Releases: linkerd/linkerd2
Releases · linkerd/linkerd2
edge-25.12.2
What's Changed
- fix(cli): improved support for native sidecar servers in
linkerd authzby @alpeb in #14780 - fix(cli): improved support for native sidecar servers in
linkerd check --proxyby @alpeb in #14779 - fix(injector): improved support for native sidecar servers by @alpeb in #14767
- build(deps): bump syn from 2.0.110 to 2.0.111 by @dependabot[bot] in #14783
- fix(destination): properly discover hostports in native sidecars by @alpeb in #14786
- build(deps): bump golang.org/x/tools from 0.39.0 to 0.40.0 by @dependabot[bot] in #14790
- build(deps): bump github.com/go-openapi/spec from 0.22.1 to 0.22.2 by @dependabot[bot] in #14789
- proxy: v2.333.0 by @l5d-bot in #14793
- build(deps): bump DavidAnson/markdownlint-cli2-action from 21.0.0 to 22.0.0 by @dependabot[bot] in #14794
- build(deps): bump codecov/codecov-action from 5.5.1 to 5.5.2 by @dependabot[bot] in #14795
Full Changelog: edge-25.12.1...edge-25.12.2
Contributors
alpeb, dependabot, and l5d-bot
Assets 7
edge-25.12.1
edge-25.12.1
This tag was signed with the committer’s verified signature.
sfleen
Scott Fleener
What's Changed
- build(deps): bump node-forge from 1.3.0 to 1.3.2 in /web/app by @dependabot[bot] in #14761
- build(deps): bump github.com/prometheus/common from 0.67.3 to 0.67.4 by @dependabot[bot] in #14756
- build(deps): bump use-query-params from 2.2.1 to 2.2.2 in /web/app by @dependabot[bot] in #14755
- build(deps-dev): bump webpack-bundle-analyzer from 4.10.2 to 5.0.1 in /web/app by @dependabot[bot] in #14754
- build(deps): bump actions/checkout from 5.0.1 to 6.0.0 by @dependabot[bot] in #14748
- build(deps): bump core-js from 3.45.1 to 3.47.0 in /web/app by @dependabot[bot] in #14751
- build(deps): bump hyper from 1.8.0 to 1.8.1 by @dependabot[bot] in #14746
- build(deps-dev): bump html-webpack-plugin from 5.6.4 to 5.6.5 in /web/app by @dependabot[bot] in #14752
- build(deps): bump axum from 0.8.6 to 0.8.7 by @dependabot[bot] in #14744
- Fix references to linkerd-crds in README by @szhekpisov-katanox in #14758
- build(deps): bump rustls-webpki from 0.103.7 to 0.103.8 by @dependabot[bot] in #14745
- build(deps-dev): bump webpack from 5.101.3 to 5.103.0 in /web/app by @dependabot[bot] in #14753
- build(deps): bump bytes from 1.10.1 to 1.11.0 by @dependabot[bot] in #14743
- build(deps): bump softprops/action-gh-release from 2.4.2 to 2.5.0 by @dependabot[bot] in #14774
- build(deps): bump the tracing group across 1 directory with 4 updates by @dependabot[bot] in #14770
- build(deps): bump signal-hook-registry from 1.4.6 to 1.4.7 by @dependabot[bot] in #14766
- build(deps): bump the pest group with 4 updates by @dependabot[bot] in #14764
- build(deps): bump google.golang.org/grpc/cmd/protoc-gen-go-grpc from 1.5.1 to 1.6.0 by @dependabot[bot] in #14762
- build(deps): bump mio from 1.0.4 to 1.1.0 by @dependabot[bot] in #14765
- test(policy): address timeouts and flakiness by @alpeb in #14773
- build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 by @dependabot[bot] in #14778
- build(deps): bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in #14776
- proxy: v2.332.0 by @l5d-bot in #14775
- build(deps): bump tj-actions/changed-files from 2d752abc95ba0255af33a2b4d5de03df3954cdf2 to abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b by @dependabot[bot] in #14771
- build(deps): bump Swatinem/rust-cache from 2.8.1 to 2.8.2 by @dependabot[bot] in #14760
New Contributors
- @szhekpisov-katanox made their first contribution in #14758
Full Changelog: edge-25.11.3...edge-25.12.1
Contributors
alpeb, dependabot, and 2 other contributors
Assets 7
edge-25.11.3
Overall status: RECOMMENDED
Cautions
As of this release, the proxy-init image has been merged into the proxy image, which simplifies image management and reduces overall image size. Users who were explicitly using the proxy-init image should use the proxy image in its place.
