- Add docker/Dockerfile with non-root user and configurable environment
- Add GitHub Actions workflow to build multi-platform images (amd64/arm64)
- Publish to ghcr.io/benoitc/gunicorn on version tags
- Update documentation with official image usage examples
- Bump version to 24.1.0
- Add PROXY protocol v2 documentation to deploy guide
- Add 24.1.0 changelog with new features and bug fixes
- Update all docs.gunicorn.org URLs to gunicorn.org
Extend --proxy-protocol to accept version values (off, v1, v2, auto) instead
of being boolean-only. This allows explicit control over which PROXY protocol
versions are accepted.
Changes:
- Add InvalidProxyHeader exception for v2 binary header errors
- Add validate_proxy_protocol() validator with backwards compatibility
- Update ProxyProtocol setting with nargs="?" and const="auto"
- Add PROXY v2 constants (PP_V2_SIGNATURE, PPCommand, PPFamily, PPProtocol)
- Add _parse_proxy_protocol_v1() and _parse_proxy_protocol_v2() methods
- Update both sync (message.py) and async (asgi/message.py) parsers
- Add hex escape handling in treq.py for v2 binary test data
- Add test cases for v2 TCPv4 and TCPv6
Backwards compatible: --proxy-protocol alone (or True) maps to "auto".
Closes#2912
On keepalive connections, finish_request() sets the socket to non-blocking
for selector registration. When the connection is reused, handle() calls
conn.init() which returns early (already initialized) without restoring
blocking mode. This caused SSLWantReadError when WSGI apps read the
request body on SSL connections.
Fix by explicitly setting blocking mode at the start of handle().
Fixes#3448
Add --enable-backlog-metric option to emit a gunicorn.backlog histogram
metric showing connections waiting in the socket backlog. This helps
identify worker saturation and concurrency issues.
Also distinguishes between timer (|ms) and histogram (|h) statsd metric
types per the statsd spec.
Note: Only works on Linux using TCP_INFO from getsockopt.
Closes#2407
Partially fixes#2057
Use Python's ipaddress module to support IP networks in allow lists.
Individual IP addresses are converted to /32 (IPv4) or /128 (IPv6)
networks. CIDR notation (e.g., 192.168.0.0/16) is now supported.
Fixes#1485Closes#2390
Refactor reloader to share code via ReloaderBase class. InotifyReloader
now calls refresh_dirs() on each event loop timeout (~1 sec) to watch
directories for dynamically loaded modules (e.g., Django dynamic imports).
Fixes#1790Closes#1791
SIGTERM is expected during graceful shutdown and reload operations.
Logging it as warning level causes unnecessary noise in error logs.
SIGKILL remains at error level (suggests OOM), other signals at warning.
Closes#3094
When a worker fails to boot, the exception is now printed to stderr
(in addition to being logged), consistent with AppImportError handling.
This makes boot failures more visible to users.
Closes#2933
The unread method was incorrectly appending data to the end of the
buffer instead of prepending it to the beginning. This caused issues
when reading partial data and then unreading it.
Closes#2915Closes#2346
On Python 3.8+ with macOS, the multiprocessing module uses 'spawn' by
default which pickles objects. When pickle.load tries to read
__setstate__ before __dict__ is restored, it hits __getattr__ causing
infinite recursion. Adding a special case for 'settings' prevents this.
Closes#2401
Use 'raise X from e' syntax instead of just 'raise X' when wrapping
exceptions. This provides more accurate exception chaining messages
("The above exception was the direct cause of" vs "During handling of").
Closes#2360
The description incorrectly stated the callable accepts two parameters
(Worker and Request), but the signature shows four parameters including
environ and resp.
Closes#2592
The syslog_addr setting has different defaults depending on the
platform (macOS, FreeBSD, OpenBSD, Linux). Added default_doc to
show all platform-specific defaults in the documentation, ensuring
consistent output regardless of which platform generates the docs.
Also kept the diagnostic git diff in CI for future debugging.
The finish_body() function can raise ssl.SSLWantReadError when
discarding unread request body data on SSL connections. This causes
TLS requests to fail intermittently with "Invalid request" errors.
Handle SSLWantReadError by treating it as "no more data to read".
This is safe because finish_body() only discards leftover data before
keepalive - if SSL says "need to wait for more data", there's nothing
left to discard.
Fixes#3448
Redirect issue creation to GitHub Discussions for proper triage:
- Disable blank issues, redirect to discussion categories
- Add structured discussion templates for bugs, features, questions
- Add preapproved issue template for maintainer use only
- Update CONTRIBUTING.md to reflect new workflow
- Change settings headers to h2 sections / h3 settings for TOC visibility
- Enable toc.integrate to show TOC in left sidebar
- Add JavaScript for collapsible section toggles on settings page
- Add custom home.html template to break out of MkDocs constraints
- Create Caddy-inspired minimal CSS for landing page
- Redesign hero section with terminal demo
- Add framework tags and worker type cards
- Full-width sections with vertical narrative flow
- Dark mode support
Upgrade minimum eventlet version to 0.40.3 to address security
vulnerabilities:
- CVE-2021-21419 (Moderate 6.9): Websocket memory exhaustion via
large/compressed frames (fixed in 0.31.0)
- CVE-2025-58068 (Moderate 6.3): HTTP Request Smuggling via improper
trailer handling (fixed in 0.40.3)
Also restructure module to call monkey_patch() at import time for
better patching coverage, while keeping hubs.use_hub() in the worker's
patch() method since it creates OS resources that don't survive fork.
Add comprehensive tests for the eventlet worker.
Address CVE-2023-41419 (Critical - remote privilege escalation via
WSGIServer) by requiring gevent 23.9.0 or higher.
Changes:
- Update minimum gevent version from 1.4.0 to 23.9.0
- Remove legacy server.kill() code path (gevent < 1.0)
- Update documentation to reflect new version requirement
- Add comprehensive tests for gevent worker
Update minimum Tornado version to 6.5.0 to address:
- CVE-2024-52804 (Medium): HTTP Cookie Parsing DoS
- CVE-2025-47287 (High 7.5): Multipart/Form-Data Parser DoS
This simplifies the tornado worker by removing legacy code paths
for Tornado < 5.0 and < 6.0, reducing the codebase by ~30%.
Changes:
- pyproject.toml: Update tornado requirement to >=6.5.0
- gtornado.py: Remove TORNADO5 constant and legacy code paths
- tornadoapp.py: Update example to use async/await syntax
- test_gtornado.py: Add comprehensive test suite