.readthedocs.io/en/23.4.0/">v23.4.0</a></summary> - [Routing](https://ocelot.readthedocs.io/en/23.4.0/features/routing.html): Introducing a new section on [Embedded Placeholders](https://ocelot.readthedocs.io/en/23.4.0/features/routing.html#embedded-placeholders) - [Middleware Injection](https://ocelot.readthedocs.io/en/23.4.0/features/middlewareinjection.html): Documentation now includes the [ClaimsToHeadersMiddleware](https://ocelot.readthedocs.io/en/23.4.0/features/middlewareinjection.html#middleware-injection:~:text=ClaimsToHeadersMiddleware) feature </details> ### Honoring 🏅 aka Top Contributors 👏 1<sup>st</sup> 🥇 goes to **[Mohsen Rajabi](https://github.com/EngRajabi)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3AEngRajabi+milestone%3ANovember%2724)** feature in **12** files changed 2<sup>nd</sup> 🥈 goes to **[Jolanta Łukawska](https://github.com/jlukawska)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3Ajlukawska+milestone%3ANovember%2724)** feature in **8** files changed 3<sup>rd</sup> 🥉 goes to **[Karim Esskalli](https://github.com/kesskalli)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3Akesskalli+milestone%3ANovember%2724)** feature in **6** files changed ### Starring ⭐ aka Release Influencers⭐ Mohsen Rajabi, @EngRajabi ⭐ Jolanta Łukawska, @jlukawska ⭐ Raman Maksimchuk, @raman-m ⭐ Karim Esskalli, @kesskalli ⭐ Guillaume Gnaegi, @ggnaegi ## Features in Release 23.4.0 <details><summary>Logbook</summary> - <sub>41fc9bd5 by **Raman Maksimchuk** on Monday, November 18 at 23:40 →</sub> ... (truncated) ## 23.3.6 ## 🔥 Hot fixing v[23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4) (version 23.3.6) aka [October'24](https://github.com/ThreeMammals/Ocelot/milestone/7) release > Read the Docs: [Ocelot 23.3](https://ocelot.readthedocs.io/en/23.3.6/) > Hot fixed version: [23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4) > Milestone: [October'24](https://github.com/ThreeMammals/Ocelot/milestone/7) :heart: A heartfelt "Thank You" to **[Nikolai Masson](https://github.com/Niksson)** (@Niksson) and **[Nikolay Kuksov](https://github.com/kick2nick)** (@kick2nick) for their contributions! ### ℹ️ About This release provides minor bug fixes from the previous [23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4) release. All bugs have been addressed in the [October'24](https://github.com/ThreeMammals/Ocelot/milestone/7) milestone. :notebook: For projects utilizing the [Service Discovery](https://ocelot.readthedocs.io/en/latest/features/servicediscovery.html) feature, it is recommended to update to this version to benefit from the unstable release [23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4), which includes fixes for both `Consul` and `Kube` discovery providers. ### 🧑💻 Technical Information The Ocelot solution encountered a significant issue with the disabled scope validation of services in the DI-container, affecting both testing projects and the core library. Initially, this was not problematic when services were designed as singletons by previous contributors and our team. However, with the introduction of more scoped services by the Ocelot team, it became clear that our testing projects could not adequately handle them. This patch introduces scope validation across all domains: unit tests, acceptance tests, and the core library itself. We advise always enabling scope validation in your custom Ocelot solutions, especially when dealing with numerous C# overridden classes in the DI-container and any attached custom functionality. The patch enhances functionality for two primary [Service Discovery](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/servicediscovery.rst) providers: - The [Ocelot.Provider.Consul](https://www.nuget.org/packages/Ocelot.Provider.Consul) provider. The addressed bug is issue #2178, reported on October 17, 2024. The `System.InvalidOperationException` error stating _"Cannot resolve scoped service 'Ocelot.Provider.Consul.Interfaces.IConsulServiceBuilder' from root provider"_ has been resolved. To clarify, the `IConsulServiceBuilder` service is a scoped service in DI, injected via the `AddConsul()` or [AddConsul<T>()](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/servicediscovery.rst#addconsult-method) methods. Therefore, the `DefaultConsulServiceBuilder` should also be a scoped service, with `HttpContext` injected to meet your development requirements. - The [Ocelot.Provider.Kubernetes](https://www.nuget.org/packages/Ocelot.Provider.Kubernetes) provider had an issue reported as #977 on August 1, 2019. It involved a `System.InvalidOperationException` with the message: _"Cannot resolve scoped service 'KubeClient.IKubeApiClient' from root provider."