Higress v2.1.9: 44 engine updates + 18 console updates

Higress Community

Nov 18, 2025

Share on X

01 Higress Engine Update

Overview of This Release

This release includes 44 updates, covering multiple areas such as feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

New Features: 23 items

Bug Fixes: 14 items
Refactoring Optimizations: 2 items
Documentation Updates: 1 item
Testing Improvements: 4 items

Key Focus Areas

This release includes 3 important updates that deserve special attention:

feat(mcp-server): add server-level default authentication and MCP proxy server support (#3096): This feature enhances Higress's security management capabilities for MCP traffic, allowing users to set up authentication via a unified interface, simplifying the deployment process of security policies, and improving both system security and flexibility.
feat: add Higress API MCP server (#2923): By adding Higress-ops MCP Server, users can manage Higress configuration and troubleshoot issues using the hgctl agent command, improving operational efficiency and user experience.
feat: implement hgctl agent & mcp add subcommand (#3051): This enhances Higress's operational capabilities, particularly through interactive management and debugging via Agent, making it easier for users to configure and debug MCP traffic governance; it represents an important step for Higress towards AI-native operations.

For detailed information, please refer to the important feature description section below.

Detailed Description of Important Features

The following are detailed explanations of important features and improvements in this release:

1. feat(mcp-server): add server-level default authentication and MCP proxy server support

Related PR: #3096 | Contributor: @johnlanni

Background

As users demand higher security, flexibility, and usability from APIs, the MCP (Model Context Protocol) protocol is widely used in Agent call tools. However, existing MCP servers lack a unified security authentication mechanism, leading to differentiated authentication setups in different scenarios (MCP Server directly proxies, REST API converts to MCP Server). This update addresses those issues, targeting user groups including but not limited to developers, operations personnel, and system administrators who need a more secure, flexible, and manageable API gateway.

Feature Details

This update mainly implements two core functionalities: 1. Adds a default authentication mechanism at the MCP server level, including client-to-gateway and gateway-to-backend authentication; 2. Introduces a new type of MCP proxy server that can proxy client MCP requests to backend MCP servers, supporting timeout configurations and complete authentication support. Technically, this is achieved by updating the dependency library versions (such as wasm-go and proxy-wasm-go-sdk) to support new features and refactoring existing code to accommodate new authentication and proxy logic.

How to Use

To enable this feature, relevant parameters must be set in the Higress configuration file. For example, to configure the default downstream security authentication, the authentication policy can be specified in the defaultDownstreamSecurity field; similarly, upstream authentication is configured via the defaultUpstreamSecurity field. To use the MCP proxy server, a new server of the mcp-proxy type needs to be defined and the backend MCP server address specified via mcpServerURL. Additionally, the timeout field can be used to control request timeout. Best practices suggest leveraging priority configuration mechanisms whenever possible to ensure tool-level settings can override server-level defaults for more granular control.

Value of the Feature

This feature significantly improves the security and flexibility of Higress, making API management more efficient. By introducing server-level default authentication, it reduces the workload of repetitive configurations and lowers the security risks arising from configuration errors. The newly added MCP proxy server capability not only simplifies the complexity of MCP service governance but also effectively relieves the pressure on backend MCP servers by offloading state-maintaining tasks to the Higress side.

2. feat: add Higress API MCP server

Related PR: #2923 | Contributor: @Tsukilc

Background

With the development of AI technology, the API gateway needs to better support AI-related functionalities. As an AI-native API gateway, Higress needs to provide stronger management tools to unify the management of core API assets such as LLM API, MCP API, and Agent API. This PR integrates the Higress API MCP Server, providing comprehensive management capabilities for AI routing, AI providers, and MCP servers. These new features can help users more efficiently configure and maintain Higress’s AI features, meeting modern application needs. The target user groups include Higress operations personnel and developers, especially those deeply engaged in the AI field.

Feature Details

This PR primarily implements the following functionalities:

AI routing management: New tools including list-ai-routes, get-ai-route, add-ai-route, update-ai-route and delete-ai-route were added, allowing users to manage AI routes.