Changes
This release correctly honors the timeouts.request value of HTTPRoutes in the gateway.networking.k8s.io API group, to match the behavior of policy.linkerd.io HTTPRoutes.
What's Changed
- feat(proxy, proxy-init): Combine proxy and proxy-init and use minimal base image by @adleong in #14577
- proxy: v2.331.0 by @l5d-bot in #14759
- fix(policy): respect timeout field on gateway API HTTPRoutes by @adleong in #14750
Full Changelog: edge-25.11.2...edge-25.11.3
Contributors
adleong and l5d-bot
Assets 7
edge-25.11.2
Overall status: NOT RECOMMENDED, use edge-25.11.3 instead
Cautions
In this release, mesh expansion does not correctly get certificates from SPIRE; we recommend using edge-25.11.3 instead.
Changes
This release fixes broken documentation URLs in CLI commands (thanks, beza!) and corrects a typo in the EgressNetwork and ExternalWorkload CRD definitions (thanks, YY!).
What's Changed
- build(deps): bump enum-ordinalize-derive from 4.3.1 to 4.3.2 by @dependabot[bot] in #14694
- build(deps): bump proc-macro2 from 1.0.101 to 1.0.103 by @dependabot[bot] in #14695
- build(deps): bump enum-ordinalize from 4.3.0 to 4.3.2 by @dependabot[bot] in #14696
- build(deps): bump rustls from 0.23.34 to 0.23.35 by @dependabot[bot] in #14697
- chore(deps): Upgrade
linkerd2-proxy-apiandtonicgroup by @sfleen in #14699 - fix: restore
bin/docker-buildfunctionality by @cratelyn in #14698 - build(deps): bump helm.sh/helm/v3 from 3.19.0 to 3.19.1 by @dependabot[bot] in #14706
- build(deps): bump github.com/go-openapi/spec from 0.22.0 to 0.22.1 by @dependabot[bot] in #14700
- build(deps): bump softprops/action-gh-release from 2.4.1 to 2.4.2 by @dependabot[bot] in #14705
- build(deps): bump quote from 1.0.41 to 1.0.42 by @dependabot[bot] in #14703
- build(deps): bump openssl from 0.10.74 to 0.10.75 by @dependabot[bot] in #14702
- build(deps): bump syn from 2.0.106 to 2.0.110 by @dependabot[bot] in #14701
- proxy: v2.329.0 by @l5d-bot in #14712
- build(deps): bump tokio-util from 0.7.16 to 0.7.17 by @dependabot[bot] in #14711
- build(deps): bump aws-lc-sys from 0.32.2 to 0.32.3 by @dependabot[bot] in #14710
- Fix broken documentation URLs in CLI commands by @bezarsnba in #14651
- chore(typos): EgressNetwork and ExternalWorkload CRDs by @yy-ofms in #14681
- build(deps): bump hyper from 1.7.0 to 1.8.0 by @dependabot[bot] in #14718
- build(deps): bump unicode-ident from 1.0.20 to 1.0.22 by @dependabot[bot] in #14717
- build(deps): bump helm.sh/helm/v3 from 3.19.1 to 3.19.2 by @dependabot[bot] in #14716
- build(deps): bump the kube group with 7 updates by @dependabot[bot] in #14715
- build(deps): bump golang.org/x/tools from 0.38.0 to 0.39.0 by @dependabot[bot] in #14720
- build(deps): bump peter-evans/repository-dispatch from 4.0.0 to 4.0.1 by @dependabot[bot] in #14724
- build(deps): bump DavidAnson/markdownlint-cli2-action from 20.0.0 to 21.0.0 by @dependabot[bot] in #14723
- test(cni): update k8s and calico by @alpeb in #14707
- build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0 by @dependabot[bot] in #14726
- build(deps): bump the clap group with 2 updates by @dependabot[bot] in #14727
- build(deps): bump actions/checkout from 5.0.0 to 5.0.1 by @dependabot[bot] in #14729
- build(deps): bump aws-lc-rs from 1.14.1 to 1.15.0 by @dependabot[bot] in #14728
- proxy: v2.330.0 by @l5d-bot in #14735
- build(deps): bump delegate from 0.13.4 to 0.13.5 by @dependabot[bot] in #14733
- build(deps): bump libloading from 0.8.8 to 0.8.9 by @dependabot[bot] in #14734
- build(deps): bump github.com/prometheus/common from 0.67.2 to 0.67.3 by @dependabot[bot] in #14732
- build(deps): bump tj-actions/changed-files from 70069877f29101175ed2b055d210fe8b1d54d7d7 to 2d752abc95ba0255af33a2b4d5de03df3954cdf2 by @dependabot[bot] in #14740
- build(deps): bump actions/setup-go from 6.0.0 to 6.1.0 by @dependabot[bot] in #14739
- build(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 by @dependabot[bot] in #14738
- build(deps): bump cc from 1.2.41 to 1.2.46 by @dependabot[bot] in #14737
- build(deps): bump the clap group with 2 updates by @dependabot[bot] in #14736
New Contributors
- @bezarsnba made their first contribution in #14651
- @yy-ofms made their first contribution in #14681
Full Changelog: edge-25.11.1...edge-25.11.2
Contributors
alpeb, bezarsnba, and 5 other contributors
Assets 7
edge-25.11.1
Overall status: RECOMMENDED
Cautions
N/A
Changes
This release correctly includes pod metadata in OpenTelemetry traces, fixes the workload_subscribers metric to correctly track the total number of subscribers across all IP and port combinations (rather than only the most recent combination), and prevents a task leak when using federated services.
