Releases: StackExchange/dnscontrol
v4.15.3
Hello and happy new year, DNS fans!
This is mostly a bugfix release but 2 of the bugfixes are very important. It is strongly recommended that you upgrade immediately if you use NAMEDOTCOM at all, and if you use IGNORE*()
features on AUTODNS, BIND, MYTHICBEASTS, REALTIMEREGISTER, or SAKURACLOUD
Major bugs:
-
(#3259) NAMEDOTCOM: TXT records were not generated properly. Quotes were added around the text. This went unnoticed for months (years?). Thanks to @tkurki for reporting this! (FYI: This provider needs a volunteer maintainer. See below!)
-
(#3227) IGNORE() deletes ignored records when used with providers that use the
diff2.ByZone()
function: This affects AUTODNS, BIND, MYTHICBEASTS, REALTIMEREGISTER, SAKURACLOUD only. This was extremely difficult to find but thanks to some smart detective work by @rmc47 we not only found the problem, but developed an entirely new technique for testing IGNORE(). I now have greater confidence in IGNORE() and believe it is bug-free for all cases except when a third-party is updating the zone at the same time (something that can't be fixed because DNS doesn't have transactional locking).
Other news:
-
AXFRDDNS got a long-needed update from (@gucci-on-fleek) who fixed a number of small problems, enabled LOC records, and added it to The List of AutoTested Providers!
-
MYTHICBEASTS is now on The List of AutoTested Providers thanks to @tomfitzhenry!
Speaking of The List of AutoTested Providers: These are the providers that get fully tested with each release:
- AXFRDNS, AZURE_DNS, BIND, CLOUDFLAREAPI, CNR
- DIGITALOCEAN, GANDI_V5, GCLOUD, HEDNS, HEXONET
- MYTHICBEASTS, NAMEDOTCOM, NS1, ROUTE53
- SAKURACLOUD, TRANSIP
All other providers are not tested as often. Want your provider added to this list? Here's how: https://docs.dnscontrol.org/developer-info/byo-secrets
Changelog
Provider-specific changes:
- d0d9926: AXFRDDNS: Add support for LOC records (#3269) (@gucci-on-fleek)
- 9c3a161: AXFRDDNS: Enable automated testing (#3290) (@tlimoncelli)
- e664dae: AXFRDDNS: Modernize, Update supported capabilities (#3294) (@gucci-on-fleek)
- 76bbdc1: GANDI_V5: Increase error verbosity (#3267) (@tlimoncelli)
- fb3adf9: MYTHICBEASTS: Add MYTHICBEASTS to automated tests (#3277) (@tomfitzhenry)
- 43bb75e: MYTHICBEASTS: CHORE: fix code formatting (#3281) (@tlimoncelli)
- a8990ae: NAMEDOTCOM: BUGFIX: TXT records add unneeded quotes (#3260) (@tlimoncelli)
Documentation:
- 35ac9a9: DOCS: Add dep updates steps to rel-eng (#3265) (@tlimoncelli)
- aa93615: DOCS: Add fmtjson and "get co main" to releng docs (@tlimoncelli)
- 2f55b6c: DOCS: How to test a branch (feedback) (#3268) (@cafferata)
- 71539d4: DOCS: Shoutrrr added list of notification services (#3242) (@cafferata)
CI/CD:
- 6d5bfe9: Build(deps): Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#3270) (@dependabot[bot])
- f265dba: Build(deps): Bump alpine from 3.20.3 to 3.21.0 (#3289) (@dependabot[bot])
- ea5e571: CICD: Update docs/comments after file renames (#3278) (@tomfitzhenry)
- 513b8be: CICD: json files should be strictly formatted (#3282) (@tlimoncelli)
Other changes and improvements:
- dd26354: Add .git-blame-ignore-revs (@tlimoncelli)
- a341022: BUGFIX: IGNORE() deletes ignored records on ByZone() platforms (#3263) (@tlimoncelli)
- f202433: CHORE: Remove debug statements (#3293) (@tlimoncelli)
- 1ffd38f: CHORE: Update dependencies (#3266) (@tlimoncelli)
- 2c2d7a1: CHORE: Update dependencies (#3288) (@tlimoncelli)
- 4489295: CHORE: Update dependencies (@tlimoncelli)
- af9e214: CI/CD: Make titles easier to read (#3274) (@tlimoncelli)
- 7f477d8: CI/CD: Run integration tests and GoReleaser concurrently (#3258) (@tlimoncelli)
- 1a1e592: DOC: NEW: How to test a branch (#3264) (@tlimoncelli)
- e232501: TESTING: parse_tests: Generate post-processed json files (@tlimoncelli)
- e9ff430: TESTING: parse_tests: reformat/regenerate .js .json files (@tlimoncelli)
- 876451b: empty (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.15.2
Happy holidays, DNSControl Fans!