AI provider management: New tools such as list-ai-providers, get-ai-provider, add-ai-provider, update-ai-provider, and delete-ai-provider were added, allowing users to manage AI providers.

MCP server management: New tools like list-mcp-servers, get-mcp-server, add-or-update-mcp-server, and delete-mcp-server were added, allowing users to manage MCP servers and their consumers.

Authentication Configuration: Uses HTTP Basic Authentication for authorization and carries the Authorization header in client requests.

Code Changes: Removed hardcoding of username and password, switching to runtime provision via MCP Client to improve security. Additionally, a new **higress-ops module was introduced for hgctl agent command integration, enabling Agent-based management of Higress configurations.

How to Use

To enable and configure this feature, follow these steps:

Configure Higress API MCP Server: Add configurations for Higress API MCP Server in the Higress configuration file, specifying the URL address of the Higress Console.

Use hgctl agent: Launch the interactive Agent using the hgctl agent command. You can manage Higress using natural language. For example, use the mcp add subcommand to add a remote MCP Server to Higress’s MCP management directory.

Manage AI routes: Use tools such as list-ai-routes, get-ai-route, add-ai-route, update-ai-route, and delete-ai-route to manage AI routes.

Manage AI providers: Use list-ai-providers, get-ai-provider, add-ai-provider, update-ai-provider , and delete-ai-provider tools to manage AI providers.

Manage MCP servers: Use list-mcp-servers, get-mcp-server, add-or-update-mcp-server, delete-mcp-server tools to manage MCP servers and their consumers.

Note: Ensure proper authentication information is configured when using these tools and carry the Authorization header in the request.

Value of the Feature

This feature provides users with the following specific benefits:

Enhanced management capabilities: Users can more conveniently manage and debug Higress’s AI routing, AI providers, and MCP server configuration through the new MCP tools, improving management efficiency.

Higher security: By providing username and password through MCP Client at runtime, rather than hardcoding them into configuration files, overall system security is significantly improved.

Better user experience: The interactive management method of hgctl agent allows users to manage Higress using natural language, reducing learning costs and usage difficulty.

Improved system performance and stability: The new MCP tools provide more management and debugging means, helping to promptly identify and resolve issues, thereby enhancing system stability and performance.

Ecological importance: As the first step for Higress to transition from traditional operations to Agent-based operations, this feature holds significant importance for the development of the Higress ecosystem and lays the groundwork for more innovations in the future.

3. feat: implement hgctl agent & mcp add subcommand

Related PR: #3051 | Contributor: @erasernoob

Background

Higress is an AI-native API gateway designed to manage LLM API, MCP API, and Agent API in a unified manner. With the development of Higress, traditional command-line tools can no longer meet user needs, especially in managing and debugging MCP services. This PR introduces an interactive Agent similar to Claude Code, allowing users to manage Higress through natural language. Additionally, the new mcp add subcommand conveniently adds Remote MCP Services to Higress's MCP management directory, implementing governance of MCP traffic. These functionalities not only simplify the configuration process of MCP services but also enhance the system's maintainability and usability.

Feature Details

This PR primarily implements two new subcommands: hgctl agent and mcp add.

hgctl agent: This command allows users to interact with Higress using natural language. It invokes the underlying claude-code proxy, prompting users to set necessary environments during the first run. hgctl agent provides an interactive window for users, enabling a more intuitive management of Higress.

mcp add: This command allows users to add MCP services via simple parameters. It supports two types of MCP services: direct proxy type and OpenAPI-based type. Direct proxy type MCP services can directly call the Higress Console API and publish to the Higress MCP Server management tool. OpenAPI-based MCP services generate MCP configuration by parsing OpenAPI specifications. The code changes consist of several new files and substantial code additions, including agent.go, base.go, core.go, mcp.go , and client.go, all working together to implement the above functionalities.

How to Use

To enable and configure these new features, users need to update to the latest version of the hgctl tool.

