Cent

======

* Fix panic upon subscription token validation caused by nil interface comparison, [commit](https://github.com/centrifugal/centrifugo/commit/fe2a92da24d1e8a473e559224fc5c87895713f6a)

======

In Centrifugo v5 we're phasing out old client protocol support, introducing a more intuitive HTTP API, adjusting token management behaviour in SDKs, improving configuration process, and refactoring the history meta ttl option. As the result you get a cleaner, more user-friendly, and optimized Centrifugo experience.

All the major details about the release may be found in [Centrifugo v5 release announcement](https://centrifugal.dev/blog/2023/06/29/centrifugo-v5-released) in our blog.

We also prepared [Centrifugo v5 migration guide](https://centrifugal.dev/docs/getting-started/migration_v5) which has more specific details about changes.

======

Improvements

* Dynamic JWKS endpoint based on iss and aud – implemented in [638](https://github.com/centrifugal/centrifugo/pull/638), [documented here](https://centrifugal.dev/docs/server/authentication#dynamic-jwks-endpoint)
* Add [redis_force_resp2](https://centrifugal.dev/docs/server/engines#redis_force_resp2) option, [641](https://github.com/centrifugal/centrifugo/pull/641)
* Document [client_stale_close_delay](https://centrifugal.dev/docs/server/configuration#client_stale_close_delay), make it 10 sec instead of 25 sec by default, relates [639](https://github.com/centrifugal/centrifugo/issues/639)

Misc

======

Fixes

* Fix decoding of large protocol messages. The bug was introduced by v4.1.1. See [bug report](https://github.com/centrifugal/centrifugo/issues/603)

======

Improvements

* Possibility to disable client protocol v1 using `disable_client_protocol_v1` boolean option. To remind you about client protocol v1 vs v2 migration in Centrifugo v4 take a look at [v3 to v4 migration guide](https://centrifugal.dev/docs/getting-started/migration_v4#client-sdk-migration). Centrifugo v4 uses client protocol v2 by default, all our recent SDKs only support client protocol v2. So if you are using modern stack then you can disable clients to use outdated protocol v1 right now. In Centrifugo v5 support for client protocol v1 will be completely removed, see [Centrifugo v5 roadmap](https://github.com/centrifugal/centrifugo/issues/599).
* New boolean option `disallow_anonymous_connection_tokens`. When the option is set Centrifugo won't accept connections from anonymous users even if they provided a valid JWT. See [591](https://github.com/centrifugal/centrifugo/issues/591)
* New option `client_connection_rate_limit` to limit the number of new real-time connections Centrifugo may accept per second, see [docs](https://centrifugal.dev/docs/server/configuration#client_connection_rate_limit)
* Implement `sub_refresh` proxy to periodically validate expiring subscriptions over the call from Centrifugo to the backend endpoint, see [592](https://github.com/centrifugal/centrifugo/issues/592) and [docs](https://centrifugal.dev/docs/server/proxy#sub-refresh-proxy)
* More human-readable tracing logging output (especially in Protobuf protocol case). On the other hand, tracing log level is much more expensive now. We never assumed it will be used in production – so seems an acceptable trade-off.
* Several internal optimizations in client protocol to reduce memory allocations.
* More strict client protocol: only allow one pong message from client to server after receiving ping, disable sending commands over the connection which returned an error to the Connect command

Fixes

* Fix: slow down subscription dissolver workers while Redis PUB/SUB is unavailable. This solves a CPU usage spike which may happen while Redis PUB/SUB is unavailable and last client unsubscribes from some channel.
* Relative static paths in Centrifugo admin web UI (to fix work behind reverse proxy on sub-path)

======

Improvements

* Fully rewritten Redis engine using [rueian/rueidis](https://github.com/rueian/rueidis) library. Many thanks to [j178](https://github.com/j178) and [rueian](https://github.com/rueian) for the help. Check out details in our blog post [Improving Centrifugo Redis Engine throughput and allocation efficiency with Rueidis Go library](https://centrifugal.dev/blog/2022/12/20/improving-redis-engine-performance). We expect that new implementation is backwards compatible with the previous one except some timeout options which were not documented, please report issues if any.
* Extended TLS configuration for Redis – it's now possible to set CA root cert, client TLS certs, set custom server name for TLS. See more details in the [updated Redis Engine option docs](https://centrifugal.dev/docs/server/engines#redis-engine-options). Also, it's now possible to provide certificates as strings.