Another quick bugfix release. This is particularly important if you use the BIND provider.
Bug: BIND
In 4.15.1 a bug was introduced that made the BIND provider use the
same filename for all zonefiles. That is fixed in this release. As a
bonus, BIND joins the list of providers that can run concurrently.
Do not use 4.15.1 if you use BIND.
Possible bug: IGNORE() plus MYTHICBEASTS
We're tracking a bug that was reported involving IGNORE() with MYTHICBEASTS (#3227). If you use any of the IGNORE*() functions, please push with caution.
It might affect other providers that use the diff2.ByZone() function call (AUTODNS, BIND, REALTIMEREGISTER, SAKURACLOUD) with a smaller change it will affect providers that use the diff2.ByRecordSet() function (AZURE, GCLOUD, GCORE, HUAWEICLOUD, NS1, POWERDNS, ROUTE53, TRANSIP).
If you use any of those providers, we can use your help! Please run the integration tests (https://docs.dnscontrol.org/developer-info/integration-tests) and report if they were successful or not. This release includes a new test that should trigger this bug: Integration test number 77 IGNORE w/change b3227
That's it!
Sorry for the releases right before most people are going on break! If you are concerned about other issues, the last v4.14.x release was very stable and is backwards compatible.
Best,
Tom
Changelog
Provider-specific changes:
- a7e83de: BIND: Allow use in cmode=concurrent (#3254) (@tlimoncelli)
Documentation:
- ee49704: DOCS: Trailing commas are no longer an issue (#3248) (@cafferata)
Dependencies:
- c74fbd5: CHORE: update deps (#3256) (@tlimoncelli)
Other changes and improvements:
- c1206a8: ENHANCEMENT: get-zones: No longer generate END tokens (#3253) (@tlimoncelli)
- 3d25d3e: TEST: Improve IGNORE() integration tests (#3255) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.15.1
Hi DNSControl fans!
The speed and concurrency benefits announced in v4.15.0 were accidentally only applied to preview
and not push
. The 2-byte change in #3249 fixes that. Now push
is as fast as preview
(plus the time it takes to do any updates).
One user reported runtimes went from 57 seconds to 7 seconds. That's a 87% reduction in run-time!
Best,
Tom
Changelog
Documentation:
- 29283f7: DOCS: Update Mattermost docs link (#3247) (@willpower232)
Other changes and improvements:
- 4357950: BUGFIX: push not running concurrently (#3249) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.15.0
Greetings and happy holidays, DNSControl fans!
Santa (or the super-natural gift-delivery being of your choice) has graced us with THREE big, new, exciting, features, plus a ton of other fixes and improvements.
BIG NEWS # 1: The last line of a D()
statement can now have a comma!
In the past, leaving off the last comma would give an error:
D("example.com", REG_NONE, DnsProvider(DSP_EXAMPLE),
A("test", "1.2.3.4") <<< look, Ma! No comma!
END);
### version 4.14.x:
$ dnscontrol check
executing dnsconfig.js: (anonymous): Line 183:25 Unexpected token )
### version 4.15.0:
$ dnscontrol check
No errors.
Best of all we got this feature simply by upgrading to the newest version of the JavaScript interpreter we use (https://github.com/robertkrimen/otto). In the latest release @linuxerwang (who has probably never heard of our project) submitted this enhancement in robertkrimen/otto#520 and we all benefit.
This affects all kinds of JavaScript lists, not just D()
statements.
Thanks, Santa! .... I mean @linuxerwang!
BIG NEWS # 2: The default for --cmode
is now concurrent
.
