8000 chore(deps): update dependency ipfs/kubo to v0.35.0 by uniget-bot · Pull Request #12448 · uniget-org/tools · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

chore(deps): update dependency ipfs/kubo to v0.35.0 #12448

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 22, 2025
Merged

chore(deps): update dependency ipfs/kubo to v0.35.0 #12448

merged 1 commit into from
May 22, 2025

Conversation

uniget-bot
Copy link

This PR contains the following updates:

Package Update Change
ipfs/kubo minor 0.34.1 -> 0.35.0

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

ipfs/kubo (ipfs/kubo)

v0.35.0

Compare Source

[!NOTE]
This release was brought to you by the Shipyard team.

Overview

This release brings significant UX and performance improvements to data onboarding, provisioning, and retrieval systems.

New configuration options let you customize the shape of UnixFS DAGs generated during the data import, control the scope of DAGs announced on the Amino DHT, select which delegated routing endpoints are queried, and choose whether to enable HTTP retrieval alongside Bitswap over Libp2p.

Continue reading for more details.

🗣 Discuss

If you have comments, questions, or feedback on this release, please post here.

If you experienced any bugs with the release, please post an issue.

🔦 Highlights

Opt-in HTTP Retrieval client

This release adds experimental support for retrieving blocks directly over HTTPS (HTTP/2), complementing the existing Bitswap over Libp2p.

The opt-in client enables Kubo to use delegated routing results with /tls/http multiaddrs, connecting to HTTPS servers that support Trustless HTTP Gateway's Block Responses (?format=raw, application/vnd.ipld.raw). Fetching blocks via HTTPS (HTTP/2) simplifies infrastructure and reduces costs for storage providers by leveraging HTTP caching and CDNs.

To enable this feature for testing and feedback, set:

$ ipfs config --json HTTPRetrieval.Enabled true

See HTTPRetrieval for more details.

Dedicated Reprovider.Strategy for MFS

The Mutable File System (MFS) in Kubo is a UnixFS filesystem managed with ipfs files commands. It supports familiar file operations like cp and mv within a folder-tree structure, automatically updating a MerkleDAG and a "root CID" that reflects the current MFS state. Files in MFS are protected from garbage collection, offering a simpler alternative to ipfs pin. This makes it a popular choice for tools like IPFS Desktop and the WebUI.

Previously, the pinned reprovider strategy required manual pin management: each dataset update meant pinning the new version and unpinning the old one. Now, new strategies—mfs and pinned+mfs—let users limit announcements to data explicitly placed in MFS. This simplifies updating datasets and announcing only the latest version to the Amino DHT.

Users relying on the pinned strategy can switch to pinned+mfs and use MFS alone to manage updates and announcements, eliminating the need for manual pinning and unpinning. We hope this makes it easier to publish just the data that matters to you.

See Reprovider.Strategy for more details.

Experimental support for MFS as a FUSE mount point

The MFS root (filesystem behind the ipfs files API) is now available as a read/write FUSE mount point at Mounts.MFS. This filesystem is mounted in the same way as Mounts.IPFS and Mounts.IPNS when running ipfs mount or ipfs daemon --mount.

Note that the operations supported by the MFS FUSE mountpoint are limited, since MFS doesn't store file attributes.

See Mounts and docs/fuse.md for more details.

Grid view in WebUI

The WebUI, accessible at http://127.0.0.1:5001/webui/, now includes support for the grid view on the Files screen:

image

Enhanced DAG-Shaping Controls

This release advances CIDv1 support by introducing fine-grained control over UnixFS DAG shaping during data ingestion with the ipfs add command.

Wider DAG trees (more links per node, higher fanout, larger thresholds) are beneficial for large files and directories with many files, reducing tree depth and lookup latency in high-latency networks, but they increase node size, straining memory and CPU on resource-constrained devices. Narrower trees (lower link count, lower fanout, smaller thresholds) are preferable for smaller directories, frequent updates, or low-power clients, minimizing overhead and ensuring compatibility, though they may increase traversal steps for very large datasets.