_ This "invalid scopes" error occurred only in development mode, as release mode DLLs do not validate scopes. However, the `KubeApiClient` is designed to have a [scoped](https://github.com/tintoy/dotnet-kube-client/blob/84b055c885a2afe00781559ea400c0bd8cdfce6d/src/KubeClient.Extensions.DependencyInjection/ClientRegistrationExtensions.cs#L42-L43) lifetime. Acceptance tests passed because scope validation was disabled, and the `KubeClient` was [replaced](https://github.com/ThreeMammals/Ocelot/blob/414f63439d32ed9a3c09a77c86f035ed9c34aa56/test/Ocelot.AcceptanceTests/ServiceDiscovery/KubernetesServiceDiscoveryTests.cs#L315) with a singleton. This inconsistency was identified and reproduced by the old [977 issue](ThreeMammals/Ocelot#977). As a temporary solution, the `IKubeApiClient` was [registered as a singleton](https://github.com/ThreeMammals/Ocelot/blob/e4bc9ff59d9defc385996a09be85fbb845e06af9/src/Ocelot.Provider.Kubernetes/OcelotBuilderExtensions.cs#L16). Looking ahead, our team intends to redesign the Kubernetes provider to have a default service builder that is scoped, similar to the Consul provider. ### ❗ Breaking Changes Upgrading from [23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4) to [23.3.6](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.6) introduces **no breaking changes**. However, upgrading from [23.3.0](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.0) or earlier versions may result in some incompatibilities. For further information, please refer to the release notes of v[23.3.4](https://github.com/ThreeMammals/Ocelot/releases/tag/23.3.4). ### Starring ⭐ aka Release Influencers
⚠️ Breaking Changes Listed by priority: - `ILoadBalancer` interface alteration: Method `Lease` is now `LeaseAsync`. Interface FQN: `Ocelot.LoadBalancer.LoadBalancers.ILoadBalancer` Method FQN: `Ocelot.LoadBalancer.LoadBalancers.ILoadBalancer.LeaseAsync` - `DefaultConsulServiceBuilder` constructor modification: The first parameter's type has been changed from `Func<ConsulRegistryConfiguration>` to `IHttpContextAccessor`. Class FQN: `Ocelot.Provider.Consul.DefaultConsulServiceBuilder` Constructor signature: `public DefaultConsulServiceBuilder(IHttpContextAccessor contextAccessor, IConsulClientFactory clientFactory, IOcelotLoggerFactory loggerFactory)` - Adjustments to `Lease` type: The `Lease` has been restructured from a class to a structure and elevated in the namespace hierarchy. Struct FQN: `Ocelot.LoadBalancer.Lease` 📓 Should your [custom solutions](https://ocelot.readthedocs.io/en/latest/search.html?q=custom) involve overriding default Ocelot classes and their behavior, redevelopment or at least recompilation of the solution, followed by deployment, will be necessary. ### Honoring 🏅 aka Top Contributors 👏 1<sup>st</sup> 🥇 goes to **[Roman Shevchik](https://github.com/antikorol)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+author%3Aantikorol+milestone%3A%22v23.3+Hotfixes%22)** feature in **25** files changed 2<sup>nd</sup> 🥈 goes to **[Ben Bartholomew](https://github.com/ben-bartholomew)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+milestone%3A%22v23.3+Hotfixes%22+author%3Aben-bartholomew)** feature in **7** files changed 3<sup>rd</sup> 🥉 goes to **[Paul Roy](https://github.com/PaulARoy)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+milestone%3A%22v23.3+Hotfixes%22+author%3APaulARoy)** feature in **5** files changed ### Starring ⭐ aka Release Influencers
sloweyyy
added a commit
to sloweyyy/cloud-native-ecommerce-platform
that referenced
this pull request
Mar 25, 2026
