v1.1.0-alpha.13

v1.1.0-alpha.13 - 2025-10-31

Bug Fixes

• bifrost: skip reparsing the disabled ProxyPass to avoid parsing incorrect reverse proxy information

v1.1.0-alpha.12

v1.1.0-alpha.12 - 2025-10-30

Bug Fixes

• bifrost: fix the issue where the ProxyPass.ReparseParams method often fails to obtain server information in the Upstream context during parsing

v1.1.0-alpha.11

v1.1.0-alpha.11 - 2025-10-29

Bug Fixes

• bifrost: make the ProxyPass interface object support variable addresses

v1.1.0-alpha.10

v1.1.0-alpha.10 - 2025-10-28

Bug Fixes

• bifrost: fix the issue where the SetValue method of the ProxyPass interface cannot modify values due to abnormal value verification logic; fix the bug where the relevant json fields for serialization and deserialization of the "StreamProxyPass" context object are undefined

v1.1.0-alpha.9

v1.1.0-alpha.9 - 2025-10-22

Bug Fixes

• fix known vulnerabilities, CVE IDs as follows: CVE-2025-30204, CVE-2025-22872, CVE-2025-22870

Code Refactoring

• bifrost: adjust the concurrency architecture of the Bifrost server
• bifrost: combine the sync.errgroup package and adjust the concurrency architecture of the monitor package
• bifrost: adjust the concurrency architecture of the monitor package
• bifrost: adjust the matching logic of the KeyWords interface object

Features

• bifrost: the NginxConfigManager server has added a new feature that can automatically and periodically parse the domain names of servers being reverse-proxied
• bifrost: added proxy information parsing and context validation functions for the HTTPProxyPass and StreamProxyPass contexts
• bifrost: added HTTPProxyPass and StreamProxyPass contexts, which are sub-objects of the Directive context; completed the proxy information parsing mechanism for these two newly added Directive contexts.
• web_server_config: add Network Connectivity Check Of The Proxied Server gRPC Server

BREAKING CHANGE

the bifrost gRPC server APIs have added WebServerConfig.ConnectivityCheckOfProxiedServers server

The protobuf of the bifrost gRPC server APIs has been added as follows:

Protocols of addition:

...
service WebServerConfig {
  ...
  rpc ConnectivityCheckOfProxiedServers(ServerConfigContextPos) returns (ContextData) {}
}

...

message ServerConfigContextPos {
  string ServerName = 1;
  ContextPos ContextPos = 2;
  bytes OriginalFingerprints = 3;
}

message ContextPos {
  string ConfigPath = 1;
  repeated int32 Pos = 2;
}

message ContextData {
  bytes JsonData = 1;
}

...

The bifrost gRPC server APIs client SDK has been added as follows:

Methods of addition to WebServerConfigService Client Service:

type WebServerConfigService interface {
    ...
    ConnectivityCheckOfProxiedServers(servname string, proxyPass local.ProxyPass, originalFingerprints utilsV3.ConfigFingerprints) (resp local.ProxyPass, err error)
    ...
}

change the method name SetMatchingFilter in the KeyWords interface to AppendMatchingFilter; change the name of the NewKeyWords function, which builds the KeyWords interface object, to NewKeyWordsByType, and add a new NewKeyWords function to build a KeyWords interface object for custom matching filter function.

The method of the KeyWords interface has been changed as follows:

Before:

type KeyWords interface {
    ...
    SetMatchingFilter(filterFunc func(targetCtx Context) bool) KeyWords
}

After:

type KeyWords interface {
    ...
    AppendMatchingFilter(filterFunc func(targetCtx Context) bool) KeyWords
}

The modification of the NewKeyWords function is as follows:

Before:

func NewKeyWords(ctxtype context_type.ContextType) KeyWords {
    ...
}

After:

func NewKeyWordsByType(ctxtype context_type.ContextType) KeyWords {
    ...
}

Added a constructor function NewKeyWords for custom injection matching filter function, as follows:

func NewKeyWords(matchingFilterFunc func(targetCtx Context) bool) KeyWords {
    ...
}

the SetMatchingFilter method has been added to the context.KeyWords interface, which is used for the custom matching mechanism of target context keyword retrieval.

