From: Peter van Dijk <peter.van.dijk@powerdns.com>
Date: Fri, 17 Mar 2023 13:09:01 +0000 (+0100)
Subject: auth-4.8.0-alpha1: secpoll&docs
X-Git-Tag: dnsdist-1.8.0~7^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F12661%2Fhead;p=thirdparty%2Fpdns.git

auth-4.8.0-alpha1: secpoll&docs
---

diff --git a/.github/actions/spell-check/expect.txt b/.github/actions/spell-check/expect.txt
index 72edf12d48..27c23e81a1 100644
--- a/.github/actions/spell-check/expect.txt
+++ b/.github/actions/spell-check/expect.txt
@@ -721,6 +721,7 @@ libsystemd
 libtdsodbc
 libyaml
 libzmq
+lightningstream
 Lindqvist
 linenos
 linenum
@@ -763,6 +764,8 @@ Luuk
 LYg
 Maik
 Maikel
+MAILA
+MAILB
 Majer
 Makefiles
 malcrafted
@@ -1235,6 +1238,7 @@ Shabanov
 Shafir
 shantikulkarni
 shinsterneck
+shnya
 showdetails
 showflags
 Shukla
@@ -1352,6 +1356,7 @@ supervisord
 Surfnet
 swapcontext
 swoga
+syncer
 syncres
 sysadmin
 syscalls
diff --git a/docs/backends/lmdb.rst b/docs/backends/lmdb.rst
index 0a2e5d1c84..64570538cf 100644
--- a/docs/backends/lmdb.rst
+++ b/docs/backends/lmdb.rst
@@ -117,7 +117,8 @@ Defaults to 100 on 32 bit systems, and 16000 on 64 bit systems.
 
   .. versionadded:: 4.8.0
 
-Instead of deleting items from the database, flag them as deleted in the item's [LightningStream](FIXME add link) header.
+Instead of deleting items from the database, flag them as deleted in the item's `Lightning Stream <https://doc.powerdns.com/lightningstream>`_ header.
+Only enable this if you are using Lightning Stream.
 
 LMDB Structure
 --------------
diff --git a/docs/changelog/4.8.rst b/docs/changelog/4.8.rst
new file mode 100644
index 0000000000..5724d2d60c
--- /dev/null
+++ b/docs/changelog/4.8.rst
@@ -0,0 +1,128 @@
+Changelogs for 4.8.x
+====================
+
+.. changelog::
+  :version: 4.8.0-alpha1
+  :released: 21st of March 2023
+
+  This is release 4.8.0-alpha1 of the Authoritative Server.
+
+  In this release, the LMDB backend gains a new Lightning Stream-compatible schema, which requires a data migration (this is automatic, and there is no migration back to the old schema).
+  LMDB backend users should pay extra attention to the :doc:`Upgrade Notes <../upgrading>`.
+
+  `Lightning Stream <https://doc.powerdns.com/lightningstream>`_ is an `open source <https://github.com/PowerDNS/lightningstream>`_ data syncer that allows multiple nodes to sync LMDB (Lightning Memory-Mapped Database) data to and from an S3 (compatible) bucket. This has particular advantages in distributed and/or large-scale applications (i.e. ~1 million records), making DNS replication much, much easier to manage.
+
+  We are excited about how Lightning Stream simplifies running multiple distributed PowerDNS Authoritative servers, with full support for keeping record data and DNSSEC keys in sync, from multiple writers.
+
+  This version also contains various other small fixes and improvements.
+  Except for very minor ones, they are listed below.
+
+
+  .. change::
+    :tags: New Features
+    :pullreq: 12546
+
+    new lmdbbackend storage schema that is compatible with Lightning Stream
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 11101
+
+    save errno value as close(2) might clobber it
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 11600, 12401, 12414, 12423, 12462, 12501, 12502, 12513, 12515, 12516, 12524, 12527, 12540, 12550
+
+    cleanup for OpenSSL 3.0 API    
+
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12127
+
+    Fix multiple-version IXFR request handling in ixfrdist (HÃ¥kan Lindqvist)
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12260
+
+    Properly encode json strings containing binary data
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12322
+
+    lmdb, fix TSIG key removal (Kees Monshouwer)
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 11065
+
+    service files: Add more sandboxing options
+
+  .. change::
+    :tags: New Features
+    :pullreq: 12277
+
+    add byteslimit support to lua ifurlup() function
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 12265
+
+    move alsoNotifies up into DNSBackend
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12252
+
+    Update supported record types: remove A6 MAILA MAILB SIG and WKS, add ZONEMD
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 11346
+
+    Basic abstraction for handling colored terminal output, respecting isatty(), --no-colors and NO_COLOR
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12066
+
+    Detect invalid bytes in `makeBytesFromHex()`
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 11858
+
+    change sdig output order (Kees Monshouwer)
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 11908
+
+    initialize zone cache after dropping privileges (Kees Monshouwer)
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12659
+
+    Prevent a race during the processing of SVC auf-hints
+
+  .. change::
+    :tags: New Features
+    :pullreq: 12406
+
+    pdnsutil, implement list-member-zones (Kees Monshouwer)
+
+  .. change::
+    :tags: New Features
+    :pullreq: 12349
+
+    LUA: accept more hex formats in createForward[6]
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 12331
+
+    fix ColumnSize argument in SQLBindParameter #12324 (v1shnya)
diff --git a/docs/changelog/index.rst b/docs/changelog/index.rst
index 6d5dbfcbe0..c8246ac3b6 100644
--- a/docs/changelog/index.rst
+++ b/docs/changelog/index.rst
@@ -6,6 +6,7 @@ The changelogs for the PowerDNS Authoritative Server are split between release t
 .. toctree::
     :maxdepth: 2
 
