Bump github.com/nats-io/nats-server/v2 from 2.11.3 to 2.12.1 #2344

Closed

dependabot[bot] wants to merge 1 commit from refs/pull/2344/head into main

dependabot[bot] commented

2025-10-20 02:16:25 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1809
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1809
Original created: 2025-10-20T02:16:25Z
Original updated: 2025-11-20T04:04:33Z
Original head: carverauto/serviceradar:dependabot/go_modules/github.com/nats-io/nats-server/v2-2.12.1
Original base: main

Bumps github.com/nats-io/nats-server/v2 from 2.11.3 to 2.12.1.

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.12.1

Changelog

Refer to the 2.12 Upgrade Guide for backwards compatibility notes with 2.11.x.

Go Version

1.25.3 (#7428)

Dependencies

github.com/google/go-tpm v0.9.6 (#7374)

github.com/nats-io/nats.go v1.46.0 (#7374)

golang.org/x/crypto v0.43.0 (#7423)

golang.org/x/sys v0.37.0 (#7423)

golang.org/x/time v0.14.0 (#7423)

Added

General

The NewServerFromConfig function has been added to the embedded server API for parsing an external configuration file when ConfigFile is supplied (#7364)

WebSocket leafnode connections can now use a HTTP proxy by specifying proxy settings in the leafnode remotes (#7242)

The write_deadline option in the cluster, leafnode and gateway config blocks allows configuring write deadlines on a finger-grained basis (#7405)

Improved

Monitoring

The jsz monitoring endpoint can now report leader counts (#7429)

JetStream

The store lock is no longer held while searching for TTL expiry tasks, improving performance (#7344)

Removing a message from the TTL state is now faster (#7344)

The filestore no longer performs heap allocations for hash checks (#7345)

The filestore now reuses pooled write cache allocations more efficiently (#7346)

Meta snapshot performance for a very large number of assets has been improved after a regression in v2.11.9 (#7350)

Sequence-from-timestamp lookups, such as those using opt_start_time on consumers or start_time on message get requests, now use a binary search for improved lookup performance (#7357)

Scheduled messages are now deactivated properly when followed up with another message on the same subject without a schedule (#7366)

Meta snapshots are no longer taken on every stream removal (#7373)

Filestore cache lookups can now return early for empty blocks (#7381)

Filestore meta files are now written using temporary staging, avoiding accidental truncation on crashes (#7388)

Atomic batch publish now supports deduplication with the Nats-Msg-Id header (#7391)

Cache-specific log lines in the filestore have been improved (#7396)

Log lines and errors related to offline/unsupported assets are now clearer (#7416, #7425)

Fixed

General

... (truncated)