The method of the KeyWords interface has been added as follows:

Addition of methods:

type KeyWords interface {
    ...
    SetMatchingFilter(filterFunc func(targetCtx Context) bool) KeyWords

v1.1.0-alpha.8

v1.1.0-alpha.8 - 2025-02-25

Features

• bifrost: add updating check feature in the bifrostpb.WebServerConfig gRPC service

BREAKING CHANGE

adjusted the gRPC protocol and added the OriginalFingerprints data field to the ServerConfig message structure; Optimized the WebServerConfigService service interface methods for the gRPC service client.

The ServerConfig message structure field has been added as follows:

Addition of message structure fields:

message ServerConfig {
  ...
  bytes OriginalFingerprints = 3;
}

The adjustment of the WebServerConfigService service interface methods for the gRPC service client are as follows:

Before:

type WebServerConfigService interface {
    GetServerNames() (servernames []string, err error)
    Get(servername string) ([]byte, error)
    Update(servername string, config []byte) error
}

After:

import (
    ...
    "github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration"
    utilsV3 "github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/utils"
    ...
)

type WebServerConfigService interface {
    GetServerNames() (servernames []string, err error)
    Get(servername string) (config configuration.NginxConfig, originalFingerprinter utilsV3.ConfigFingerprinter, err error)
    Update(servername string, config configuration.NginxConfig, originalFingerprints utilsV3.ConfigFingerprints) error
}

v1.1.0-alpha.7

v1.1.0-alpha.7 - 2025-02-19

Code Refactoring

• delete mistakenly added structure

Features

• resolv: make the Context more supportive of functional-style operations on streams of elements

BREAKING CHANGE

removed the Query related methods of the Context interface and added the PosSet interface.

The Query related methods of the Context interface has been removed as follows:

Methods of deletion to Context:

type Context interface {
    ...
    QueryByKeyWords(kw KeyWords) Pos
    QueryAllByKeyWords(kw KeyWords) []Pos
    ...
}

Methods of addition to Context Interface:

type Context interface {
    ...
    ChildrenPosSet() PosSet
    ...
}

Added the PosSet interface as follows:

Interface of addition:

type PosSet interface {
    Filter(fn func(pos Pos) bool) PosSet
    Map(fn func(pos Pos) (Pos, error)) PosSet
    MapToPosSet(fn func(pos Pos) PosSet) PosSet
    QueryOne(kw KeyWords) Pos
    QueryAll(kw KeyWords) PosSet
    List() []Pos
    Targets() []Context
    Append(pos ...Pos) PosSet
    AppendWithPosSet(posSet PosSet) PosSet
    Error() error
}

Methods of addition to Pos Interface:

type Pos interface {
    ...
    QueryOne(kw KeyWords) Pos
    QueryAll(kw KeyWords) PosSet
}

To migrate the code for the Context operations, follow the example below:

Before:

package main

import (
	"fmt"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context_type"

	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context/local"
)

func main() {
    conf, err := configuration.NewNginxConfigFromJsonBytes(jsondata)
    if err != nil {
        panic(err)
    }
    for _, pos := range conf.Main().QueryByKeyWords(context.NewKeyWords(context_type.TypeHttp).
	        SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Target().
	    QueryByKeyWords(context.NewKeyWords(context_type.TypeServer).
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Target().
        QueryAllByKeyWords(context.NewKeyWords(context_type.TypeDirective).
            SetCascaded(false).
            SetStringMatchingValue("server_name test1.com").
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)) { // query `server` context, its server name is "test1.com"
        server, _ := pos.Position()
        if server.QueryByKeyWords(context.NewKeyWords(context_type.TypeDirective).
                SetCascaded(false).
                SetRegexpMatchingValue("^listen 80$").
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Target().Error() != nil { // query `server` context, its listen port is 80
            continue
        }
        // query the "proxy_pass" `directive` context, which is in `if` context(value: "($http_api_name != '')") and `location` context(value: "/test1-location")
        ctx, idx := server.QueryByKeyWords(context.NewKeyWords(context_type.TypeLocation).
                SetRegexpMatchingValue(`^/test1-location$`).
                SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Target().
            QueryByKeyWords(context.NewKeyWords(context_type.TypeIf).
                SetRegexpMatchingValue(`^\(\$http_api_name != ''\)$`).
                SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Target().
            QueryByKeyWords(context.NewKeyWords(context_type.TypeDirective).
                SetStringMatchingValue("proxy_pass").
                SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).Position()
        // insert an inline comment after the "proxy_pass" `directive` context
        err = ctx.Insert(local.NewContext(context_type.TypeInlineComment, fmt.Sprintf("[%s]test comments", time.Now().String())), idx+1).Error()
        if err != nil {
			panic(err)
        }
    }
}