Enable hgctl agent:
- Run the hgctl agent command, and on the first use, it will prompt the user to set up necessary environments, such as installing the claude-code proxy.
- Interact with Higress using natural language, such as querying or modifying configurations.
Use mcp add to add MCP services:
- Add direct proxy type MCP services: hgctl mcp add mcp-deepwiki -t http https://mcp.deepwiki.com —user admin —password 123 —url http://localhost:8080
- Add OpenAPI-based MCP services: hgctl mcp add openapi-server -t openapi —spec openapi.yaml —user admin —password 123 —url http://localhost:8080

Note: Ensure that the system is properly configured with Higress and related dependencies before running these commands.

Value of the Feature

These new features provide users with significant benefits, including:

Enhanced user experience: By allowing interaction through natural language, the learning curve for users is reduced, making Higress management more intuitive and user-friendly.

Simplified configuration process: The mcp add command greatly simplifies the addition and configuration of MCP services, reducing the complexity and error rate of manual operations.

Improved stability of the system: With unified MCP service management, better monitoring and maintenance of MCP traffic can be achieved, enhancing system stability and reliability.

Expanded ecosystem: These new features allow Higress to better support different types of MCP services, enhancing its competitiveness and ecological influence in the age of AI.

Complete Change Log

New Features

Related PR: #3126
Contributor: @johnlanni
Change Log: Updated Envoy dependencies to support Redis call parameters to be set through WASM, such as buffer_flush_timeout and max_buffer_size_before_flush.
Feature Value: This feature enhances the flexibility of WASM plugins, allowing users to customize Redis client buffering behavior through URL query parameters, improving the convenience and efficiency of configuration management.
Related PR: #3123
Contributor: @johnlanni
Change Log: Upgraded Higress proxy version to v2.2.0, updated the Go toolchain and multiple dependency package versions, and added architecture-specific build targets for golang-filter, fixing dependency issues related to MCP servers, OpenAI, and Milvus SDK.
Feature Value: Enhanced overall performance and stability of Higress, supporting more architecture types while improving support capabilities for the latest technology stacks. For users, this means broader compatibility, better security, and more extensive functional expansion possibilities.
Related PR: #3108
Contributor: @wydream
Change Log: Added video-related API paths and capabilities, including constants, default capabilities, and regular expression path handling, allowing the proxy to correctly parse multiple video-related endpoints and updated OpenAI providers to optimize support for these new endpoints.
Feature Value: By increasing support for video-related APIs, Higress enhances its ability to manage AI services, particularly for applications that need to handle video content, allowing users to more conveniently integrate and use advanced features involving video.
Related PR: #3071
Contributor: @rinfx
Change Log: This PR added a usage example for the inject_encoded_data_to_filter_chain_on_header function, demonstrating how to add body data to requests without a response body. Changes were made by modifying files such as README.md, go.mod, etc.
Feature Value: This feature allows users to add body data to requests without a response body, enhancing the API gateway's capability and flexibility in handling requests, particularly when dynamic generation or modification of response content is needed.
Related PR: #3067
Contributor: @wydream
Change Log: This PR adds support for vLLM as an AI provider to the Higress ai-proxy plugin, achieving compatibility with multiple API interfaces from OpenAI, including chat and text completion, and model listing display.
Feature Value: By introducing vLLM as a new AI service provider, users can now directly access various AI capabilities provided by vLLM through Higress, such as text generation, vastly enriching Higress's usability in AI application scenarios and simplifying the integration process.
Related PR: #3060
Contributor: @erasernoob
Change Log: This PR enhances the hgctl mcp and hgctl agent commands to automatically retrieve Higress Console credentials from installation configuration files and Kubernetes secrets, optimizing the user experience.
Feature Value: This feature reduces the steps users need to manually enter credentials, improving operational convenience and security, especially important for users installing Higress via hgctl.
Related PR: #3043
Contributor: @2456868764
Change Log: This PR fixes the default port issue for Milvus and adds a Python example code in README.md. The port problem was solved by modifying the match_rule_domain field in the configuration file, while providing usage guidance.
Feature Value: This correction resolves port configuration issues that may prevent the service from operating correctly and enhances document usability, offering a specific Python example to help understand and quickly get started with plugin functionality.
Related PR: #3040
Contributor: @victorserbu2709
Change Log: This PR adds Anthropic's ApiNameAnthropicMessages feature and supports configuring the anthropic provider without setting protocol=original, allowing /v1/messages requests to be forwarded directly to anthropic, while /v1/chat/completion converts OpenAI formatted message bodies to Claude compatible formats.
Feature Value: By increasing support for Anthropic message APIs, Higress enhances its ability to manage different types of AI services. Users can now more flexibly use the services provided by Anthropic, especially when interacting with Claude, increasing the platform's diversity and flexibility.