Updated [Ocelot](https://github.com/ThreeMammals/Ocelot) from 23.3.3 to 23.4.3. <details> <summary>Release notes</summary> _Sourced from [Ocelot's releases](https://github.com/ThreeMammals/Ocelot/releases)._ ## 23.4.3 ## 🔥 Hot fixing #2246 issue (version 23.4.3) aka v[23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) patch 📦 > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.3/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.3/pdf/) > Hot fixed version: [23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) ### ℹ️ About 🔥 Hot fixed issue: #2246 ❤️ A sincere and heartfelt "Thank You" to **Donny Tian**, @donnytian for reporting the bug. ###⚠️ Warning 1. Consider this patch as the last one supporting .NET 6 and 7 frameworks. For more details, refer to the [previous version notes](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2). 2. No further patches for this minor version are expected. The next major release will be [.NET 9](https://github.com/ThreeMammals/Ocelot/milestone/11), version **24.0**. ### ❗ Breaking Changes Upgrading from [23.4.0](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.0)-[23.4.2](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.2) to [23.4.3](https://github.com/Threeammals/Ocelot/releases/tag/23.4.3) introduces **no breaking changes**. However, some internal interfaces have been updated, which should not introduce IBC for 99.99% of projects. For further information, refer to the source code. ### What's Changed * #2246 Review Core cache and redesign `Regex` caching by @raman-m in ThreeMammals/Ocelot#2251 * Release 23.4.3 | Hot fixing #2246 | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2252 **Full Changelog**: ThreeMammals/Ocelot@23.4.2...23.4.3 ## 23.4.2 ## 📦 End of .NET 6, 7 Support (version 23.4.2) > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.2/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.2/pdf/) > Hot fixed version: [23.4.1](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.1) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) This is the last patched version for .NET 6 and 7 frameworks. The upcoming major release, version [24.0](https://github.com/ThreeMammals/Ocelot/milestone/11), will target .NET 9 alongside the LTS .NET 8. Projects targeting .NET 6 or 7 should update to this version while considering an upgrade to .NET 8 or 9 in the future. ### ℹ️ About - All package versions have been updated to latest versions targeting the `net6.0` and `net7.0` frameworks, along with the LTS `net8.0`. - Dependabot alerts concerning [reported vulnerabilities](https://github.com/ThreeMammals/Ocelot/security/dependabot) related to `IdentityServer4` have not yet been addressed; these will be resolved in the next major release (refer to **Warnings** further information). ### ❗ Warning 1. Releasing a patched `23.4.*` is possible. 2. In the next major version, the Ocelot team will remove references to the [IdentityServer4](https://www.nuget.org/packages/IdentityServer4) package from testing projects due to its "[Public Archive](https://github.com/DuendeArchive/IdentityServer4)" status; the version, [4.1.2](https://github.com/DuendeArchive/IdentityServer4/releases/tag/4.1.2), was [released](https://github.com/DuendeArchive/IdentityServer4/releases) on July 7, 2021. 3. The main Ocelot package is not integrated with `IdentityServer4`, allowing Ocelot users to utilize [any authentication provider](ThreeMammals/Ocelot#2194), as Ocelot's [Authentication](https://github.com/ThreeMammals/Ocelot/blob/main/docs/authentication.rst) feature is provider-agnostic. 4. Our plans to utilize the [ASP.NET Core Identity](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity) framework in testing projects due to industry standards, instead the `IdentityServer4` library. 