v5.44.1

Security Updates

• uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.
• Golang: Update golang toolchain to v1.25.6, which fixed an vulnerable (tls.Config).Clone function.

Fixes

• avoid DNS leakage with gRPC transports by @leo9800 in #3587
• Dynamic address length calculation in shadowsocks udp encoding in #3588

Chores

• Chore: bump golang.org/x/crypto from 0.46.0 to 0.47.0 by @dependabot[bot] in #3595
• Chore: bump golang.org/x/net from 0.48.0 to 0.49.0 by @dependabot[bot] in #3594
• Chore: bump github.com/miekg/dns from 1.1.69 to 1.1.70 by @dependabot[bot] in #3592
• Chore: bump github.com/go-chi/chi/v5 from 5.2.3 to 5.2.4 by @dependabot[bot] in #3596

Full Changelog: v5.44.0...v5.44.1

v5.44.0

Security Update

• uTLS: bundled library updated to v1.8.2 for Chrome120 imitation profile identification.

Fixes

• avoid DNS leakage with gRPC transports by @leo9800 in #3587
• Dynamic address length calculation in shadowsocks udp encoding in #3588

Chores

• Chore: bump golang.org/x/crypto from 0.46.0 to 0.47.0 by @dependabot[bot] in #3595
• Chore: bump golang.org/x/net from 0.48.0 to 0.49.0 by @dependabot[bot] in #3594
• Chore: bump github.com/miekg/dns from 1.1.69 to 1.1.70 by @dependabot[bot] in #3592

New Contributors

• @leo9800 made their first contribution in #3587

Full Changelog: v5.43.0...v5.44.0

v5.43.0

Fixes

• fix issue #3563: There is a buffer overflow bug in Shadowsocks UDP packet encoding by @fengweiyuan in #3564
• Fix custom tls setting for tlsmirror roundtripper enrollment in #3584

##Chores

• Chore: bump actions/download-artifact from 6 to 7 by @dependabot[bot] in #3576
• Chore: bump actions/upload-artifact from 5 to 6 by @dependabot[bot] in #3574
• Chore: bump golang.org/x/net from 0.47.0 to 0.48.0 by @dependabot[bot] in #3567
• Chore: bump github.com/miekg/dns from 1.1.68 to 1.1.69 by @dependabot[bot] in #3572
• Chore: bump google.golang.org/protobuf from 1.36.10 to 1.36.11 by @dependabot[bot] in #3575
• Chore: bump google.golang.org/grpc from 1.77.0 to 1.78.0 by @dependabot[bot] in #3581
• Chore: bump github.com/go-playground/validator/v10 from 10.28.0 to 10.30.1 by @dependabot[bot] in #3582

New Contributors

• @fengweiyuan made their first contribution in #3564

Full Changelog: v5.42.0...v5.43.0

v5.42.0

New Features

• Add TLSMirror bootstrap enrollment and self enrollment feature in #3541
• TLSMirror Inverse Role Request Tripper Enrollment Server Support by #3551

Chores

• Chore: bump github/codeql-action from 3 to 4 by @dependabot[bot] in #3535
• Chore: bump actions/download-artifact from 5 to 6 by @dependabot[bot] in #3543
• Chore: bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in #3542
• Chore: bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in #3550
• Chore: bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in #3552
• Chore: bump actions/checkout from 5 to 6 by @dependabot[bot] in #3553
• Chore: bump google.golang.org/grpc from 1.76.0 to 1.77.0 by @dependabot[bot] in #3554

Full Changelog: v5.41.0...v5.42.0

v5.41.0

This is a maintenance release.

This release includes an important fix for utls, update are recommended for all users.

Chores

• Chore: bump github.com/refraction-networking/utls from 1.8.0 to 1.8.1 by @dependabot[bot] in #3540
• Chore: bump golang.org/x/net from 0.44.0 to 0.46.0 by @dependabot[bot] in #3539
• Chore: bump github.com/quic-go/quic-go from 0.54.1 to 0.55.0 by @dependabot[bot] in #3531
• Chore: bump google.golang.org/grpc from 1.75.1 to 1.76.0 by @dependabot[bot] in #3533
• Chore: bump github.com/go-playground/validator/v10 from 10.27.0 to 10.28.0 by @dependabot[bot] in #3534

Full Changelog: v5.40.0...v5.41.0

v5.40.0

New Features

• Add transient storage lifecycle receiver framework (fix grpc transport goroutine leak) in #3529

Chores

• Chore: bump github.com/quic-go/quic-go from 0.54.0 to 0.54.1 by @dependabot[bot] in #3524
• Chore: bump google.golang.org/protobuf from 1.36.9 to 1.36.10 by @dependabot[bot] in #3530

Full Changelog: v5.39.0...v5.40.0

v5.39.0

This is a maintenance release.