This means your preview
will run many times faster because all the domains are collected concurrently. Some people have reported runtimes are reduced 50-75%.
This change was announced months ago in #3142 plus dnscontrol
printed warnings since v4.14.0.
The following providers added concurrency support in this release: CLOUDNS, CNR, DIGITALOCEAN, GANDI_V5, HETZNER, NAMECHEAP, NETLIFY
Providers that already support concurrency include: AZURE_DNS, CLOUDFLAREAPI, CSCGLOBAL, DESEC, GCLOUD, NS1, ROUTE53, TRANSIP.
This code is a bit new. If you find a bug, use --cmode=none
to disable concurrency. (and file a bug report!)
BIG NEWS # 3: Notifications can now be sent using Shouterr
Notifications are now handled by the Shouterr package. Shouterr supports every chat system I've heard of, plus plenty of other systems. In the future Shouterr will become the standard way to send notifications and other methods will be deprecated. How to set up notifications is documented at https://docs.dnscontrol.org/advanced-features/notifications.
Other new features worth mentioning:
- NEW PROVIDER: CentralNic Reseller (CNR) - formerly RRPProxy (#3203) (@AsifNawaz-cnic)
- PORKBUN: handles retries/ratelimits better, and now also supports CAA.
- The
get-zones
subcommand is more reliable, which probably also makespreview
more reliable.
Thanks to everyone for their contributions! This is a community-driven project and we couldn't do it without all your PRs, reviews, and other support!
Stay safe! See you in the new year!
--Tom
Here's the details:
Changelog
Major features:
- b2ee265: NEW PROVIDER: CentralNic Reseller (CNR) - formerly RRPProxy (#3203) (@AsifNawaz-cnic)
Provider-specific changes:
- 9d42930: CLOUDNS: enable concurrent access (#3232) (@hmoffatt)
- 0b85cf2: CNR Provider: Review CI / Docs / Capabilities (add NAPTR, SSHFP) (#3241) (@tlimoncelli)
- 006a434: CNR: Disable pager101 integration test (#3226) (@tlimoncelli)
- 2eeeb76: DIGITALOCEAN: Enable cmode concurrent (#3207) (@willpower232)
- 52c9bad: GANDI: Enable cmode concurrent (#3201) (@tlimoncelli)
- 5d625e8: HETZNER: enable concurrency capability (#3234) (@das7pad)
- 87fcb27: NAMECHEAP: Enable cmode concurrent (#3202) (@tlimoncelli)
- d29c1cf: NETLIFY: Enable cmode concurrent (#3205) (@willpower232)
- de6afe2: PORKBUN: increase req interval and retry on 503 (#3228) (@imlonghao)
- 5d8e711: PORKBUN: support CAA (#3200) (@imlonghao)
Documentation:
CI/CD:
- 25652e0: Build(deps): Bump actions/cache from 4.1.2 to 4.2.0 (#3229) (@dependabot[bot])
- cc0058b: Build(deps): Bump alpine from
beefdbd
to1e42bbe
(#3208) (@dependabot[bot]) - be48b6e: Build(deps): Bump github.com/oracle/oci-go-sdk/v65 from 65.78.0 to 65.79.0 (#3210) (@dependabot[bot])
- 701cc69: Build(deps): Bump golang.org/x/crypto from 0.30.0 to 0.31.0 (#3240) (@dependabot[bot])
Dependencies:
- 52f6242: CHORE: Update deps (#3230) (@tlimoncelli)
- 9588a91: CHORE: Update deps (#3237) (@tlimoncelli)
- bbaf083: update deps (#3214) (@tlimoncelli)
Other changes and improvements:
- e774e2d: Add notifications with Shoutrr (#3215) (@hmoffatt)
- 9bb9f16: BUG: Errors while listing zones do not propagate through the system (#2474) (#3216) (@hmoffatt)
- 9df5a25: CHORE: Linting corrections (#3236) (@tlimoncelli)
- 9357743: CHORE: Remediate staticcheck warnings (#3231) (@tlimoncelli)
- e2cf886: DEFAULT CHANGE: --cmode now defaults to concurrent (#3238) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.14.3
Hi DNSControl fans!
Another bugfix release that only affects very few users.