5. Following the release of [.NET 9](https://github.com/ThreeMammals/Ocelot/milestone/11), the team will begin the deprecation of the Ocelot [extension-packages](https://www.nuget.org/profiles/ThreeMammals): `Ocelot.Cache.CacheManager`, `Ocelot.Tracing.Butterfly`, and `Ocelot.Tracing.OpenTracing`. ### What's Changed * Review Dependabot alerts for `net6.0` and `net7.0` target frameworks and bump all packages by @raman-m in ThreeMammals/Ocelot#2220 * Release 23.4.2 | End of .NET 6, 7 Support | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2221 **Full Changelog**: ThreeMammals/Ocelot@23.4.1...23.4.2 ## 23.4.1 ## 📦 Routing patch (version 23.4.1) > Read the Docs: [Ocelot 23.4](https://ocelot.readthedocs.io/en/23.4.1/) with [PDF](https://ocelot.readthedocs.io/_/downloads/en/23.4.1/pdf/) > Hot fixed version: [23.4.0](https://github.com/ThreeMammals/Ocelot/releases/tag/23.4.0) > Milestone: [November'24](https://github.com/ThreeMammals/Ocelot/milestone/10) :heart: A heartfelt "Thank You" to **[Guillaume Gnaegi](https://github.com/ggnaegi)** (@ggnaegi) ### ℹ️ About 🔥 Hot fixed issues: #2165 #2209 #2212 ### What's Changed * #2165 Global configuration `SecurityOptions` by @Fabman08 in ThreeMammals/Ocelot#2170 * #2209 Placeholders matching must work if RouteIsCaseSensitive = false by @ggnaegi in ThreeMammals/Ocelot#2210 * File-scoped namespaces everywhere by @raman-m in ThreeMammals/Ocelot#2211 * #2212 Incorrect calculation of placeholders, only the last placeholder should be allowed to match several segments by @ggnaegi in ThreeMammals/Ocelot#2213 * Release 23.4.1 | Routing patch | November'24 release | +semver: patch by @raman-m in ThreeMammals/Ocelot#2215 **Full Changelog**: ThreeMammals/Ocelot@23.4.0...23.4.1 ## 23.4.0 ## 🔀 Routing Update (version 23.4.0) aka [McDonald's](https://www.youtube.com/watch?v=_PgYAPdOs9M) release > Codenamed: **[McDonald's](https://www.youtube.com/watch?v=_PgYAPdOs9M)** > Read the Docs: [Ocelot 23.4.0](https://ocelot.readthedocs.io/en/23.4.0/) ### ℹ️ About This minor release significantly upgrades the [Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst) feature by supporting [embedded placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1) within path segments (between slashes). Additionally, the team has focused on enhancing the performance of `Regex` objects. ### 🆕 What's new? - **[Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst)**: Introducing the new "[Embedded Placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1)" feature by @ggnaegi. As of November 2024, Ocelot was unable to process multiple [placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#placeholders) embedded between two forward slashes. It was also challenging to differentiate the placeholder from other elements within the slashes. For example, `/{url}-2/` for `/y-2/` would yield `{url} = y-2`. We are excited to introduce an enhanced method for evaluating placeholders that allows for the resolution of [placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#placeholders) within complex URLs. For additional information, refer to PR #2200. ### 🆙 Focus On <details> <summary><b>Features</b>: Routing, Core, Rate Limiting, Middleware Injection</summary> - [Routing](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/routing.rst): The new feature is "[Embedded Placeholders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/routing.rst#embedded-placeholders-1)" by @ggnaegi. - [Core](https://github.com/ThreeMammals/Ocelot/labels/Core): All `Regex` logic has been refactored by @EngRajabi. The Ocelot Core now boasts improved performance of `Regex` objects, striving to adhere to the [Best Practices for Regular Expressions in .NET](https://docs.microsoft.com/en-us/dotnet/standard/base-types/best-practices). It is estimated that each request could save from 1 to over 10 microseconds in processing time (though no benchmarks have been developed to measure this). - [Rate Limiting](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/ratelimiting.rst): The persistent issue with [Rate Limiting headers](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/ratelimiting.rst#global-configuration:~:text=headers) has been resolved by @jlukawska. The problem was the absence of unofficial `X-Rate-Limit-*` headers (found in the [RateLimitingHeaders](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/src/Ocelot/RateLimiting/RateLimitingHeaders.cs) class) in the `RateLimitingMiddleware`'s response. For more details, see PR #1307. Note that these unofficial headers have not yet been documented, so they may be subject to change