API7 Enterprise Release Notes
3.8.6
Release Date: 2025-06-27
Features
Plugins
- Elasticsearch Logger
- Added support for Elasticsearch 9.0.2.
Fixes
Data Plane
- Fixed issue: Worker process not exiting when executing quit or reload command.
- Fixed issue: Port values greater than 65535 were incorrectly accepted.
- Fixed issue: etcd data sync failure when keys contain special characters.
- Fixed issue: Kubernetes service discovery performance degradation due to watch progress re-listing all data.
- Fixed issue: Memory leak in Kafka Logger causing nginx worker crashes.
Plugins
- OpenID Connect
- Fixed issue: Sessions not properly closed on errors, leading to resource leaks.
Dashboard
- Fixed issue: Clicking "Delete" on plugins only disabled them instead of removing them.
- Fixed issue: Incorrect or missing namespace/service data in upstream when using Kubernetes service discovery.
Security
- Fixed issue: TLSv1.3 cross-SNI session resumption vulnerability (backported HTTP fixes from nginx 1.21.4).
3.8.5
Release Date: 2025-06-16
Features
Dashboard
- Added route URI information to alert messages for status code-related alert events.
Fixes
Dependencies
- Upgraded OpenSSL from version 3.2.3 to 3.2.4.
- Upgraded Debian base image to Bookworm.
Data Plane
- Fixed issue: Severe performance impact occurred when OAS plugin spec files are too large.
- Fixed issue:
post_arg
matching fails when content-type contains charset. - Fixed issue: Consumers did not share the same counter in the
limit-count
plugin. - Fixed issue: Missing etcd
init_dir
prevents listing resources. - Fixed issue:
real_payload
can be overridden by malicious payload in thejwt-auth
plugin. - Fixed issue: Incorrect variables and redundant TLS configs in
upstream_schema
.
Dashboard
- Fixed issue: Route plugin updates in services mistakenly override existing plugins.
3.8.4
Release Date: 2025-06-11
Fixes
Data Plane
- Optimized the performance of large table data migration during control plane upgrades.
- Added caching logic to
post_arg
to optimize performance and prevent repeated inefficient parsing. - Fixed issue: The cache for
ctx
variables prefixed withhttp_
andgraph_
is not effective. - Fixed issue: Prometheus metrics are not properly retained after degradation and recovery.
Dashboard
- Fixed issue: The plugin's editing method (form or code) is not displayed correctly.
- Fixed issue: Error in the code suggestions in the Response Rewrite plugin editor.
3.8.3
Release Date: 2025-06-04
Features
Data Plane
- Supported the configuration of
apisix.disable_upstream_healthcheck
inconf/config.yaml
to disable all health checks with a single switch. - Optimized Prometheus performance by mitigating high memory consumption.
- Released API7 Ingress Controller 2.0.
Plugins
- Automatically inserted
_meta
into the schemas of custom plugins.
Dashboard
- Optimized the deployment process for ingress controller type of gateway groups.
- Added alert policy event trigger "license will expire".
Fixes
Data Plane
- Fixed issue: Occasional route matching error when reading body for GraphQL requests with
post_arg
.
Dashboard
- Fixed issue: Upgrade dependencies
ramda
to0.30.1
andcross-spawn
to7.0.5
to avoid high-risk vulnerabilities. - Fixed issue: The
max-age
field is displayed incorrectly when configuring thecors
plugin details using the dashboard form. - Fixed issue: After upgrading ADC from version 17.x to 19.x, the Dashboard continues displaying outdated configurations when multiple routes under the same service are updated simultaneously.
- Fixed issue: Unable to view plugin configurations within a service with the
gateway:GetPublishedService
orgateway:GetServiceTemplate
permissions in the dashboard. - Fixed issue: API7 Enterprise built-in plugins do not work properly when two custom plugins contain faulty code.
- Fixed issue: Kubernetes service discovery experiences performance issues with a high number of upstream nodes.
- Fixed issue: Headers have inconsistent casing. They are standardized to title case.
3.8.2
Release Date: 2025-05-19
Features
AI Plugins
- AI Proxy Multi
- Added retry logic for 429/5xx response codes to improve request success rate.
AI Gateway
- Added support for reverse proxying AzureAI services.
Dashboard
- Supported CAS as an SSO login option for API7 Enterprise.
Fixes
Dashboard
- Fixed issue: Failed to update basic information of published services.
- Fixed issue:
retry_timeout
andretries
cannot be edited in the stream service upstream. - Fixed issue: Page crash when gateway instance is missing compatibility field.
Data Plane
- Fixed issue: Long startup time for standalone mode with large configuration files.
- Fixed issue: OAS Validator plugin incorrectly rejecting numbers between 1.11-1.19 with
multipleOf: 0.01
rule. - Fixed issue: AI Proxy plugin would accept invalid endpoint URLs (e.g. missing colon in "http//localhost").
3.8.1
Release Date: 2025-05-07
Features
Dashboard
- Specified the validity period of the gateway instance certificate when adding a gateway instance.
- Added a warning in the gateway instance list when the certificate is about to expire.
- Supported viewing the certificate renew method for gateway instances in the dashboard and generating new gateway instance certificates.
Fixes
Data Plane
- Fixed issue: Health checks do not work as expected when using TCP services, and requests are still forwarded to unhealthy upstream nodes.
- Fixed issue: High latency in gateway requests due to Redis service failures.
- Fixed issue: Error in determining the default value of
llm_time_to_first_token
in AI Gateway.
Plugins
- Removed the
snowflake
algorithm frome therequest-id
plugin due to potential risks.