Related PR: #3038
Contributor: @Libres-coder
Change Log: New list-plugin-instances tool allows AI agents to query plugin instances within a specific scope via the MCP protocol. This PR added two new functions to the MCP Server and updated related documentation.
Feature Value: This feature enables users to more conveniently manage plugin configurations in Higress, enhancing system manageability and transparency, particularly when checking or adjusting the status of plugins within a specific range.
Related PR: #3032
Contributor: @johnlanni
Change Log: This PR enables Qwen compatibility mode by default and adds missing API endpoints, including AsyncAIGC, AsyncTask, and V1Rerank to provide more comprehensive API coverage.
Feature Value: By enabling compatibility mode by default and filling API gaps, this enhances users' out-of-the-box experience, while strengthening the system's support for Qwen AI services, making it easier for developers to access and use Qwen related functionalities.
Related PR: #3029
Contributor: @victorserbu2709
Change Log: Added support for v1/responses in the groq provider, introducing new response handling logic.
Feature Value: The newly supported functionality enables users to better manage and utilize responses provided by the groq plugin via Higress, enhancing flexibility and completeness in API management.
Related PR: #3024
Contributor: @rinfx
Change Log: Introduced malicious URL and model hallucination detection capabilities to ensure the security of AI generated content; meanwhile adjusted specific configurations at the consumer level to better adapt to various scenario demands.
Feature Value: By increasing detection for malicious URLs and model hallucinations, this enhances the Higress platform’s ability to handle AI generated content with security and accuracy, helping to protect users from potential threats. Additionally, the adjusted consumer-level configuration enhances system flexibility and adaptability.
Related PR: #3008
Contributor: @hellocn9
Change Log: This PR added support for custom parameter names for MCP SSE stateful sessions. By adding the higress.io/mcp-sse-stateful-param-name annotation in the ingress configuration, users can specify their parameter names.
Feature Value: This feature allows users to flexibly set the parameter names for MCP SSE stateful sessions according to their needs, increasing configuration flexibility and user experience. This allows Higress to better adapt to diverse application scenarios.
Related PR: #3006
Contributor: @SaladDay
Change Log: This PR added Secret reference support for the Redis configuration of the MCP Server, allowing Redis passwords to be stored via Kubernetes Secret, enhancing security while modifying relevant documents and test codes.
Feature Value: By using Kubernetes Secret to store Redis passwords instead of plain text in ConfigMap, system security is improved. Users can manage sensitive information more securely, reducing the risk of password leaks.
Related PR: #2992
Contributor: @rinfx
Change Log: This PR modified the authentication logic in the key_auth plugin, logging consumer names in the logs even if unauthorized access occurs. By adding consumer identification logging to the authentication process, system observability is enhanced.
Feature Value: This functionality improves system monitoring and troubleshooting efficiency, allowing operations personnel to better understand the source of requests, even if unauthorized, enabling better issue diagnosis and security auditing.
Related PR: #2978
Contributor: @rinfx
Change Log: After determining the consumer name, it adds the consumer name to the request headers for subsequent processing, regardless of whether authentication fails.
Feature Value: This feature enhances the tracking capability of consumer behavior, helping to better understand the API invocation situation and consumer activity patterns, thereby providing users with a more personalized service experience.
Related PR: #2968
Contributor: @2456868764
Change Log: Added vector database mapping functionality, introducing a field mapping system and index configuration management mechanism, supporting various index types such as HNSW, IVF, SCANN, etc., to improve system flexibility and adaptability.
Feature Value: By providing flexible field mapping and rich index configuration options, this enhances support for different vector databases, simplifying the process for developers integrating diverse storage solutions, and improving user experience.
Related PR: #2943
Contributor: @Guo-Chenxu
Change Log: This PR adds support for custom system prompts when generating release notes, achieved by modifying GitHub Actions workflow files.
Feature Value: Allows users to add personalized system prompts when generating release notes, enhancing the flexibility and practicality of release notes to better meet the needs of different projects.
Related PR: #2942
Contributor: @2456868764
Change Log: Fixed processing logic when the LLM provider is empty and optimized document structure and content, adding detailed introduction to MCP tools.
Feature Value: Enhanced robustness of the system when LLM configurations are missing, improving user understanding and experience with MCP tools, allowing users to clearly understand the functionality and configuration requirements of different tools.
Related PR: #2916
Contributor: @imp2002
Change Log: Implemented migration of Nginx MCP servers, providing seven MCP tools to automate the process of migrating from Nginx configuration/Lua plugins to Higress, including configuration conversion and other important functions.
Feature Value: This functionality greatly simplifies the workload for users migrating from Nginx to Higress by providing a complete toolset, making the migration process smoother and more efficient, helping users adopt Higress as their API gateway solution faster.

