1.31.0 (Pending)

Incompatible behavior changes

Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required

ext_proc: Adding support for route_cache_action. It specifies the route action to be taken when an external processor response is received in response to request headers.
http2: Changes the default value of envoy.reloadable_features.http2_use_oghttp2 to true. This changes the codec used for HTTP/2 requests and responses. This behavior can be reverted by setting the feature to false.
thread_local: Changes the behavior of the SlotImpl class destructor. With this change the destructor can be called on any thread. This behavior can be reverted by setting the runtime flag envoy.reloadable_features.allow_slot_destroy_on_worker_threads to false.

Changes that may cause incompatibilities for some users, but should not for most

dns: Changes the behavior of the getaddrinfo DNS resolver so that it treats EAI_NODATA and EAI_NONAME as successful queries with empty results, instead of as DNS failures. This change brings the getaddrinfo behavior in-line with the c-ares resolver behavior. This behavior can be reverted by setting the runtime guard envoy.reloadable_features.dns_nodata_noname_is_success to false.
statistics: Hot restart statistics like hot_restart_epoch are only set when hot restart is enabled.
tracers: Set status code for OpenTelemetry tracers (previously unset).
udp: Change GRO read buffer to 64kB to avoid MSG_TRUNC. And change the way to limit the number of packets processed per event loop to work with GRO. This behavior can be reverted by setting runtime guard envoy.reloadable_features.udp_socket_apply_aggregated_read_limit to false.
xds: Updated xDS-TP path naming to better comply with RFC-3986. Encoded resource paths can now include an a colon :, instead of %3A. This behavior can be reverted by setting the runtime flag envoy.reloadable_features.xdstp_path_avoid_colon_encoding to false.

Changes expected to improve the state of the world and are unlikely to have negative effects

cares: Upgraded c-ares library to 1.20.1 and added fix to c-ares DNS implementation to additionally check for ARES_EREFUSED, ARES_ESERVFAIL``and ``ARES_ENOTIMP status. Without this fix, DestroyChannelOnRefused and CustomResolverValidAfterChannelDestruction unit test will break.
ext_authz: Added field validate_mutations, which, when set to true, adds header & query parameter mutation validation to the http ext_authz filter. If an authz response contains invalid mutations, the filter responds to the downstream request with HTTP 500 Internal Server Error. If you use ext_authz with an untrusted side stream, it’s recommended you set this to true.
ext_authz: Handle append_action from external authorization service that was ignored.
http: Fix a crash when reloading the HTTP Connection Manager via ECDS.
outlier detection: Fixed successful_active_health_check_uneject_host. Before, a failed health check could uneject the host if the FAILED_ACTIVE_HC health flag had not been set.
tls: Fix a RELEASE_ASSERT when using auto_sni if the downstream request :authority was longer than 255 characters.
udp: Fixed a bug that would cause Envoy to crash when updates to a pre-existing cluster were made (e.g. HostSet changes).

Normally occurs at the end of the deprecation period

http: Removed envoy.reloadable_features.handle_uppercase_scheme runtime flag and legacy code paths.
http: Removed envoy.reloadable_features.lowercase_scheme runtime flag and lagacy code paths.
http: Removed envoy.reloadable_features.proxy_status_upstream_request_timeout runtime flag and lagacy code paths.
http: Removed envoy.reloadable_features.use_cluster_cache_for_alt_protocols_filter runtime flag and lagacy code paths.
router: Removed envoy.reloadable_features.copy_response_code_to_downstream_stream_info runtime flag and legacy code paths.
tcp: Removed envoy.reloadable_features.detect_and_raise_rst_tcp_connection runtime flag and legacy code paths.
upstream: Removed envoy.reloadable_features.convert_legacy_lb_config runtime flag and lagacy code paths.

cares: Added udp_max_queries option to limit the number of UDP queries.
http: Added disable_shadow_host_suffix_append in request_mirror_policies for disabling appending of the -shadow suffix to the shadowed host/authority header.
matching: Added Filter State Input for matching http input based on filter state objects.
quic: Added support for QUIC server preferred address when there is a DNAT between the client and Envoy. See new config.
redis: Added support for inline commands.

tracing: Disable OpenCensus by default, as it is no longer supported/maintained upstream. This extension can be replaced with the OpenTelemetry tracer and collector.