What's Changed
- build(deps): bump rustls from 0.23.33 to 0.23.34 by @dependabot[bot] in #14673
- proxy: v2.327.0 by @l5d-bot in #14685
- build(deps): bump openssl from 0.10.73 to 0.10.74 by @dependabot[bot] in #14675
- fix(tracing): traces are not exposing pod metadata by @alpeb in #14684
- fix(destination): fix workload subscribers metric by @adleong in #14683
- build(deps): bump github.com/prometheus/common from 0.67.1 to 0.67.2 by @dependabot[bot] in #14666
- build(deps): bump the clap group with 2 updates by @dependabot[bot] in #14670
- build(deps): bump rustls-pki-types from 1.12.0 to 1.13.0 by @dependabot[bot] in #14671
- build(deps): bump home from 0.5.11 to 0.5.12 by @dependabot[bot] in #14672
- build(deps): bump tj-actions/changed-files from dbf178ceecb9304128c8e0648591d71208c6e2c9 to 70069877f29101175ed2b055d210fe8b1d54d7d7 by @dependabot[bot] in #14686
- build(deps): bump aho-corasick from 1.1.3 to 1.1.4 by @dependabot[bot] in #14687
- build(deps): bump docker/setup-qemu-action from 3.6.0 to 3.7.0 in /.github/actions/docker-build by @dependabot[bot] in #14688
- build(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 by @dependabot[bot] in #14691
- proxy: v2.328.0 by @l5d-bot in #14692
- fix(destination): prevent task leak in federated service watchers by @olix0r in #14693
Full Changelog: edge-25.10.7...edge-25.11.1
Contributors
olix0r, alpeb, and 3 other contributors
Assets 7
edge-25.10.7
Overall status: RECOMMENDED
Cautions
N/A
Changes
This release continues making Linkerd's Helm chart handle tracing parameters more robustly.
What's Changed
- build(deps): bump indexmap from 2.11.4 to 2.12.0 by @dependabot[bot] in #14648
- fix(tracing): Add more guards and fallback to control plane tracing config by @sfleen in #14650
- build(deps): bump cfg-if from 1.0.3 to 1.0.4 by @dependabot[bot] in #14645
- build(deps): bump openssl-sys from 0.9.109 to 0.9.110 by @dependabot[bot] in #14646
- build(deps): bump unicode-ident from 1.0.19 to 1.0.20 by @dependabot[bot] in #14647
- build(deps): bump backon from 1.5.2 to 1.6.0 by @dependabot[bot] in #14656
- build(deps-dev): bump @babel/eslint-parser from 7.28.4 to 7.28.5 in /web/app by @dependabot[bot] in #14658
- build(deps-dev): bump @babel/preset-env from 7.28.3 to 7.28.5 in /web/app by @dependabot[bot] in #14659
- build(deps): bump tj-actions/changed-files from d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449 to dbf178ceecb9304128c8e0648591d71208c6e2c9 by @dependabot[bot] in #14662
- build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #14663
- build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 in /.github/actions/cli-setup by @dependabot[bot] in #14664
- build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #14665
- build(deps-dev): bump @babel/preset-react from 7.27.1 to 7.28.5 in /web/app by @dependabot[bot] in #14660
- build(deps-dev): bump @babel/core from 7.28.4 to 7.28.5 in /web/app by @dependabot[bot] in #14661
- fix(ci): avoid fetching helm at runtime by @olix0r in #14669
- proxy: v2.326.0 by @l5d-bot in #14668
Full Changelog: edge-25.10.6...edge-25.10.7
Contributors
olix0r, dependabot, and 2 other contributors
Assets 7
edge-25.10.6
Overall status: NOT RECOMMENDED, use edge-25.10.7 instead
Cautions
N/A
Changes
This release continues making Linkerd's Helm chart handle tracing parameters more robustly.