Bug Fixes

Related PR: #3120
Contributor: @lexburner
Change Log: Adjusted the log level in the ai-proxy component, with specific changes located in wasm-go/extensions/ai-proxy/provider/qwen.go, reducing unnecessary warning information outputs.
Feature Value: By lowering the log level in specific parts, the system runtime generates fewer redundant warning messages, which helps improve efficiency for developers and operations personnel reviewing logs and allows them to focus more on actual errors or important information.
Related PR: #3119
Contributor: @johnlanni
Change Log: Updated istio dependency and replaced reqChan and deltaReqChan in Connection with channels.Unbounded to prevent deadlock issues caused by HTTP2 flow control.
Feature Value: By resolving deadlock issues caused by HTTP2 flow control, client requests and ACK requests can be processed normally and unblocked, enhancing system stability and response speed.
Related PR: #3118
Contributor: @johnlanni
Change Log: This PR fixes the issue of port-level policies unconditionally overriding existing configurations transformed from Ingress annotations. The override is avoided by adding nil checks before setting policy.Tls and policy.LoadBalancer.
Feature Value: Addresses the problem of configuration overwriting caused by TLS and load balancer settings in DestinationRule, ensuring that user-defined Ingress annotation configurations are correctly retained and applied, enhancing system stability and reliability.
Related PR: #3095
Contributor: @rinfx
Change Log: Fixed the issue of losing usage information during the claude2openai conversion process, adding an index field to the bedrock streaming tool responses to ensure data integrity and accuracy.
Feature Value: This fix improves the system’s data integrity when processing API conversions, ensuring that users can accurately obtain all necessary usage information, particularly in the case of streaming responses where introducing an index field enhances response management flexibility.
Related PR: #3084
Contributor: @rinfx
Change Log: Fixed the issue of Claude requests not including include_usage: true when converting to OpenAI requests, ensuring usage situation information is correctly passed during streaming response mode.
Feature Value: This fix allows users to receive more accurate resource usage feedback when handling streaming APIs, enhancing accuracy in monitoring resource consumption within the system.
Related PR: #3074
Contributor: @Jing-ze
Change Log: This PR adds a Content-Encoding check in the log-request-response plugin to avoid recording compressed request/response bodies, which may lead to garbled log entries.
Feature Value: By improving the logging mechanism to prevent outputting difficult-to-read log entries, the efficiency and accuracy of operations personnel troubleshooting issues are enhanced.
Related PR: #3069
Contributor: @Libres-coder
Change Log: This PR fixes an issue in the CI testing framework where e2e tests failed due to the go.mod file not being properly updated. It ensures the go.mod in the root directory is updated by adding the go mod tidy command in the prebuild.sh script.
Feature Value: This fix solves the CI test failures that all trigger during wasm plugin end-to-end tests, ensuring stability of the build and testing processes and improving the developer experience.
Related PR: #3010
Contributor: @rinfx
Change Log: Fixed parsing errors caused by unpacking issues when returning responses from bedrock and adjusted the maxtoken conversion logic to ensure event stream handling's accuracy and integrity.
Feature Value: Addresses data parsing errors encountered by users when using the bedrock service, improving system stability and user experience by optimizing boundary condition handling to ensure consistency in data transmission.
Related PR: #2997
Contributor: @hanxiantao
Change Log: Optimized the logic for cluster rate limiting and AI Token rate limiting, updating it to an accumulation method for counting request quantities and token usage, avoiding resets when modifying rate limits.
Feature Value: By improving the rate-limiting mechanism, the system can accurately track and limit request traffic even when altering rate thresholds, enhancing the system's stability and reliability.
Related PR: #2988
Contributor: @johnlanni
Change Log: This PR fixes JSON formatting errors in the jsonrpc-converter by switching to original JSON data, avoiding data parsing problems caused by string formatting.
Feature Value: This correction ensures data transmission accuracy and consistency, enhancing system stability and reliability while reducing potential issues arising from data format errors.
Related PR: #2973
Contributor: @CH3CHO
Change Log: Fixed the issue where match_rule_domain set to an empty string was unsupported in Higress version 2.1.8 by using wildcard matching for all domains to eliminate compatibility risks.
Feature Value: This fix ensures backward compatibility in generating configurations for the MCP server, avoiding service interruption or abnormal behavior due to configuration errors and enhancing system stability and user experience.
Related PR: #2952
Contributor: @Erica177
Change Log: Corrected the JSON tag of the Id field in the ToolSecurity structure from type to id to ensure proper serialization.
Feature Value: This fix ensures the correctness of the ToolSecurity structure in data transmission, avoiding data parsing issues caused by field label errors, improving system stability and user experience.
Related PR: #2948
Contributor: @johnlanni
Change Log: Fixed processing issues with the Azure OpenAI Response API and service URL type detection logic, including adding support for custom full paths and improving streaming event parsing.
Feature Value: Enhanced support for Azure OpenAI services, improving the accuracy and efficiency of API response processing, allowing users to more stably use Azure OpenAI related functions.
Related PR: #2941
Contributor: @rinfx
Change Log: This PR fixes compatibility issues between the ai-security-guard plugin and old configurations by adjusting relevant code in the main.go file to ensure backward compatibility.
Feature Value: This resolves compatibility issues caused by configuration updates, allowing users with old configurations to seamlessly transition to new versions, enhancing user experience and system stability.