Commits

fab5f99 Release v2.12.1
bf2c60a Cherry-picks for v2.12.1 (#7430)
350d9d7 [FIXED] Filestore unlock when message erase fails
18007b8 [IMPROVED] JSZ Raft leader stats
bc7407a Update to Go 1.25.3/1.24.9
ffbdb10 [FIXED] Trusted Proxies: Reload log message report added keys as removed
59361c9 Release v2.12.1-RC.5
fd8c5b7 Cherry-picks for v2.12.1-RC.5 (#7426)
6c9a051 feat: add riscv64 support
84fe04a NRG: Parallel catchups can truncate committed
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Imported from GitHub pull request. Original GitHub pull request: #1809 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1809 Original created: 2025-10-20T02:16:25Z Original updated: 2025-11-20T04:04:33Z Original head: carverauto/serviceradar:dependabot/go_modules/github.com/nats-io/nats-server/v2-2.12.1 Original base: main --- Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) from 2.11.3 to 2.12.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nats-io/nats-server/releases">github.com/nats-io/nats-server/v2's releases</a>.</em></p> <blockquote> <h2>Release v2.12.1</h2> <h2>Changelog</h2> <p>Refer to the <a href="https://docs.nats.io/release-notes/whats_new/whats_new_212">2.12 Upgrade Guide</a> for backwards compatibility notes with 2.11.x.</p> <h3>Go Version</h3> <ul> <li>1.25.3 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7428">#7428</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>github.com/google/go-tpm v0.9.6 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7374">#7374</a>)</li> <li>github.com/nats-io/nats.go v1.46.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7374">#7374</a>)</li> <li>golang.org/x/crypto v0.43.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7423">#7423</a>)</li> <li>golang.org/x/sys v0.37.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7423">#7423</a>)</li> <li>golang.org/x/time v0.14.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7423">#7423</a>)</li> </ul> <h3>Added</h3> <p>General</p> <ul> <li>The <code>NewServerFromConfig</code> function has been added to the embedded server API for parsing an external configuration file when <code>ConfigFile</code> is supplied (<a href="https://redirect.github.com/nats-io/nats-server/issues/7364">#7364</a>)</li> <li>WebSocket leafnode connections can now use a HTTP proxy by specifying <code>proxy</code> settings in the leafnode <code>remotes</code> (<a href="https://redirect.github.com/nats-io/nats-server/issues/7242">#7242</a>)</li> <li>The <code>write_deadline</code> option in the <code>cluster</code>, <code>leafnode</code> and <code>gateway</code> config blocks allows configuring write deadlines on a finger-grained basis (<a href="https://redirect.github.com/nats-io/nats-server/issues/7405">#7405</a>)</li> </ul> <h3>Improved</h3> <p>Monitoring</p> <ul> <li>The <code>jsz</code> monitoring endpoint can now report leader counts (<a href="https://redirect.github.com/nats-io/nats-server/issues/7429">#7429</a>)</li> </ul> <p>JetStream</p> <ul> <li>The store lock is no longer held while searching for TTL expiry tasks, improving performance (<a href="https://redirect.github.com/nats-io/nats-server/issues/7344">#7344</a>)</li> <li>Removing a message from the TTL state is now faster (<a href="https://redirect.github.com/nats-io/nats-server/issues/7344">#7344</a>)</li> <li>The filestore no longer performs heap allocations for hash checks (<a href="https://redirect.github.com/nats-io/nats-server/issues/7345">#7345</a>)</li> <li>The filestore now reuses pooled write cache allocations more efficiently (<a href="https://redirect.github.com/nats-io/nats-server/issues/7346">#7346</a>)</li> <li>Meta snapshot performance for a very large number of assets has been improved after a regression in v2.11.9 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7350">#7350</a>)</li> <li>Sequence-from-timestamp lookups, such as those using <code>opt_start_time</code> on consumers or <code>start_time</code> on message get requests, now use a binary search for improved lookup performance (<a href="https://redirect.github.com/nats-io/nats-server/issues/7357">#7357</a>)</li> <li>Scheduled messages are now deactivated properly when followed up with another message on the same subject without a schedule (<a href="https://redirect.github.com/nats-io/nats-server/issues/7366">#7366</a>)</li> <li>Meta snapshots are no longer taken on every stream removal (<a href="https://redirect.github.com/nats-io/nats-server/issues/7373">#7373</a>)</li> <li>Filestore cache lookups can now return early for empty blocks (<a href="https://redirect.github.com/nats-io/nats-server/issues/7381">#7381</a>)</li> <li>Filestore meta files are now written using temporary staging, avoiding accidental truncation on crashes (<a href="https://redirect.github.com/nats-io/nats-server/issues/7388">#7388</a>)</li> <li>Atomic batch publish now supports deduplication with the <code>Nats-Msg-Id</code> header (<a href="https://redirect.github.com/nats-io/nats-server/issues/7391">#7391</a>)</li> <li>Cache-specific log lines in the filestore have been improved (<a href="https://redirect.github.com/nats-io/nats-server/issues/7396">#7396</a>)</li> <li>Log lines and errors related to offline/unsupported assets are now clearer (<a href="https://redirect.github.com/nats-io/nats-server/issues/7416">#7416</a>, <a href="https://redirect.github.com/nats-io/nats-server/issues/7425">#7425</a>)</li> </ul> <h3>Fixed</h3> <p>General</p>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nats-io/nats-server/commit/fab5f999a25dfcdbd4c80d6f7c43cf87f571968f"><code>fab5f99</code></a> Release v2.12.1</li> <li><a href="https://github.com/nats-io/nats-server/commit/bf2c60af2c8f49338f0dd88d1723b3806606faae"><code>bf2c60a</code></a> Cherry-picks for v2.12.1 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7430">#7430</a>)</li> <li><a href="https://github.com/nats-io/nats-server/commit/350d9d7ebb3dfbb54fa769398fa3dc13c44ff4c7"><code>350d9d7</code></a> [FIXED] Filestore unlock when message erase fails</li> <li><a href="https://github.com/nats-io/nats-server/commit/18007b87e5b5cd336c8cb8f7e22bcf70a600483f"><code>18007b8</code></a> [IMPROVED] JSZ Raft leader stats</li> <li><a href="https://github.com/nats-io/nats-server/commit/bc7407a8643aa06c14fb9eea777555bffc9559d5"><code>bc7407a</code></a> Update to Go 1.25.3/1.24.9</li> <li><a href="https://github.com/nats-io/nats-server/commit/ffbdb107c971f5962175d32d38aeef52225c81cf"><code>ffbdb10</code></a> [FIXED] Trusted Proxies: Reload log message report added keys as removed</li> <li><a href="https://github.com/nats-io/nats-server/commit/59361c973b0b85991b4c053c30a406dcfdc185e5"><code>59361c9</code></a> Release v2.12.1-RC.5</li> <li><a href="https://github.com/nats-io/nats-server/commit/fd8c5b71ad2ec1c6a530e17b46f9fd3f8dd54c69"><code>fd8c5b7</code></a> Cherry-picks for v2.12.1-RC.5 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7426">#7426</a>)</li> <li><a href="https://github.com/nats-io/nats-server/commit/6c9a051a9ef6d03792bceeccb808d6d8f2e5a548"><code>6c9a051</code></a> feat: add riscv64 support</li> <li><a href="https://github.com/nats-io/nats-server/commit/84fe04a5adac0cc1b3089bc6500f950d7a491ed9"><code>84fe04a</code></a> NRG: Parallel catchups can truncate committed</li> <li>Additional commits viewable in <a href="https://github.com/nats-io/nats-server/compare/v2.11.3...v2.12.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/nats-io/nats-server/v2&package-manager=go_modules&previous-version=2.11.3&new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented

2025-11-20 04:04:27 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1809#issuecomment-3555668585
Original created: 2025-11-20T04:04:27Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Imported GitHub PR comment. Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1809#issuecomment-3555668585 Original created: 2025-11-20T04:04:27Z --- OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it.