- NS1 is in the process of removing support for URLFWD, which means our integration tests for that feature have started to fail. I've removed integration tests for URLFWD, but but the feature continues to exist in our code in case anyone still has access to the feature (#3195) (@tlimoncelli)
- IMPORT_TRANSFORM (a feature only for use by Stack Overflow) now lets you skip individual records (#3193) (@tlimoncelli)
- And of course, updated the dependences (#3197) (@tlimoncelli)
Changelog
Provider-specific changes:
- de0f346: NS1: Remove tests for NS1_URLFWD (#3195) (@tlimoncelli)
Dependencies:
- 5c68ccb: CHORE: update deps (#3197) (@tlimoncelli)
Other changes and improvements:
- df8f8a6: feat(import_transform): skip records with import_transform_skip set (#3193) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.14.2
Greetings DNSControl Fans!
This is a bugfix release. The bug only affects one user of DNSControl (you know who you are) therefore adopting this release isn't urgent. This release also bumps modules for HUAWEICLOUD, ORACLE, and SOFTLAYER.
Changelog
CI/CD:
- 1fde133: Build(deps): Bump github.com/huaweicloud/huaweicloud-sdk-go-v3 from 0.1.117 to 0.1.120 (#3186) (@dependabot[bot])
- 8a6912b: Build(deps): Bump github.com/oracle/oci-go-sdk/v65 from 65.75.2 to 65.77.1 (#3187) (@dependabot[bot])
- f14de79: Build(deps): Bump github.com/softlayer/softlayer-go from 1.1.5 to 1.1.7 (#3188) (@dependabot[bot])
Other changes and improvements:
- 74582e1: BUG: IMPORT_TRANSFORM_STRIP not stripping CNAME targets (#3189) (@tlimoncelli)
- 583cba3: IMPORT_TRANSFORM_SUFFIX: Fix for CNAMEs (#3192) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.14.1
Greetings DNSControl Fans!
This is a bugfix release, though one new feature is included (GCORE gains support for GeoDNS/Failover thanks to @xddxdd).
- NS1 no longer fails if it sees a REDIRECT (#3167) (@kabenin)
- ORACLE no longer gives invalid warnings in one situation (#3178) (@fabienmazieres)
- ORACLE supports more than 50 zones (was only seeing the first 50) (#3179) (@fabienmazieres)
- ORACLE now properly handles the API's inconsistent handling of "trailing dot" on NS records (#3170) (@fabienmazieres)
- M365_BUILDER no longer fails on second level domains (#3165) (@CJFelto)
- Security fix: github.com/go-acme/lego to v4 to resolve security issue (#3169) (@jauderho)
- Integration test TestDualProviders cleans up after itself better (#3171) (@fabienmazieres)
Thanks to everyone for their contributions! This is a community-driven project and we couldn't do it without all your PRs, reviews, and other support!
Here's the details:
Changelog
Provider-specific changes:
- be25228: GCORE: Add support for GeoDNS/Failover (#3161) (@xddxdd)
- ee65e46: NS1: Ignore RRSets of type REDIRECT (#3167) (@kabenin)
- 5fbbad1: ORACLE: BUGFIX: Support accounts with > 50 zones (#3179) (@fabienmazieres)
- a6fe3fc: ORACLE: Do not warn about TTL for sub domain NS records (#3178) (@fabienmazieres)
- 4190659: ORACLE: Handle the API's inconsistent NS "trailing dot" issue (#3170) (@fabienmazieres)
CI/CD:
- 16fa123: Build(deps): Bump actions/cache from 4.1.1 to 4.1.2 (#3175) (@dependabot[bot])
- 635eb31: M365_BUILDER: Support second level domains, fix domainGUID Generation (#3165) (@CJFelto)
Dependencies:
- a0f7123: CHORE: Update deps and fmt (#3184) (@tlimoncelli)
Other changes and improvements:
- 1872b12: NEW FEATURE: IMPORT_TRANSFORM_STRIP (#3181) (@tlimoncelli)
- 2abbab0: CHORE: go generate (#3182) (@tlimoncelli)
- 1edde62: Clean-up records after TestDualProviders (#3171) (@fabienmazieres)
- e0ef3cb: GET-CERTS: Bump github.com/go-acme/lego to v4 to resolve security issues with go-jose (#3169) (@jauderho)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.14.0
Hello DNS Fans!
