Bug fixes

* Abort the optimistic initial run if there are no stored TA certificates
  for a TAL instead of succeeding with an empty data set. ([#1071])
* Undo `PrivateUsers` restriction in systemd unit files to allow user to run
  Routinator on privileged ports. ([#1068])

Pkgsrc changes:
 * Version bump + checksum updates.

Upstream changes:

## 0.15.1 "Ain't No Country Club Either"

Released 2025-10-07.

Bug fixes

* Abort the optimistic initial run if there are no stored TA certificates
  for a TAL instead of succeeding with an empty data set. ([#1071])
* Undo `PrivateUsers` restriction in systemd unit files to allow user to run
  Routinator on privileged ports. ([#1068])

[#1068]: NLnetLabs/routinator#1068
[#1071]: NLnetLabs/routinator#1071


## 0.15.0 "This Ain't No Disco"

Released 2025-09-30

There have been no changes since 0.15.0-rc1.

## 0.15.0-rc1

Released 2025-09-18.

Breaking changes

* Removed the `rrdp-keep-responses` feature. We suggest the use of an HTTP
  proxy such as [mitmproxy] instead.

  This once and for all fixes [CVE-2023-39916] which returned again in
  release 0.14.0. ([#1055])
* Messages about issues with repositories and publication points are now
  logged separately and by default are only visible in the status HTTP
  server endpoints. The new `log-repository-issues` option can be used to
  have these messages also written to the log. ([#1054])
* Changed how server mode deals with broken or missing local exception
  files. Previously, Routinator would just stop updating until they are
  fixed, leading to updates being stalled if the operator misses the error
  messages. Now it will log a warning and keep using the previous set of
  local exceptions. When starting, it will exit with an error message if
  there are broken or missing local exception files. ([#1060])
* Changed the RRDP timeouts: introduced a new config variable
  `rrdp-read-timeout` that provides a timeout for individual network
  operations (primarily: read from the server). Its default is 10 seconds.
  This timeout is also used for connecting of no specific value is given,
  significantly speeding up validation runs.

  In addition, the RRDP timeout was increased from 300 to 600 seconds to
  better deal with slow transmission of large snapshots of some
  repositories. ([#1061])

New

* Added a quick initial run after starting the server which only uses
  stored data and aborts if any required data hasn't been requested
  before to deal with configuration changes. This will shorten the wait
  time for an initial data set when restarting Routinator. ([#1057])
* Added support for SLURM v2 as output format which includes ASPA payload.
  ([#1021])
* Changed refresh behaviour to better cope with short-lived objects. By
  default, Routinator will now wait for the time defined by `refresh` even
  if objects expire earlier. The new `min-refresh` option can be used to
  specify a short minimum refresh time if objects expire before the
  refresh time. If this value is set to 0, the old behaviour is restored.
  ([#1027])
* The order in which manifest entries are processed is now randomized.
  ([#1041])
* Reduced the overhead of storing RRDP snapshot downloads, significantly
  improving the snapshot update times. ([#1035])
* The `dump` command now prints the source directories of the data it
  dumps. ([#1045])
* Added a `--update-after` option to the `vrps` subcommand that skips
  updating the local cache if the last successful validation run was known
  to be less than a given number of minutes ago. ([#1049])
* Error responses for API-related HTTP endpoints now contain JSON bodies.
  ([#1050])
* The `/validity` HTTP server endpoint now accepts POST requests with a
  JSON body containing multiple routes to be checked all at once.
  ([#1053])
* Better protect against corrupted stored publication points by double
  checking cached manifest properties against the actual manifest and
  discard the stored publication point if they mismatch.

  This fixes an issue where an accidentally or maliciously manipulated
  locally stored manifest could block update of a legitimate new manifest
  which was reported by Zizhi Shang, Zhechao Lin, Jiahao Cao, Yangyang Wang,
  Mingwei Xu of the Institute for Network Sciences and Cyberspace (INSC),
  Tsinghua University.