+    4.8
     4.7
     4.6
     4.5
diff --git a/docs/secpoll.zone b/docs/secpoll.zone
index d9b07af9c3..9e20c1bc90 100644
--- a/docs/secpoll.zone
+++ b/docs/secpoll.zone
@@ -1,4 +1,4 @@
-@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023031601 10800 3600 604800 10800
+@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023032101 10800 3600 604800 10800
 @       3600    IN  NS  pdns-public-ns1.powerdns.com.
 @       3600    IN  NS  pdns-public-ns2.powerdns.com.
 
@@ -117,6 +117,7 @@ auth-4.7.0.security-status                              60 IN TXT "1 OK"
 auth-4.7.1.security-status                              60 IN TXT "1 OK"
 auth-4.7.2.security-status                              60 IN TXT "1 OK"
 auth-4.7.3.security-status                              60 IN TXT "1 OK"
+auth-4.8.0-alpha1.security-status                       60 IN TXT "1 Unsupported pre-release"
 
 ; Auth Debian
 auth-3.4.1-2.debian.security-status                     60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2015-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-03/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-04/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-05/"
diff --git a/docs/upgrading.rst b/docs/upgrading.rst
index d60ff6d208..2fa79898a5 100644
--- a/docs/upgrading.rst
+++ b/docs/upgrading.rst
@@ -14,10 +14,10 @@ any version to 4.8.x
 LMDB backend
 ^^^^^^^^^^^^
 
-Version 4.8.0-alpha1 ships a new version of the LMDB database schema (called version 5).
+Version 4.8.0-alpha1 ships a new version of the LMDB database schema (called version 5), for compatibility with `Lightning Stream <https://doc.powerdns.com/lightningstream>`_.
 This schema is somewhat experimental, and although we do intend to make databases portable/upgradeable to future releases in the 4.8 train, we currently make no promises.
 There is no downgrade process.
-If you upgrade your database (by starting 4.8.0 without `lmdb-schema-version=4`), you cannot go back.
+If you upgrade your database (by starting 4.8.0 without ``lmdb-schema-version=4``), you cannot go back.
 
 Upgrading is only supported from database schema versions 3 and 4, that is, databases created/upgraded by version 4.4 and up.