The big news is that the concurrent data gathering feature is stable and will become the default in the next release. Instead of new commands (ppreview
/ppush
) the functionality is enabled using the --cmode
flag.
- v4.14: --cmode defaults to
legacy
(old code, data gathering is done serially) - v4.15: --cmode defaults to
concurrent
(new code, data gathering is done concurrently) - v4.16: The
legacy
mode is removed
Any use of the old, legacy, code prints a warning:
WARN: In v4.15 --cmode will default to "concurrent". Please test and report any bugs ASAP.
In v4.16 or later, "legacy" will go away. See https://docs.dnscontrol.org/commands/preview-push
Any use of the ppreview
/ppush
commands prints a warning similar to:
WARN: ppreview is going away in v4.16 or later. Use "preview --cmode=concurrent" instead.
Other major changes/improvements:
--report
now works inpreview
, not justpush
.- CLOUDNS now supports LOC and AutoDNSSEC.
- The "# of corrections" count was wrong for some providers. It should now be accurate for all providers.
Thanks to everyone for their contributions! This is a community project and we couldn't do it without all your help!
Tom
Changelog
Major features:
- bbc6892: FEATURE: enable --report for preview (not just push) (#3149) (@tlimoncelli)
- 16a99a1: CHORE: Add deprecation messages to preview/push/ppreview/ppush commands (#3155) (@tlimoncelli)
- 06ba3cc: Bugfix: Providers with batched updates might not report the correct number of changes (#3108) (@tlimoncelli)
Provider-specific changes:
- 040384f: BIND: DOCS: clarify meta config instructions (#3111) (@chicks-net)
- d7f4d0e: CLOUDNS: add support for LOC records (#3127) (@hmoffatt)
- c1abd5d: CLOUDNS: don't print full URL on error (#3124) (#3126) (@hmoffatt)
- dcba570: CLOUDNS: implement AutoDNSSEC (#747) (#3114) (@hmoffatt)
- 795dbea: ORACLE: fix nameserver trailing dot error (#3151) (@kallsyms)
- 864325e: PORKBUN: Update porkbun API endpoint per documentation / email (#3153) (@plttn)
- 57f15c1: PORKBUN: fix staticcheck warnings (#3159) (@imlonghao)
- 9178a83: POWERDNS: Improve preformance by using new batched add/remove functions in 0.6.6 API (#3105) (@Veratil)
Documentation:
- 12a72cb: DOCS: Minor clarifications on NAMESERVER() (#3113) (@tlimoncelli)
- 2a424f5: DOCS: Update Cloudflare permission to "Single Redirect" (#3122) (@kevinji)
CI/CD:
- bf2b6cb: Build(deps): Bump actions/cache from 4.0.1 to 4.1.0 (#3147) (@dependabot[bot])
- 967b37d: Build(deps): Bump actions/cache from 4.1.0 to 4.1.1 (#3157) (@dependabot[bot])
- 6e2cfb5: Build(deps): Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#3104) (@dependabot[bot])
- 94e6b48: Build(deps): Bump actions/upload-artifact from 4.4.0 to 4.4.1 (#3146) (@dependabot[bot])
- db91c71: Build(deps): Bump actions/upload-artifact from 4.4.1 to 4.4.3 (#3156) (@dependabot[bot])
- 3553459: Build(deps): Bump alpine from 3.20.2 to 3.20.3 (#3116) (@dependabot[bot])
- ee610bf: Build(deps): Bump github.com/huaweicloud/huaweicloud-sdk-go-v3 from 0.1.115 to 0.1.116 (#3140) (@dependabot[bot])
- b29c65a: Build(deps): Bump github.com/oracle/oci-go-sdk/v65 from 65.75.1 to 65.75.2 (#3152) (@dependabot[bot])
- f18ef35: CICD: GoReleaser snapshot property deprecation (#3131) (@cafferata)
- b22078e: DEV: Update dependabot.yml (#3115) (@tlimoncelli)
Dependencies:
- 2bb0d87: CHORE: Update deps (#3160) (@tlimoncelli)
- 62da39c: CHORE: update deps (#3128) (@tlimoncelli)
- aca618a: CHORE: update deps (#3141) (@tlimoncelli)
Other changes and improvements:
- d6d50fc: LOC: fix float altitude value ingestion, gate size and precision values (#3130) (@systemcrash)
- 269542c: RELEASE: Move some BYOS steps to be standard (#3107) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.13.0
Hello DNS fans!