After:

package main

import (
	"fmt"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context_type"

	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context"
	"github.com/ClessLi/bifrost/pkg/resolv/V3/nginx/configuration/context/local"
)

func main() {
    conf, err := configuration.NewNginxConfigFromJsonBytes(jsondata)
    if err != nil {
        panic(err)
	}
    ctx, idx := conf.Main().ChildrenPosSet().
        QueryOne(nginx_ctx.NewKeyWords(context_type.TypeHttp).
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
        QueryAll(nginx_ctx.NewKeyWords(context_type.TypeServer).
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
        Filter( // filter out `server` context positions, theirs server name is "test1.com"
            func(pos nginx_ctx.Pos) bool {
            return pos.QueryOne(context.NewKeyWords(context_type.TypeDirective).
                    SetCascaded(false).
                    SetStringMatchingValue("server_name test1.com").
                    SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
                Target().Error() == nil
            },
        ).
        Filter( // filter out `server` context positions, theirs listen port is 80
            func(pos nginx_ctx.Pos) bool {
                return pos.QueryOne(context.NewKeyWords(context_type.TypeDirective).
                        SetCascaded(false).
                        SetRegexpMatchingValue("^listen 80$").
                        SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
                    Target().Error() == nil
            },
        ).
        // query the "proxy_pass" `directive` context position, which is in `if` context(value: "($http_api_name != '')") and `location` context(value: "/test1-location")
        QueryOne(nginx_ctx.NewKeyWords(context_type.TypeLocation).
            SetRegexpMatchingValue(`^/test1-location$`).
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
        QueryOne(nginx_ctx.NewKeyWords(context_type.TypeIf).
            SetRegexpMatchingValue(`^\(\$http_api_name != ''\)$`).
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
        QueryOne(nginx_ctx.NewKeyWords(context_type.TypeDirective).
            SetStringMatchingValue("proxy_pass").
            SetSkipQueryFilter(context.SkipDisabledCtxFilterFunc)).
        Position()
    // insert an inline comment after the "proxy_pass" `directive` context
    err = ctx.Insert(local.NewContext(context_type.TypeInlineComment, fmt.Sprintf("[%s]test comments", time.Now().String())), idx+1).Error()
    if err != nil {
        panic(err)
    }
}

v1.1.0-alpha.6

v1.1.0-alpha.6 - 2025-01-22

Bug Fixes

• web_server_bin_cmd: fixed the issue where non-corresponding binary file were used for executing commands on the specified web server; adjusted the web server binary file execution receipt collection and output scheme

v1.1.0-alpha.5

v1.1.0-alpha.5 - 2025-01-17

Features

• web_server_bin_cmd: add Web Service Binary Command Execution gRPC Server

BREAKING CHANGE

the bifrost gRPC server APIs have added WebServerBinCMD.Exec server

The protobuf of the bifrost gRPC server APIs has been added as follows:

Protocols of addition:

service WebServerBinCMD {
  rpc Exec(ExecuteRequest) returns (ExecuteResponse) {}
}

message ExecuteRequest {
  string ServerName = 1;
  repeated string Args = 2;
}

message ExecuteResponse {
  bool Successful = 1;
  bytes Stdout = 2;
  bytes Stderr = 3;
}

The bifrost gRPC server APIs client SDK has been added as follows:

Methods of addition to Client Service Factory:

type Factory interface {
    ...
    WebServerBinCMD() WebServerBinCMDService
}

Interface of addition to Client Service:

type WebServerBinCMDService interface {
    Exec(servername string, arg ...string) (isSuccessful bool, stdout, stderr string, err error)
}

v1.1.0-alpha.4

v1.1.0-alpha.4 - 2025-01-15

Performance Improvements

• resolv: adjust the mechanism for determining whether the include context is located in the topology
• resolv: optimizing Nginx configuration context object operation performance expenses