Chores

• CI: fix stale.yml workflow by @Loyalsoldier in #3491
• CI: only run release workflow when changing release.yml file by @Loyalsoldier in #3492
• Fix: geoip test by pinning geoip.dat to specific version by @Loyalsoldier in #3495
• Chore: bump github.com/go-chi/chi/v5 from 5.2.2 to 5.2.3 by @dependabot[bot] in #3488
• Chore: bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in #3487
• Chore: bump google.golang.org/protobuf from 1.36.6 to 1.36.8 by @dependabot[bot] in #3483
• Chore: bump google.golang.org/grpc from 1.74.2 to 1.75.0 by @dependabot[bot] in #3482
• Chore: bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #3471
• Chore: bump github.com/miekg/dns from 1.1.67 to 1.1.68 by @dependabot[bot] in #3466
• Chore: bump actions/stale from 8 to 10 by @dependabot[bot] in #3501
• Chore: bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #3467
• CI: upgrade CodeQL from v2 to v3 by @Loyalsoldier in #3507
• Docs: update goreportcard badge by @Loyalsoldier in #3508
• CI: bump actions/checkout from v3 to v5 by @Loyalsoldier in #3509
• CI: bump actions/setup-go to v6 & use go version in go.mod by @Loyalsoldier in #3510
• CI: remove unnecessary version option in golangci-lint workflow by @Loyalsoldier in #3514
• CI: fix test and test coverage by @Loyalsoldier in #3515
• CI: only upload coverage report on Linux by @Loyalsoldier in #3516
• Docs: fix badges by @Loyalsoldier in #3517
• Chore: bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @dependabot[bot] in #3519
• Chore: bump golang.org/x/net from 0.43.0 to 0.44.0 by @dependabot[bot] in #3513
• Chore: bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @dependabot[bot] in #3512
• ci: annotate arm64 pie binary with prerelease mark in #3521

Full Changelog: v5.38.0...v5.39.0

v5.38.0

New Features

• TLSMirror Connection Enrollment System in #3445
• Add TLSMirror Sequence Watermarking in #3446

Fixes

• Rename to connection_enrolment to fix typo in #3463

Chores

• Chore: bump github.com/refraction-networking/utls from 1.7.3 to 1.8.0 by @dependabot[bot] in #3462
• Chore: bump google.golang.org/grpc from 1.73.0 to 1.74.2 by @dependabot[bot] in #3461
• Chore: bump github.com/quic-go/quic-go from 0.53.0 to 0.54.0 by @dependabot[bot] in #3460
• Chore: bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #3454
• Chore: bump github.com/miekg/dns from 1.1.66 to 1.1.67 by @dependabot[bot] in #3450

Full Changelog: v5.37.0...v5.38.0

v5.37.0

New Features

• TLSMirror developer preview protocol is now a part of mainline V2Ray.
  • Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
  • Update TLS Mirror with TLS1.2 AEAD support, defer_instance_derived_write_time, transport_layer_padding, h2_do_not_wait_for_download_finish #3441
  • EN document has been updated.
• proxy dns with NOTIMP error by @rp-hello in #2954

-----> ⚠️ Important Message ⚠️<-----

This update includes important fix for developer preview protocol TLSMirror.

-----> ⚠️ 重要消息 ⚠️<-----

本更新含针对于开发者预览版协议 TLSMirror 的重要修复。

Full Changelog: v5.35.0...v5.37.0

v5.36.0

New Features

• Add TLSMirror looks like TLS censorship resistant transport protocol as a developer preview transport in #3437
• proxy dns with NOTIMP error by @rp-hello in #2954

Chores

• Chore: bump github.com/go-playground/validator/v10 from 10.26.0 to 10.27.0 by @dependabot in #3438
• Regenerate protocol buffer files
• Adjust unit test time in CI

New Contributors

• @rp-hello made their first contribution in #2954

Full Changelog: v5.35.0...v5.36.0