This release introduces one new provider and many small fixes and improvements.
- NEW PROVIDER: Sakura Cloud (SAKURACLOUD) (thanks to @ttkzw!)
- NEW FEATURE: The HASH() function can generate hash strings. (thanks to @fuero!)
- Improvements to providers: AUTODNS now supports PTR records, GANDI_V5 supports their new authentication system, HUAWEICLOUD has better DNSSEC support, NS1 documents that NS1_URLFWD is going away, ORACLE now abides by rate- limits automatically, PORKBUN now supports URL forwarding, and POWERDNS has added some reliability improvements.
Some big changes are coming:
- #3108 the "change count" is moving out of the individual provider code, into the main code. This will make the "# corrections" count more accurate.
- #3082 investigates making it easier to add new DNS types (A, MX, etc).
Learning Go? Interested in a starter project? Please email tlimoncelli at stackoverflow dot com.
- 23 providers still use
diff.NewCompat()
instead of the newdiff2.By*
functions. There's nothing wrong with that, but upgrade will make the code cleaner, more simple, and might make the "preview" output cleaner. - I have a few other refactoring ideas that will clean up the code. Interested? Let me know!
Thanks to everyone for their contributions! This is a community effort and it wouldn't be a success without all your help!
Changelog
Major features:
- 864d452: NEW PROVIDER: Sakura Cloud (SAKURACLOUD) (#3086) (@ttkzw)
- 94a0cfc: New Feature: HASH() adds hashing functions to dnsconfig.js language (#3085) (@fuero)
Provider-specific changes:
- f2be1a6: AUTODNS: Enable CanUsePTR (#3098) (@christianbur)
- 8899f45: CLOUDFLAREAPI: Upgrade to cloudflare-go v0.102.0 (#3081) (@tlimoncelli)
- 663be6e: GANDI: Adopt new Gandi v5 auth changes (#2726) (@llange)
- e8eca6a: HUAWEICLOUD: Document DNSSEC capability and improve docs, reliability (#3084) (@huihuimoe)
- 1a3d6a3: NS1: add warning for deprecated record (#3078) (@costasd)
- 1738c6e: NS1: update ns1-go to 2.12.0 (#3074) (@costasd)
- 0de789f: ORACLE: Abide by 429-style rate limits, fix Nameserver update bug (#3090) (@fabienmazieres)
- a3b194f: Oracle: Use SDK v65 and default retry policy (#3094) (@fabienmazieres)
- e86c666: PORKBUN: Remove unused function (#3072) (@tlimoncelli)
- 04f34cf: PORKBUN: support URL Forward (#3064) (@imlonghao)
- 8bb5df9: POWERDNS: Use canonical domain in calls to PowerDNS (#3080) (@kytta)
- 3b904d2: SAKURACLOUD: Add SAKURACLOUD to automated tests (#3095) (@ttkzw)
Documentation:
CI/CD:
- 411a1ed: Build(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#3067) (@dependabot[bot])
- 5a20c66: Build(deps): Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#3077) (@dependabot[bot])
- dedf398: Build(deps): Bump alpine from 3.20.1 to 3.20.2 (#3063) (@dependabot[bot])
- 24b5c4b: CICD: Removed CodeQL workflow (#3073) (@cafferata)
Dependencies:
- dd2030e: CHORE: update deps (#3097) (@tlimoncelli)
- 62112d1: update deps (#3068) (@tlimoncelli)
- 74826d3: update deps; go generate (#3106) (@tlimoncelli)
Other changes and improvements:
- 69533fc: BUNNY_DNS: run goimports on convert.go (#3071) (@tlimoncelli)
- 3102ec4: CHORE: gitignore should include *.ACTUAL (#3069) (@tlimoncelli)
- fe7370b: CHORE: go generate (#3079) (@tlimoncelli)
- e03c5cb: Gitter - Drop communication channel (#3066) (@cafferata)
- 2944ede: TESTING: Fix reversed got/want output in compareconfig_test.go (#3070) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.
v4.12.5
Hello DNSControl fans!
