✅ Added
- GPT Module Enhancements: Add Ollama support and token usage logging for OpenAI-compatible APIs
- Fuzzy Storage Improvements: Add support for separate read and write servers in fuzzy check
- CDB Maps Support: Allow CDB files as external maps for improved performance
- Contextal Integration: New plugin to integrate with Contextal platform for advanced threat detection
- Enhanced Logging: Allow to specify max log tag length for all log messages and log tag in proxy
- Proxy Improvements: Add keep-alive support, HTTPS backend connections, and extra headers specification
- Redis Version Support: Allow to specify Redis version for compatibility
- HEIC File Support: Add HEIC files patterns for better image analysis
- Enhanced Maps Management: Show all maps status and output content for all maps
- File Upload in WebUI: Add file upload functionality to Test Selectors
- Convenience Methods: Add various convenience methods for Lua development
- Enhanced Fuzzy Operations: Add deletion of specific fuzzy hashes in WebUI
- Improved Error Handling: Better error messages for multimap invalid types
🔄 Improved
- Security Enhancements: Critical fix to disable macros and file variables by default in lua-ucl
- Maps Loading: Fix race condition in maps loading by unlocking backend on switch
- Greylisting: Improve body hash calculations for better accuracy
- Replies Module: Rework to consider all recipients and use SMTP ones
- WebUI Updates: Update Bootstrap, D3 and PrismJS libraries to latest versions
- Lua Logging: Major improvements to logging output format and complex table key support
- Fuzzy Storage: Better handling of fuzzy lua callback when there are no shingles
- Milter Headers: Fix logic error in skip_wanted() function
- Known Senders: Improved recipients test logic and consistency with replies module
- Maps Management: Grey out not loaded maps in the Maps table for better visibility
- Redis Integration: Improve Redis script loading and caching framework usage
- Configuration: Use safe parsers everywhere except configuration for security
- Build System: Modernize cmake and improve sanitizers support
- Documentation: Update API docs for multiple HTTP headers and various other improvements
🔧 Fixed
- Critical Security: Disable macros and file variables by default in lua-ucl parser
- Race Conditions: Fix race condition in maps loading by unlocking backend on switch
- Memory Issues: Fix lua-bit stack buffer overflow vulnerability
- Proxy Crashes: Prevent crashes when accessing upstream address in self-scan mode
- Maps Management: Fix maps IDs and static maps description passing
- Fuzzy Storage: Filter invalid domains in fuzzy extra data
- Redis Integration: Fix various Redis-related issues and improve script loading
- WebUI Issues: Fix Fuzzy hashes card close button alignment and map editor modal handling
- Build Issues: Fix Debian package build and RPM log directory attributes
- Compiler Warnings: Fix various compile warnings and compatibility issues
- Test Framework: Fix various test issues and improve test configuration
- Documentation: Fix writing rules tutorial link and various documentation issues
- URL Lists: Update default URL for openphish and fix various URL-related issues
- Headers Processing: Fix header processing in various modules
- Lua Integration: Fix various Lua-related issues and improve error handling
🔄 Changed
- Configuration: Use safe parsers everywhere except configuration for enhanced security
- Maps Architecture: Rework to use locks/loaded per backend for all maps
- Replies Logic: Consider all recipients and use SMTP ones instead of just From header
- Fuzzy Storage: Remove servers completely and use
read_servers for all compatibility - Logging Format: Improve format string processing and logging output
- Build System: Modernize cmake and rework OSDep for better maintainability
- WebUI: Rework file upload JS implementation and improve user interface
- Documentation: Update various documentation files and improve API documentation
- Error Handling: Improve error messages and handling throughout the codebase
- Performance: Various performance improvements in maps, Redis, and fuzzy operations
❌ Removed
- Deprecated Features: Remove various deprecated and unused code paths
- Unused Helpers: Remove unused cleanTextUpload helper and other obsolete code
- Legacy Support: Remove compatibility code that is no longer needed
🛡️ Security
- Critical Fix: Disable macros and file variables by default in lua-ucl parser
- Memory Safety: Fix lua-bit stack buffer overflow vulnerability
- Input Validation: Improve input validation and error handling throughout
- Configuration Security: Use safe parsers everywhere except configuration
📝 Performance
- Maps Loading: Optimize maps loading with better caching and race condition fixes
- Redis Operations: Improve Redis script loading and caching framework usage
- Fuzzy Storage: Better handling of fuzzy operations and storage management
- Memory Usage: Various memory optimization improvements
📝 Documentation
- API Documentation: Update API docs for multiple HTTP headers and various modules
- Tutorial Links: Fix writing rules tutorial link and other documentation references
- Examples: Add more examples for Lua HTTP and other modules
- Configuration: Improve configuration documentation and examples
📝 Testing
- Test Framework: Fix various test issues and improve test configuration
- Fuzzy Tests: Add comprehensive tests for split, read-only, and write-only server modes
- CDB Maps: Add tests for CDB maps functionality
- HEIC Recognition: Add tests for HEIC file recognition
This release includes significant security improvements, enhanced functionality, and better performance across all components of Rspamd. The addition of Contextal integration, improved fuzzy storage, and enhanced WebUI features make this a major release with substantial improvements for users.