Bug fixes

* Fixed a crash if certain invalid character appear in a manifest file
  name by limiting the name to the rules defined in [RFC9286]. This issue
  was reported by  Niklas Vogel of Goethe University Frankfurt and ATHENE.
  ([rpki-rs#342])
* Re-implemented RRDP client metrics based on the much simpler model used
  by RTRTR to fix recurring errors in the metrics. ([#1039])
* Changed the message logged when an RRDP update times out to actually say
  that. ([#1052])

Other changes

* Improved performance of file system operations on validate subcommand.
  ([#1043] by [@kawaemon])
* Add package.homepage to Cargo.toml ([#1024])
* Added building packages for RHEL 10 and Debian 13. ([#1034], [#1047])
* Added building packages for ARMv6 and ARM64 for Debian Bookworm.
  ([#1036])
* Added additional restrictions to the systemd unit files used in the
  various binary packages. ([#1056])
* Upgrades various dependencies. ([#1004], [#1005], [#1006])

[#1004]: NLnetLabs/routinator#1004
[#1005]: NLnetLabs/routinator#1005
[#1006]: NLnetLabs/routinator#1006
[#1014]: NLnetLabs/routinator#1014
[#1021]: NLnetLabs/routinator#1021
[#1024]: NLnetLabs/routinator#1024
[#1027]: NLnetLabs/routinator#1027
[#1034]: NLnetLabs/routinator#1034
[#1035]: NLnetLabs/routinator#1035
[#1036]: NLnetLabs/routinator#1036
[#1039]: NLnetLabs/routinator#1039
[#1041]: NLnetLabs/routinator#1041
[#1043]: NLnetLabs/routinator#1043
[#1045]: NLnetLabs/routinator#1045
[#1047]: NLnetLabs/routinator#1047
[#1049]: NLnetLabs/routinator#1049
[#1052]: NLnetLabs/routinator#1052
[#1053]: NLnetLabs/routinator#1053
[#1055]: NLnetLabs/routinator#1055
[#1056]: NLnetLabs/routinator#1056
[#1057]: NLnetLabs/routinator#1057
[#1060]: NLnetLabs/routinator#1060
[#1061]: NLnetLabs/routinator#1061
[rpki-rs#342]: NLnetLabs/rpki-rs#342
[@kawaemon]: https://github.com/kawaemon
[mitmproxy]: https://www.mitmproxy.org/
[RFC9286]: https://tools.ietf.org/html/rfc9286
[CVE-2023-39916]: https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt

## 0.14.2 "Roll Initiative!"

Released 2025-03-04.

There have been no changes since 0.14.2-rc1.


## 0.14.2-rc1

Released 2025-03-04.

Other changes

* Upgrades the bundled Routinator UI to release [0.4.5][routinator-ui v0.4.5].
  ([#1014])

[#1015]: NLnetLabs/routinator#1015
[routinator-ui v0.4.5]: https://github.com/NLnetLabs/routinator-ui/releases/tag/v0.4.5

Pkgsrc changes:
 * Version bump + checksum updates.

Upstream changes:

## 0.15.1 "Ain't No Country Club Either"

Released 2025-10-07.

Bug fixes

* Abort the optimistic initial run if there are no stored TA certificates
  for a TAL instead of succeeding with an empty data set. ([#1071])
* Undo `PrivateUsers` restriction in systemd unit files to allow user to run
  Routinator on privileged ports. ([#1068])

[#1068]: NLnetLabs/routinator#1068
[#1071]: NLnetLabs/routinator#1071


## 0.15.0 "This Ain't No Disco"

Released 2025-09-30

There have been no changes since 0.15.0-rc1.

## 0.15.0-rc1

Released 2025-09-18.

Breaking changes

* Removed the `rrdp-keep-responses` feature. We suggest the use of an HTTP
  proxy such as [mitmproxy] instead.