Kubo now allows users to act on these tradeoffs and customize the width of the DAG created by ipfs add command.

New DAG-Shaping ipfs add Options

Three new options allow you to override default settings for specific import operations:

  • --max-file-links: Sets the maximum number of child links for a single file chunk.
  • --max-directory-links: Defines the maximum number of child entries in a "basic" (single-chunk) directory.
    • Note: Directories exceeding this limit or the Import.UnixFSHAMTDirectorySizeThreshold are converted to HAMT-based (sharded across multiple blocks) structures.
  • --max-hamt-fanout: Specifies the maximum number of child nodes for HAMT internal structures.
Persistent DAG-Shaping Import.* Configuration

You can set default values for these options using the following configuration settings:

Updated DAG-Shaping Import Profiles

The release updated configuration profiles to incorporate these new Import.* settings:

  • Updated Profile: test-cid-v1 now includes current defaults as explicit Import.UnixFSFileMaxLinks=174, Import.UnixFSDirectoryMaxLinks=0, Import.UnixFSHAMTDirectoryMaxFanout=256 and Import.UnixFSHAMTDirectorySizeThreshold=256KiB
  • New Profile: test-cid-v1-wide adopts experimental directory DAG-shaping defaults, increasing the maximum file DAG width from 174 to 1024, HAMT fanout from 256 to 1024, and raising the HAMT directory sharding threshold from 256KiB to 1MiB, aligning with 1MiB file chunks.

[!TIP]
Apply one of CIDv1 test profiles with ipfs config profile apply test-cid-v1[-wide].

Datastore Metrics Now Opt-In

To reduce overhead in the default configuration, datastore metrics are no longer enabled by default when initializing a Kubo repository with ipfs init.
Metrics prefixed with <dsname>_datastore (e.g., flatfs_datastore_..., leveldb_datastore_...) are not exposed unless explicitly enabled. For a complete list of affected default metrics, refer to prometheus_metrics_added_by_measure_profile.

Convenience opt-in profiles can be enabled at initialization time with ipfs init --profile: flatfs-measure, pebbleds-measure, badgerds-measure

It is also possible to manually add the measure wrapper. See examples in Datastore.Spec documentation.

Improved performance of data onboarding

This Kubo release significantly improves both the speed of ingesting data via ipfs add and announcing newly produced CIDs to Amino DHT.

Fast ipfs add in online mode

Adding a large directory of data when ipfs daemon was running in online mode took a long time. A significant amount of this time was spent writing to and reading from the persisted provider queue. Due to this, many users had to shut down the daemon and perform data import in offline mode. This release fixes this known limitation, significantly improving the speed of ipfs add.

[!IMPORTANT]
Performing ipfs add of 10GiB file would take about 30 minutes.
Now it takes close to 30 seconds.

Kubo v0.34:

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-100M > /dev/null
 100.00 MiB / 100.00 MiB [=====================================================================] 100.00%
real	0m6.464s

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-1G > /dev/null
 1000.00 MiB / 1000.00 MiB [===================================================================] 100.00%
real	1m10.542s

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-10G > /dev/null
 10.00 GiB / 10.00 GiB [=======================================================================] 100.00%
real	24m5.744s

Kubo v0.35:

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-100M > /dev/null
 100.00 MiB / 100.00 MiB [=====================================================================] 100.00%
real	0m0.326s

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-1G > /dev/null
 1.00 GiB / 1.00 GiB [=========================================================================] 100.00%
real	0m2.819s

$ time kubo/cmd/ipfs/ipfs add -r /tmp/testfiles-10G > /dev/null
 10.00 GiB / 10.00 GiB [=======================================================================] 100.00%
real	0m28.405s
Optimized, dedicated queue for providing fresh CIDs

From kubo v0.33.0,
Bitswap stopped advertising newly added and received blocks to the DHT. Since
then boxo/provider is responsible for the first time provide and the recurring reprovide logic. Prior
to v0.35.0, provides and reprovides were handled together in batches, leading
to delays in initial advertisements (provides).