Refactoring Optimizations

Related PR: #3113
Contributor: @johnlanni
Change Log: This PR implements a hashing cache for Protobuf messages, performing recursive hash calculations via XXHash algorithm and providing special handling for google.protobuf.Any types and deterministically sorted map fields, optimizing LDS performance.
Feature Value: This change significantly improves Envoy's efficiency when processing a large number of configuration updates, reducing performance overhead caused by repeated serialization, especially in frequently changed or large-scale deployment environments, accelerating configuration propagation speed and improving system responsiveness.
Related PR: #2945
Contributor: @rinfx
Change Log: Optimized the logic for selecting the pod with the minimum global request number in the AI load balancer Lua scripts, enhancing request distribution efficiency through adjustments in health check mechanisms and load balancing strategies.
Feature Value: This adjustment improves the fairness and efficiency of the AI load balancer in handling requests, reducing service response time delays due to overload on a single node, positively impacting overall system stability and user experience.

Documentation Updates

Related PR: #2965

Contributor: @CH3CHO
Change Log: Updated the description of azureServiceUrl in the ai-proxy README file, enhancing detailed information about the parameter's usage to aid users in better understanding and configuration.
Feature Value: By providing more detailed parameter specifications for azureServiceUrl, this change helps improve user experience, enabling users to configure correctly based on documentation, thereby avoiding potential usage errors.