  This once and for all fixes [CVE-2023-39916] which returned again in
  release 0.14.0. ([#1055])
* Messages about issues with repositories and publication points are now
  logged separately and by default are only visible in the status HTTP
  server endpoints. The new `log-repository-issues` option can be used to
  have these messages also written to the log. ([#1054])
* Changed how server mode deals with broken or missing local exception
  files. Previously, Routinator would just stop updating until they are
  fixed, leading to updates being stalled if the operator misses the error
  messages. Now it will log a warning and keep using the previous set of
  local exceptions. When starting, it will exit with an error message if
  there are broken or missing local exception files. ([#1060])
* Changed the RRDP timeouts: introduced a new config variable
  `rrdp-read-timeout` that provides a timeout for individual network
  operations (primarily: read from the server). Its default is 10 seconds.
  This timeout is also used for connecting of no specific value is given,
  significantly speeding up validation runs.

  In addition, the RRDP timeout was increased from 300 to 600 seconds to
  better deal with slow transmission of large snapshots of some
  repositories. ([#1061])

New

* Added a quick initial run after starting the server which only uses
  stored data and aborts if any required data hasn't been requested
  before to deal with configuration changes. This will shorten the wait
  time for an initial data set when restarting Routinator. ([#1057])
* Added support for SLURM v2 as output format which includes ASPA payload.
  ([#1021])
* Changed refresh behaviour to better cope with short-lived objects. By
  default, Routinator will now wait for the time defined by `refresh` even
  if objects expire earlier. The new `min-refresh` option can be used to
  specify a short minimum refresh time if objects expire before the
  refresh time. If this value is set to 0, the old behaviour is restored.
  ([#1027])
* The order in which manifest entries are processed is now randomized.
  ([#1041])
* Reduced the overhead of storing RRDP snapshot downloads, significantly
  improving the snapshot update times. ([#1035])
* The `dump` command now prints the source directories of the data it
  dumps. ([#1045])
* Added a `--update-after` option to the `vrps` subcommand that skips
  updating the local cache if the last successful validation run was known
  to be less than a given number of minutes ago. ([#1049])
* Error responses for API-related HTTP endpoints now contain JSON bodies.
  ([#1050])
* The `/validity` HTTP server endpoint now accepts POST requests with a
  JSON body containing multiple routes to be checked all at once.
  ([#1053])
* Better protect against corrupted stored publication points by double
  checking cached manifest properties against the actual manifest and
  discard the stored publication point if they mismatch.

  This fixes an issue where an accidentally or maliciously manipulated
  locally stored manifest could block update of a legitimate new manifest
  which was reported by Zizhi Shang, Zhechao Lin, Jiahao Cao, Yangyang Wang,
  Mingwei Xu of the Institute for Network Sciences and Cyberspace (INSC),
  Tsinghua University.

Bug fixes

* Fixed a crash if certain invalid character appear in a manifest file
  name by limiting the name to the rules defined in [RFC9286]. This issue
  was reported by  Niklas Vogel of Goethe University Frankfurt and ATHENE.
  ([rpki-rs#342])
* Re-implemented RRDP client metrics based on the much simpler model used
  by RTRTR to fix recurring errors in the metrics. ([#1039])
* Changed the message logged when an RRDP update times out to actually say
  that. ([#1052])

Other changes

* Improved performance of file system operations on validate subcommand.
  ([#1043] by [@kawaemon])
* Add package.homepage to Cargo.toml ([#1024])
* Added building packages for RHEL 10 and Debian 13. ([#1034], [#1047])
* Added building packages for ARMv6 and ARM64 for Debian Bookworm.
  ([#1036])
* Added additional restrictions to the systemd unit files used in the
  various binary packages. ([#1056])
* Upgrades various dependencies. ([#1004], [#1005], [#1006])