Dashboard
- Fixed issue: The total bandwidth chart data on the monitoring page was inconsistent with Prometheus.
- Fixed issue: When forced publishing is enabled, modifications to the Route’s timeout and plugin configurations are not allowed in the published service.
3.8.0
Release Date: 2025-04-22
Features
Data Plane
- Supported using values from an array object within the user request body in routing conditions. While
post_arg
was already permitted in routing conditions, this update introduces support for array scenarios for the type field's location. - Supported the recording of additional AI request context information within access logs.
- Supported adding a request type identifier to Prometheus metrics to collect more granular data on AI requests.
Plugins
- AI Proxy
- Implemented new identifier fields
logging
andsummaries
for collecting LLM request and response content.
- Implemented new identifier fields
- AI Proxy Multi
- Supported HTTP POST method for health checks.
- Displayed a record at the warning log level if the fallback was triggered.
- Implemented a new identifier field for collecting LLM request and response content.
- AI Aliyun Content Moderation
- Added support for streaming (HTTP SSE) scenarios.
- AI Prompt Guard
- Introduced new plugin.
- Kafka Logger
- Supported reading the user request and response body content cached in
ctx
and pushing it to the specified Kafka service.
- Supported reading the user request and response body content cached in
Dashboard
- Added detailed statistics for service name and route name in status code alert messages.
- Optimized plugin configuration: When configuring Traffic Split plugin on a service or route, verify that the
upstream_id
configured indeed belongs to the current service's upstreams. - Aligned the upstream connection configuration field names with the API in published services.
- Introduced a form-based UI for CORS plugin configuration.
Fixes
Data Plane
- Fixed issue: When the upstream type was Kubernetes service discovery, nodes in health checks were not updated after node changes, resulting in many health check failure logs.
- Fixes issue: An error occurred when the
shared_size
parameter for Kubernetes service discovery was adjusted to 100m.#11857 - Fixed issue: APISIX/API7 Enterprise with Kubernetes discovery will fail after token file expires. #11779
- Fixed issue: After updating the
prefix
of Vault secret provider, the data plane continued to use the old configuration.
Dashboard
- Fixed issue: The
retries
field in the upstream was incorrectly set as required. - Fixed issue: An error occurred on the published service page due to lack of service template permissions.
- Fixed issue: Updating the service discovery service name in published services did not take effect.
- Fixed issue: Creating multiple records with rapid clicks.
- Fixed issue: High database CPU utilization when using large scale of consumers.
- Optimized the wildcard configuration method for Permission Policy:
- Wildcard configuration using
*
is now supported in authorization statements, with the same meaning as the current<.*>
; - The asterisk
*
is restricted and not allowed in any resource ID fields to prevent authorization failures.
- Wildcard configuration using
3.7.8
Release Date: 2025-06-16
Fixes
Dashboard
- Fixed issue: Route plugin updates in services mistakenly override existing plugins.
3.7.7
Release Date: 2025-06-11
Fixes
Dashboard
- Optimized the performance of large table data migration during control plane upgrades.
3.7.6
Release Date: 2025-06-02
Fixes
Data Plane
- Fixed issue: Kubernetes service discovery experiences performance issues with a high number of upstream nodes.
Dashboard
- Fixed issue: API7 Enterprise built-in plugins do not work properly when two custom plugins contain faulty code.
- Fixed issue: After upgrading ADC from version 17.x to 19.x, the Dashboard continues displaying outdated configurations when multiple routes under the same service are updated simultaneously.
3.7.5
** Release Date**: 2025-05-19
Fixes
Dashboard
- Fixed issue: Failed to update basic information of published services.
Data Plane
- Fixed issue: Long startup time for standalone mode with large configuration files.
- Fixed issue: OAS Validator plugin incorrectly rejecting numbers between 1.11-1.19 with
multipleOf: 0.01
rule.
3.7.4
Release Date: 2025-04-30
Features
Dashboard
- Specified the validity period of the gateway instance certificate when adding a gateway instance.
- Added a warning in the gateway instance list when the certificate is about to expire.
- Supported viewing the certificate renew method for gateway instances in the dashboard and generating new gateway instance certificates.
Fixes
Data Plane
- Fixed issue: Health checks do not work as expected when using TCP services, and requests are still forwarded to unhealthy upstream nodes.
- Fixed issue: High latency in gateway requests due to Redis service failures.
- Fixed issue: Error in determining the default value of
llm_time_to_first_token
in AI Gateway.
Plugins
- Removed the
snowflake
algorithm frome therequest-id
plugin due to potential risks.
Dashboard
- Fixed issue: The total bandwidth chart data on the monitoring page was inconsistent with Prometheus.
- Fixed issue: When forced publishing is enabled, modifications to the Route’s timeout and plugin configurations are not allowed in the published service.
3.7.3
Release Date: 2025-04-22
Fixes
Dashboard
- Fixed issue: High database CPU utilization when using large scale of consumers.
- Optimized the wildcard configuration method for Permission Policy:
- Wildcard configuration using
*
is now supported in authorization statements, with the same meaning as the current<.*>
; - The asterisk
*
is restricted and not allowed in any resource ID fields to prevent authorization failures.
- Wildcard configuration using
3.7.2
Release Date: 2025-03-24
Fixes
Plugins
- OpenTelemetry
- Fixed issue: A 404 response on the dynamic route
/v2/:customerNumber
results in an empty reported path.
- Fixed issue: A 404 response on the dynamic route
Admin APIs
- Fixed issue: Resources lack consistent
name
anddesc
length enforcement up to 65535 characters, causing errors when users input valid long strings.