Provides and Reprovides now have separate queues, allowing for immediate
provide of new CIDs and optimised batching of reprovides.

New Provider configuration options

This change introduces a new configuration options:

  • Provider.Enabled is a global flag for disabling both Provider and Reprovider systems (announcing new/old CIDs to amino DHT).
  • Provider.WorkerCount for limiting the number of concurrent provide operations, allows for fine-tuning the trade-off between announcement speed and system load when announcing new CIDs.
  • Removed Experimental.StrategicProviding. Superseded by Provider.Enabled, Reprovider.Interval and Reprovider.Strategy.

[!TIP]
Users who need to provide large volumes of content immediately should consider setting Routing.AcceleratedDHTClient to true. If that is not enough, consider adjusting Provider.WorkerCount to a higher value.

Deprecated ipfs stats provider

Since the ipfs stats provider command was displaying statistics for both
provides and reprovides, this command isn't relevant anymore after separating
the two queues.

The successor command is ipfs stats reprovide, showing the same statistics,
but for reprovides only.

[!NOTE]
ipfs stats provider still works, but is marked as deprecated and will be removed in a future release. Be mindful that the command provides only statistics about reprovides (similar to ipfs stats reprovide) and not the new provide queue (this will be fixed as a part of wider refactor planned for a future release).

New Bitswap configuration options

New Routing configuration options

  • Routing.IgnoreProviders allows ignoring specific peer IDs when returned by the content routing system as providers of content.
    • Simplifies testing HTTPRetrieval.Enabled in setups where Bitswap over Libp2p and HTTP retrieval is served under different PeerIDs.
  • Routing.DelegatedRouters allows customizing HTTP routers used by Kubo when Routing.Type is set to auto or autoclient.
    • Users are now able to adjust the default routing system and directly query custom routers for increased resiliency or when dataset is too big and CIDs are not announced on Amino DHT.

[!TIP]

For example, to use Pinata's routing endpoint in addition to IPNI at cid.contact:

$ ipfs config --json Routing.DelegatedRouters '["https://cid.contact","https://indexer.pinata.cloud"]'

New Pebble database format config

This Kubo release provides node operators with more control over Pebble's FormatMajorVersion. This allows testing a new Kubo release without automatically migrating Pebble datastores, keeping the ability to switch back to older Kubo.

When IPFS is initialized to use the pebbleds datastore (opt-in via ipfs init --profile=pebbleds), the latest pebble database format is configured in the pebble datastore config as "formatMajorVersion". Setting this in the datastore config prevents automatically upgrading to the latest available version when Kubo is upgraded. If a later version becomes available, the Kubo daemon prints a startup message to indicate this. The user can them update the config to use the latest format when they are certain a downgrade will not be necessary.

Without the "formatMajorVersion" in the pebble datastore config, the database format is automatically upgraded to the latest version. If this happens, then it is possible a downgrade back to the previous version of Kubo will not work if new format is not compatible with the pebble datastore in the previous version of Kubo.

When installing a new version of Kubo when "formatMajorVersion" is configured, automatic repository migration (ipfs daemon with --migrate=true) does not upgrade this to the latest available version. This is done because a user may have reasons not to upgrade the pebble database format, and may want to be able to downgrade Kubo if something else is not working in the new version. If the configured pebble database format in the old Kubo is not supported in the new Kubo, then the configured version must be updated and the old Kubo run, before installing the new Kubo.