What's Changed
- fix(helm): Use parentesized guards for control plane tracing by @sfleen in #14636
- build(deps): bump tokio from 1.47.1 to 1.48.0 by @dependabot[bot] in #14641
- build(deps): bump rustls from 0.23.32 to 0.23.33 by @dependabot[bot] in #14638
- build(deps): bump the clap group with 2 updates by @dependabot[bot] in #14637
- build(deps): bump regex from 1.12.1 to 1.12.2 by @dependabot[bot] in #14639
- build(deps): bump bitflags from 2.9.4 to 2.10.0 by @dependabot[bot] in #14640
- proxy: v2.325.0 by @l5d-bot in #14649
Full Changelog: edge-25.10.5...edge-25.10.6
Contributors
dependabot, l5d-bot, and sfleen
Assets 7
edge-25.10.5
Overall status: NOT RECOMMENDED, use edge-25.10.7 instead
Cautions
N/A
Changes
This release makes Linkerd's Helm chart handle tracing parameters more robustly.
What's Changed
- fix(helm): use parenthesized tracing guards by @olix0r in #14634
- build(deps): bump the clap group with 4 updates by @dependabot[bot] in #14623
- build(deps): bump regex-syntax from 0.8.6 to 0.8.8 by @dependabot[bot] in #14624
- build(deps): bump nu-ansi-term from 0.50.1 to 0.50.3 by @dependabot[bot] in #14625
- build(deps): bump regex-automata from 0.4.12 to 0.4.13 by @dependabot[bot] in #14626
- build(deps): bump generic-array from 0.14.8 to 0.14.9 by @dependabot[bot] in #14627
Full Changelog: edge-25.10.4...edge-25.10.5
Contributors
olix0r and dependabot
Assets 7
edge-25.10.4
Overall status: NOT RECOMMENDED, use edge-25.10.7 instead
Cautions
N/A
Changes
This release prevents a possible crash when injecting proxies without tracing configured, and includes semantic convention labels user-agent.original, http.request.header.content-length, http.request.header.content-type, and http.request.header.l5d-orig-proto to OpenTelemetry spans.
What's Changed
- fix(proxy-injector): handle nil pointer in inject by @olix0r in #14631
- proxy: v2.324.0 by @l5d-bot in #14630
Full Changelog: edge-25.10.3...edge-25.10.4
Contributors
olix0r and l5d-bot
Assets 7
edge-25.10.3
Overall status: NOT RECOMMENDED, use edge-25.10.7 instead
Cautions
This release includes one breaking change: it removes the ip_port_subscribers metric and replaces it with the lower-cardinality workload_subscribers metric.
Changes
This release removes the linkerd.io/proxy-root-parent and linkerd.io/proxy-root-parent-kind labels added to injected pods in edge-25.10.2. It also fixes a potential deadlock that could result in leaked tasks and unneeded memory consumption, and allows configuring the destination controller's stream queue capacity. The default remains 100 for the moment; lower values may be better for improving responsiveness to readiness and liveness issues.
What's Changed
- build(deps): bump libc from 0.2.176 to 0.2.177 by @dependabot[bot] in #14603
- build(deps): bump typenum from 1.18.0 to 1.19.0 by @dependabot[bot] in #14602
- build(deps): bump tokio-rustls from 0.26.3 to 0.26.4 by @dependabot[bot] in #14604
- fix: Revert #14578 and #14593 by @sfleen in #14620
- fix(destination): avoid blocking in synchronizedGetStream.Stop by @olix0r in #14621
- build(deps): bump regex from 1.11.3 to 1.12.1 by @dependabot[bot] in #14614
- build(deps): bump pem from 3.0.5 to 3.0.6 by @dependabot[bot] in #14615
- build(deps): bump cc from 1.2.40 to 1.2.41 by @dependabot[bot] in #14616
- build(deps): bump softprops/action-gh-release from 2.4.0 to 2.4.1 by @dependabot[bot] in #14619
- build(deps): bump regex-lite from 0.1.7 to 0.1.8 by @dependabot[bot] in #14617
- build(deps): bump generic-array from 0.14.7 to 0.14.8 by @dependabot[bot] in #14618
- fix(destination)!: replace ip_port_subscribers with workload_subscribers by @olix0r in #14612
- feat(destionation): add --stream-queue-capacity arg by @olix0r in #14622
Full Changelog: edge-25.10.2...edge-25.10.3
Contributors
olix0r, dependabot, and sfleen