This is another bugfix release. Only CLOUDFLAREAPI
is affected, and only the CF_REDIRECT
/CF_TEMP_REDIRECT
/CF_SINGLE_REDIRECT
commands are affected.
Some non-functional improvements are included in this release too. @cafferata contributed code that automatically generates the OWNERS
file, @nikolamilekic and @svenluijten fixed documentation bugs.
Cloudflare-related improvements:
- Bug fixed:
CF_SINGLE_REDIRECT
rule name was not propagating to Cloudflare correctly. #3049 - Bug fixed:
CF_REDIRECT
/CF_TEMP_REDIRECT
rule name generated in conversion mode was long and ugly; now they are short and easier to identify. They are in the (1,302,when,then) format seen inpreview
output. - New feature: Log the
CF_SINGLE_REDIRECT
statements generated whenCF_REDIRECT
/CF_TEMP_REDIRECT
is in conversion mode.
Explanation of the new feature:
Suppose dnsconfig.js
includes a statement like:
D("example.com", ...
CF_TEMP_REDIR("https://example.com/*", "https://replacement.example.com/$1),
In the old days, CF_TEMP_REDIR
would generate a Cloudflare "page rule". However page rules are going away. Therefore, these will now be silently translated into CF_SINGLE_REDIRECT
statements when the manage_single_redirects
meta feature is set to true. A log of these translations can be generated by setting the transcode_log
variable:
var DSP_CLOUDFLARE = NewDnsProvider("cloudflare", {
"manage_single_redirects": true,
"transcode_log": "transcode.log",
});
Once set, any such translations will be appended to the filename transcode.log.
In this example, the log will look like this:
D("example.com", ...
CF_SINGLE_REDIRECT("1,302,https://example.com/*,https://replacement.example.com/$1",
302,
'http.host eq "example.com"',
'concat("https://replacement.example.com", http.request.uri.path)'
),
Replacing the old CF_TEMP_REDIR
statement with the above CF_SINGLE_REDIRECT
statement requires manual cutting and pasting.
While the CF_REDIRECT
/CF_TEMP_REDIRECT
statements are not going away, it is recommended that you convert to CF_SINGLE_REDIRECT
since they are more flexible and officially supported by Cloudflare.
This feature is documented in https://docs.dnscontrol.org/provider/cloudflareapi#old-style-vs-new-style-redirects
Changelog
Provider-specific changes:
- 0869052: CLOUDFLAREAPI: CF_SINGLE_REDIRECT improvements: fix bugs, log translated redirects (#3051) (@tlimoncelli)
Documentation:
- 1d348de: DOCS: Fix M365_BUILDER examples (#3009) (@nikolamilekic)
- cf49ec8: DOCS: Fix markdown links in Cloudflare provider docs (#3046) (@svenluijten)
CI/CD:
- 8fa1a8d: BUILD: Generate OWNERS files (#2997) (@cafferata)
Other changes and improvements:
- 95c7a70: REFACTOR: Pave args (not validate) (#3045) (@tlimoncelli)
- d160b82: fmt helpers.js (#3048) (@tlimoncelli)
Deprecation warnings
Warning
- REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
- MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See #2878
- NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
- get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400
Install
macOS and Linux
Install with Homebrew (recommended)
brew install dnscontrol
Using with Docker
You can use the Docker image from Docker hub or GitHub Container Registry.
docker run --rm -it -v "$(pwd):/dns" ghcr.io/stackexchange/dnscontrol preview
Anywhere else
Alternatively, you can install the latest binary (or the apt/rpm/deb/archlinux package) from this page.
Or, if you have Go installed, you can install the latest version of DNSControl with the following command:
go install github.com/StackExchange/dnscontrol/v4@main
Update
Update to the latest version depends on how you choose to install dnscontrol
on your machine.
Update with Homebrew
brew upgrade dnscontrol
Alternatively, you can grab the latest binary (or the apt/rpm/deb package) from this page.