[#1004]: NLnetLabs/routinator#1004
[#1005]: NLnetLabs/routinator#1005
[#1006]: NLnetLabs/routinator#1006
[#1014]: NLnetLabs/routinator#1014
[#1021]: NLnetLabs/routinator#1021
[#1024]: NLnetLabs/routinator#1024
[#1027]: NLnetLabs/routinator#1027
[#1034]: NLnetLabs/routinator#1034
[#1035]: NLnetLabs/routinator#1035
[#1036]: NLnetLabs/routinator#1036
[#1039]: NLnetLabs/routinator#1039
[#1041]: NLnetLabs/routinator#1041
[#1043]: NLnetLabs/routinator#1043
[#1045]: NLnetLabs/routinator#1045
[#1047]: NLnetLabs/routinator#1047
[#1049]: NLnetLabs/routinator#1049
[#1052]: NLnetLabs/routinator#1052
[#1053]: NLnetLabs/routinator#1053
[#1055]: NLnetLabs/routinator#1055
[#1056]: NLnetLabs/routinator#1056
[#1057]: NLnetLabs/routinator#1057
[#1060]: NLnetLabs/routinator#1060
[#1061]: NLnetLabs/routinator#1061
[rpki-rs#342]: NLnetLabs/rpki-rs#342
[@kawaemon]: https://github.com/kawaemon
[mitmproxy]: https://www.mitmproxy.org/
[RFC9286]: https://tools.ietf.org/html/rfc9286
[CVE-2023-39916]: https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt

## 0.14.2 "Roll Initiative!"

Released 2025-03-04.

There have been no changes since 0.14.2-rc1.


## 0.14.2-rc1

Released 2025-03-04.

Other changes

* Upgrades the bundled Routinator UI to release [0.4.5][routinator-ui v0.4.5].
  ([#1014])

[#1015]: NLnetLabs/routinator#1015
[routinator-ui v0.4.5]: https://github.com/NLnetLabs/routinator-ui/releases/tag/v0.4.5

Pkgsrc changes:
 * Version bump + checksum updates.

Upstream changes:

## 0.15.1 "Ain't No Country Club Either"

Released 2025-10-07.

Bug fixes

* Abort the optimistic initial run if there are no stored TA certificates
  for a TAL instead of succeeding with an empty data set. ([#1071])
* Undo `PrivateUsers` restriction in systemd unit files to allow user to run
  Routinator on privileged ports. ([#1068])

[#1068]: NLnetLabs/routinator#1068
[#1071]: NLnetLabs/routinator#1071


## 0.15.0 "This Ain't No Disco"

Released 2025-09-30

There have been no changes since 0.15.0-rc1.

## 0.15.0-rc1

Released 2025-09-18.

Breaking changes

* Removed the `rrdp-keep-responses` feature. We suggest the use of an HTTP
  proxy such as [mitmproxy] instead.

  This once and for all fixes [CVE-2023-39916] which returned again in
  release 0.14.0. ([#1055])
* Messages about issues with repositories and publication points are now
  logged separately and by default are only visible in the status HTTP
  server endpoints. The new `log-repository-issues` option can be used to
  have these messages also written to the log. ([#1054])
* Changed how server mode deals with broken or missing local exception
  files. Previously, Routinator would just stop updating until they are
  fixed, leading to updates being stalled if the operator misses the error
  messages. Now it will log a warning and keep using the previous set of
  local exceptions. When starting, it will exit with an error message if
  there are broken or missing local exception files. ([#1060])
* Changed the RRDP timeouts: introduced a new config variable
  `rrdp-read-timeout` that provides a timeout for individual network
  operations (primarily: read from the server). Its default is 10 seconds.
  This timeout is also used for connecting of no specific value is given,
  significantly speeding up validation runs.

  In addition, the RRDP timeout was increased from 300 to 600 seconds to
  better deal with slow transmission of large snapshots of some
  repositories. ([#1061])