Testing Improvements

Related PR: #3110
Contributor: @Jing-ze
Change Log: This PR adds CODECOV_TOKEN environment variable configurations in the GitHub Actions workflow to ensure Codecov can correctly authenticate and upload code coverage data.
Feature Value: By adding the CODECOV_TOKEN environment variable, the security and reliability of CI/CD processes are enhanced, ensuring the accuracy and completeness of code coverage reports, which helps maintain project quality.
Related PR: #3097
Contributor: @johnlanni
Change Log: This PR adds unit tests for the mcp-server, totaling 2766 new lines of code, mainly concentrated in main_test.go, enhancing the test coverage of the mcp-server.
Feature Value: By increasing unit tests, the reliability and stability of the mcp-server module are improved, ensuring that new features or fixes do not introduce new issues. For users, this enhances the overall quality assurance and usability of Higress.
Related PR: #2998
Contributor: @Patrisam
Change Log: This PR implements end-to-end testing cases for Cloudflare, enhancing the testing coverage of the Higress project. New testing logic and configurations are added in go-wasm-ai-proxy.go and go-wasm-ai-proxy.yaml.
Feature Value: Newly added Cloudflare e2e test cases help ensure compatibility and stability between Higress and Cloudflare services, greatly increasing user confidence in Higress’s reliability for users utilizing or planning to use Cloudflare as part of their network infrastructure.
Related PR: #2980
Contributor: @Jing-ze
Change Log: Enhanced the CI workflow for unit testing of WASM plugins by adding coverage display features and setting an 80% coverage threshold.
Feature Value: This enhances the quality and transparency of the testing process, ensuring that WASM plugins meet certain code coverage standards, helping to discover potential issues and increasing code reliability.

Release Statistics

New Features: 23 items
Bug Fixes: 14 items
Refactoring Optimizations: 2 items
Documentation Updates: 1 item
Testing Improvements: 4 items

Total: 44 changes (including 3 important updates)

02 Higress Console Update

Overview of This Release

This release includes 18 updates, covering multiple areas such as feature enhancements, bug fixes, performance optimizations, and more.

Distribution of Updates

New Features: 7 items

Bug Fixes: 10 items

Documentation Updates: 1 item

Complete Change Log

New Features

Related PR: #621
Contributor: @Thomas-Eliot
Change Log: This PR optimizes the interactive capabilities of the MCP Server, including rewriting headers, modifying interaction methods to support transport selection, and improving DSN character processing logic to support special characters @.
Feature Value: With these improvements, users can configure and use the MCP Server more flexibly, particularly in direct routing scenarios, enhancing system flexibility and usability.
Related PR: #612
Contributor: @zhwaaaaaa
Change Log: Added handling to ignore hop-to-hop headers in DashboardServiceImpl, preventing headers like Transfer-Encoding: chunked from being inadvertently forwarded.
Feature Value: By correctly handling hop-to-hop headers, it ensures the Grafana page works normally in environments using reverse proxy servers, enhancing system compatibility and user experience.
Related PR: #608
Contributor: @Libres-coder
Change Log: This PR adds plugin display support to the AI routing management page, allowing users to expand AI routing rows to view enabled plugins and see the "Enabled" label on the configuration page.
Feature Value: This enhances AI routing management features, enabling users to manage the status of AI-related plugins more intuitively, thus improving user experience and operational convenience.
Related PR: #604
Contributor: @CH3CHO
Change Log: This PR introduces path rewriting capabilities using higress.io/rewrite-target annotations, supporting regular expressions, enhancing the flexibility of path configurations.
Feature Value: By adding regex-based path rewriting capabilities, users can more flexibly control and transform request paths, improving Higress gateway routing capabilities and meeting more scenario-specific needs.
Related PR: #603
Contributor: @CH3CHO
Change Log: This PR shows a fixed service port 80 for static service sources, achieved by hardcoding this value in the frontend components.
Feature Value: Users can see and understand the default port number specific to static service sources more intuitively, enhancing UI clarity and user experience.
Related PR: #602
Contributor: @CH3CHO
Change Log: This PR adds a search feature to the frontend page, supporting users in searching for upstream services when selecting AI routes, thus enhancing user experience.
Feature Value: This feature allows users to quickly and accurately find the upstream services they need, simplifying configuration processes and improving operational efficiency.
Related PR: #566
Contributor: @OuterCyrex
Change Log: This PR adds support for customizing Qwen services, including enabling internet search, uploading file IDs, etc. The main changes are concentrated in the backend SDK and frontend UI sections.
Feature Value: By supporting custom Qwen services, users can flexibly configure AI services, such as using specific internet search functions or designating file IDs to meet more personalized needs.