See other caveats and configuration options at kubo/docs/datastores.md#pebbleds

New environment variables

The environment-variables.md was extended with two new features:

Improved Log Output Setting

When stderr and/or stdout options are configured or specified by the GOLOG_OUTPUT environ variable, log only to the output(s) specified. For example:

  • GOLOG_OUTPUT="stderr" logs only to stderr
  • GOLOG_OUTPUT="stdout" logs only to stdout
  • GOLOG_OUTPUT="stderr+stdout" logs to both stderr and stdout
New Repo Lock Optional Wait

The environment variable IPFS_WAIT_REPO_LOCK specifies the amount of time to wait for the repo lock. Set the value of this variable to a string that can be parsed as a golang time.Duration. For example:

IPFS_WAIT_REPO_LOCK="15s"

If the lock cannot be acquired because someone else has the lock, and IPFS_WAIT_REPO_LOCK is set to a valid value, then acquiring the lock is retried every second until the lock is acquired or the specified wait time has elapsed.

📦️ Important dependency updates

📝 Changelog

Full Changelog
👨‍👩‍👧‍👦 Contributors
Contributor Commits Lines ± Files Changed
Hector Sanjuan 16 +2662/-590 71
Guillaume Michel 27 +1339/-714 69
Andrew Gillis 22 +1056/-377 54
Sergey Gorbunov 1 +962/-42 26
Marcin Rataj 19 +714/-133 47
IGP 2 +419/-35 11
GITSRC 1 +90/-1 3
guillaumemichel 1 +21/-43 1
blockchainluffy 1 +27/-26 8
web3-bot 9 +21/-22 13
VersaliX 1 +31/-2 4
gammazero 5 +18/-5 5
Hlib Kanunnikov 1 +14/-4 1
diogo464 1 +6/-7 1
Asutorufa 2 +7/-1 2
Russell Dempsey 1 +6/-1 1
Steven Allen 1 +1/-5 1
Michael Vorburger 2 +3/-3 2
Aayush Rajasekaran 1 +2/-2 1
sukun 1 +1/-1 1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

nicholasdille-bot
nicholasdille-bot approved these changes May 22, 2025
View reviewed changes
Copy link
@nicholasdille-bot nicholasdille-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto-approved because label type/renovate is present.

@github-actions GitHub Actions
Copy link

🔍 Vulnerabilities of ghcr.io/uniget-org/tools/kubo:0.35.0

📦 Image Reference ghcr.io/uniget-org/tools/kubo:0.35.0
digestsha256:0166cf5eb46c5a0d2818aa8e979c637246dd6841a70b2db2f9a8346758b76133
vulnerabilitiescritical: 0 high: 1 medium: 1 low: 0
platformlinux/amd64
size52 MB
packages255
critical: 0 high: 1 medium: 0 low: 0 golang.org/x/oauth2 0.25.0 (golang)

pkg:golang/golang.org/x/oauth2@0.25.0

high : CVE--2025--22868

Affected range<0.27.0
Fixed version0.27.0
Description

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

critical: 0 high: 0 medium: 1 low: 0 github.com/libp2p/go-libp2p-kad-dht 0.33.1 (golang)

pkg:golang/github.com/libp2p/go-libp2p-kad-dht@0.33.1

medium : CVE--2023--26248

Affected range>=0
Fixed versionNot Fixed
Description

Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse in github.com/libp2p/go-libp2p-kad-dht

@github-actions GitHub Actions
Copy link

Attempting automerge. See https://github.com/uniget-org/tools/actions/runs/15176659109.

@github-actions GitHub Actions
Copy link

PR is clean and can be merged. See https://github.com/uniget-org/tools/actions/runs/15176659109.

@github-actions github-actions bot merged commit 38ca951 into main May 22, 2025
11 checks passed
@github-actions github-actions bot deleted the renovate/ipfs-kubo-0.x branch May 22, 2025 02:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicholasdille-bot nicholasdille-bot nicholasdille-bot approved these changes

Assignees
No one assigned
Labels
bump/minor type/renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@uniget-bot @nicholasdille-bot @renovate-bot
0