New

* Added a quick initial run after starting the server which only uses
  stored data and aborts if any required data hasn't been requested
  before to deal with configuration changes. This will shorten the wait
  time for an initial data set when restarting Routinator. ([#1057])
* Added support for SLURM v2 as output format which includes ASPA payload.
  ([#1021])
* Changed refresh behaviour to better cope with short-lived objects. By
  default, Routinator will now wait for the time defined by `refresh` even
  if objects expire earlier. The new `min-refresh` option can be used to
  specify a short minimum refresh time if objects expire before the
  refresh time. If this value is set to 0, the old behaviour is restored.
  ([#1027])
* The order in which manifest entries are processed is now randomized.
  ([#1041])
* Reduced the overhead of storing RRDP snapshot downloads, significantly
  improving the snapshot update times. ([#1035])
* The `dump` command now prints the source directories of the data it
  dumps. ([#1045])
* Added a `--update-after` option to the `vrps` subcommand that skips
  updating the local cache if the last successful validation run was known
  to be less than a given number of minutes ago. ([#1049])
* Error responses for API-related HTTP endpoints now contain JSON bodies.
  ([#1050])
* The `/validity` HTTP server endpoint now accepts POST requests with a
  JSON body containing multiple routes to be checked all at once.
  ([#1053])
* Better protect against corrupted stored publication points by double
  checking cached manifest properties against the actual manifest and
  discard the stored publication point if they mismatch.

  This fixes an issue where an accidentally or maliciously manipulated
  locally stored manifest could block update of a legitimate new manifest
  which was reported by Zizhi Shang, Zhechao Lin, Jiahao Cao, Yangyang Wang,
  Mingwei Xu of the Institute for Network Sciences and Cyberspace (INSC),
  Tsinghua University.

Bug fixes

* Fixed a crash if certain invalid character appear in a manifest file
  name by limiting the name to the rules defined in [RFC9286]. This issue
  was reported by  Niklas Vogel of Goethe University Frankfurt and ATHENE.
  ([rpki-rs#342])
* Re-implemented RRDP client metrics based on the much simpler model used
  by RTRTR to fix recurring errors in the metrics. ([#1039])
* Changed the message logged when an RRDP update times out to actually say
  that. ([#1052])

Other changes

* Improved performance of file system operations on validate subcommand.
  ([#1043] by [@kawaemon])
* Add package.homepage to Cargo.toml ([#1024])
* Added building packages for RHEL 10 and Debian 13. ([#1034], [#1047])
* Added building packages for ARMv6 and ARM64 for Debian Bookworm.
  ([#1036])
* Added additional restrictions to the systemd unit files used in the
  various binary packages. ([#1056])
* Upgrades various dependencies. ([#1004], [#1005], [#1006])

[#1004]: NLnetLabs/routinator#1004
[#1005]: NLnetLabs/routinator#1005
[#1006]: NLnetLabs/routinator#1006
[#1014]: NLnetLabs/routinator#1014
[#1021]: NLnetLabs/routinator#1021
[#1024]: NLnetLabs/routinator#1024
[#1027]: NLnetLabs/routinator#1027
[#1034]: NLnetLabs/routinator#1034
[#1035]: NLnetLabs/routinator#1035
[#1036]: NLnetLabs/routinator#1036
[#1039]: NLnetLabs/routinator#1039
[#1041]: NLnetLabs/routinator#1041
[#1043]: NLnetLabs/routinator#1043
[#1045]: NLnetLabs/routinator#1045
[#1047]: NLnetLabs/routinator#1047
[#1049]: NLnetLabs/routinator#1049
[#1052]: NLnetLabs/routinator#1052
[#1053]: NLnetLabs/routinator#1053
[#1055]: NLnetLabs/routinator#1055
[#1056]: NLnetLabs/routinator#1056
[#1057]: NLnetLabs/routinator#1057
[#1060]: NLnetLabs/routinator#1060
[#1061]: NLnetLabs/routinator#1061
[rpki-rs#342]: NLnetLabs/rpki-rs#342
[@kawaemon]: https://github.com/kawaemon
[mitmproxy]: https://www.mitmproxy.org/
[RFC9286]: https://tools.ietf.org/html/rfc9286
[CVE-2023-39916]: https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt

## 0.14.2 "Roll Initiative!"

Released 2025-03-04.

There have been no changes since 0.14.2-rc1.


## 0.14.2-rc1

Released 2025-03-04.

Other changes

* Upgrades the bundled Routinator UI to release [0.4.5][routinator-ui v0.4.5].
  ([#1014])

[#1015]: NLnetLabs/routinator#1015
[routinator-ui v0.4.5]: https://github.com/NLnetLabs/routinator-ui/releases/tag/v0.4.5