Bug Fixes

Related PR: #620
Contributor: @CH3CHO
Change Log: Corrected spelling errors in the sortWasmPluginMatchRules logic to ensure matching rules are sorted correctly.
Feature Value: Fixing this spelling error improves code reliability and readability, ensuring Wasm plugin matching rules work as intended, reducing potential runtime errors.
Related PR: #619
Contributor: @CH3CHO
Change Log: This PR removed version information from the data JSON during the AiRoute to ConfigMap conversion process, as this information is already stored in the metadata of ConfigMap.
Feature Value: By removing redundant data, it improves configuration consistency and simplicity, reducing potential data conflicts and inconsistencies.
Related PR: #618
Contributor: @CH3CHO
Change Log: This PR refactors the API authentication logic in SystemController to eliminate existing security vulnerabilities by adding AllowAnonymous annotations and adjusting setting in ApiStandardizationAspect class, ensuring the system's increased security.
Feature Value: This enhancement improves system security by preventing unauthorized access and potential security threats, enhancing user experience and trust.
Related PR: #617
Contributor: @CH3CHO
Change Log: Fixed frontend console errors including missing key properties for list elements, image loading failures due to CSP policy restrictions, and errors in the Consumer.name field type.
Feature Value: Addresses multiple frontend issues users encounter during use, enhancing user experience and ensuring application stability and security.
Related PR: #614
Contributor: @lc0138
Change Log: This PR corrects the erroneous type for the type field in the ServiceSource class and adds dictionary value validation to ensure data accuracy.
Feature Value: By fixing type errors in service source types, it enhances data consistency and reliability within the system, reducing potential issues arising from type mismatches.
Related PR: #613
Contributor: @lc0138
Change Log: This PR adds 15 new lines of code to the frontend document.tsx file to address security risks such as CSP, ensuring the application's security.
Feature Value: Fixing security risks associated with content security policies enhances the application's security level, protecting users from potential threats.
Related PR: #611
Contributor: @qshuai
Change Log: Corrected the description error for adding new route API in LlmProvidersController.java file, changing the title from ‘Add a new route’ to ‘Ad’.
Feature Value: This fix resolves misleading information in API documentation, ensuring developers can accurately understand API functionality, enhancing development experience and reducing potential misuse.
Related PR: #609
Contributor: @CH3CHO
Change Log: Fixed the type error in the Consumer.name field, changing the type from boolean to string.
Feature Value: This fix ensures data consistency and accuracy for the Consumer.name field, avoiding data handling issues resulting from type errors, enhancing system stability and user experience.
Related PR: #605
Contributor: @SaladDay
Change Log: Corrected the verification rules for AI routing names to support dots and unified casing restrictions with interface prompts. Updated multilingual error prompts accordingly.
Feature Value: Resolves inconsistencies users encounter when setting AI routing names, enhancing user experience and system usability, ensuring consistency and accuracy of information.
Related PR: #552
Contributor: @lcfang
Change Log: This PR introduces the vport property to resolve compatibility issues caused by inconsistent service instance ports, offering selective configuration of virtual ports during registration.
Feature Value: By introducing the vport property, users can more flexibly manage backend instance port changes, avoiding service routing issues caused by port changes, enhancing system stability and flexibility.

Documentation Updates

Related PR: #610
Contributor: @heimanba
Change Log: This PR updates the documentation configuration for the frontend grayscale plugin, including changes to mandatory field descriptions, updating associated rules, and synchronizing content in Chinese and English README and spec.yaml files.
Feature Value: By adjusting the configuration requirements and descriptions in the documentation, it enhances the flexibility and compatibility of configurations, making it easier for users to understand and use the frontend grayscale plugin functionality.