since [Ocelot's RateLimiting headers do not align with industry standards](https://github.com/ThreeMammals/Ocelot/blob/27d3df2d0fdfbf5acde12d9442dfc08836e8b982/src/Ocelot/RateLimiting/RateLimitingHeaders.cs#L6). - [Middleware Injection](https://github.com/ThreeMammals/Ocelot/blob/main/docs/features/middlewareinjection.rst): The `OcelotPipelineConfiguration.ClaimsToHeadersMiddleware` property has been introduced by @kesskalli. This new property enables the overriding of the [ClaimsToHeadersMiddleware](https://github.com/ThreeMammals/Ocelot/blob/23.4.0/docs/features/middlewareinjection.rst#middleware-injection:~:text=ClaimsToHeadersMiddleware). For additional information, refer to PR #1403. </details> <details> <summary><b>Documentation</b> for <a href="https://ocelot.readthedocs.io/en/23.4.0/">v23.4.0</a></summary> - [Routing](https://ocelot.readthedocs.io/en/23.4.0/features/routing.html): Introducing a new section on [Embedded Placeholders](https://ocelot.readthedocs.io/en/23.4.0/features/routing.html#embedded-placeholders) - [Middleware Injection](https://ocelot.readthedocs.io/en/23.4.0/features/middlewareinjection.html): Documentation now includes the [ClaimsToHeadersMiddleware](https://ocelot.readthedocs.io/en/23.4.0/features/middlewareinjection.html#middleware-injection:~:text=ClaimsToHeadersMiddleware) feature </details> ### Honoring 🏅 aka Top Contributors 👏 1<sup>st</sup> 🥇 goes to **[Mohsen Rajabi](https://github.com/EngRajabi)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3AEngRajabi+milestone%3ANovember%2724)** feature in **12** files changed 2<sup>nd</sup> 🥈 goes to **[Jolanta Łukawska](https://github.com/jlukawska)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3Ajlukawska+milestone%3ANovember%2724)** feature in **8** files changed 3<sup>rd</sup> 🥉 goes to **[Karim Esskalli](https://github.com/kesskalli)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+author%3Akesskalli+milestone%3ANovember%2724)** feature in **6** files changed ### Starring ⭐ aka Release Influencers⚠️ Breaking Changes Listed by priority: - `ILoadBalancer` interface alteration: Method `Lease` is now `LeaseAsync`. Interface FQN: `Ocelot.LoadBalancer.LoadBalancers.ILoadBalancer` Method FQN: `Ocelot.LoadBalancer.LoadBalancers.ILoadBalancer.LeaseAsync` - `DefaultConsulServiceBuilder` constructor modification: The first parameter's type has been changed from `Func<ConsulRegistryConfiguration>` to `IHttpContextAccessor`. Class FQN: `Ocelot.Provider.Consul.DefaultConsulServiceBuilder` Constructor signature: `public DefaultConsulServiceBuilder(IHttpContextAccessor contextAccessor, IConsulClientFactory clientFactory, IOcelotLoggerFactory loggerFactory)` - Adjustments to `Lease` type: The `Lease` has been restructured from a class to a structure and elevated in the namespace hierarchy. Struct FQN: `Ocelot.LoadBalancer.Lease` 📓 Should your [custom solutions](https://ocelot.readthedocs.io/en/latest/search.html?q=custom) involve overriding default Ocelot classes and their behavior, redevelopment or at least recompilation of the solution, followed by deployment, will be necessary. ### Honoring 🏅 aka Top Contributors 👏 1<sup>st</sup> 🥇 goes to **[Roman Shevchik](https://github.com/antikorol)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+author%3Aantikorol+milestone%3A%22v23.3+Hotfixes%22)** feature in **25** files changed 2<sup>nd</sup> 🥈 goes to **[Ben Bartholomew](https://github.com/ben-bartholomew)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+milestone%3A%22v23.3+Hotfixes%22+author%3Aben-bartholomew)** feature in **7** files changed 3<sup>rd</sup> 🥉 goes to **[Paul Roy](https://github.com/PaulARoy)** for delivering **[1](https://github.com/ThreeMammals/Ocelot/pulls?q=is%3Apr+is%3Aclosed+milestone%3A%22v23.3+Hotfixes%22+author%3APaulARoy)** feature in **5** files changed ### Starring ⭐ aka Release Influencers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hot fixing v23.3.4 (version 23.3.6) aka October'24 release
Milestone: October'24
Version: 23.3.6
🔥 Hot fixes
HttpContextrequest services for theIConsulServiceBuilderservice #2179KubeandPollKubediscovery providers #2180Predecessors
Successor