v2.3.3

• Fix a bug that prevented Broker nodes to recover from OpenSSL errors.

• Fix handling of buffer sizes that caused Broker to stall despite having sufficient capacity.

v2.3.2

• Remove the retry limit on peerings (Dominik Charousset, Corelight)

• Add missing error signaling (Dominik Charousset, Corelight)

v2.3.1

• Fix communication between Broker data stores.

v2.3.0

• Broker now requires at least CMake version 3.15.0.

• Internally, much of Broker's transport layer has been rearchitected for better
  maintainability and future functionality extensions. While this remains mostly
  invisible to users, the changes had to break backwards compability with older
  Broker versions.

• Broker now offers access to its publish/subscribe layer via WebSocket in order
  to make its data model accessible to third parties without requiring access to
  Broker itself.

  A Broker endpoint can be configured to act as a WebSocket server by either
  setting the environment variable BROKER_WEB_SOCKET_PORT; by setting
  broker.web-socket.port on the command line or in the configuration file;
  or programmatically by calling endpoint::web_socket_listen(). See
  docs/web-socket.rst for more information.

  While still experimental for now, the WebSocket support (incl. the data model)
  aims to remain stable over time and will become the recommended way for
  external applications to talk to Broker applications (and hence Zeek).

• The Python bindings now provide additional support for immutable (hashable)
  types. The SafeSubscriber class and the corresponding
  Endpoint.make_safe_subscriber() method ensure that immutable Python types
  get used, and that the returned values remain read-only. For sets the
  frozenset type achieves this; for mapping types it's
  types.MappingProxyType. The API now also supports the latter two types as
  inputs.

• All CAF dependencies have been removed from public headers, and we now build
  the bundled CAF version as a static, private utility. Consumers of Broker no
  longer need to locate CAF headers and we do not install any CAF content
  alongside Broker anymore, i.e., Broker becomes fully standalone.

  Where possible, Broker uses recent C++ additions like std::variant to
  replace CAF types. For types that have no equivalent, Broker deploys fully
  opaque handle types. For example, broker::worker internally wraps a
  caf::actor handle.

  All components in Broker that require access to CAF were grouped into the new
  namespace broker::internal. We omit all internal headers from an
  installation, since they would be worthless without the matching CAF headers
  anyways. This also gives us a clean separation between API artifacts users may
  interact with and API parts that are reserved for internal use.

v2.2.0

• The Python bindings now provide a SafeSubscriber variant of Subscriber as well
  as a new Endpoint.make_safe_subscriber() method. Both avoid potential problems
  when deserializing values that accommodate the Broker data model but not
  Python's. Specifically, Broker allows complex types inside others (e.g., a set
  of tables), but Python does not support unhashable types for indexing, which'd
  be required in this scenario. SafeSubscriber employs immutable (hashable)
  types when translating to Python objects and returns objects that are
  read-only.

  If you haven't encountered problems with the Subscriber class, you don't need
  to change existing code. Broker 3.0 will make this new behavior the default
  and deprecate the new APIs. In the meantime you can replace make_subscriber()
  with make_safe_subscriber() to be on the safe side.

v2.1.0

• Broker 2.1.0 now depends on CAF 0.18.5

• The RocksDB data store backend was removed as building with it was previously
  broken/unusable.

• Added the ability to output metrics to Prometheus. This can be enabled by
  setting the BROKER_METRICS_PORT environment variable. Currently the output
  includes a number of CAF-related metrics and per-process CPU and Memory
  metrics.

• Fix publisher deadlock when passing large batches.

v2.0.2

• Fix memory corruption crash due to initializing topics in Python bindings

v2.0.1

• Fix broker-pipe crash with static CAF builds

• Prevent use of LeakSanitizer on FreeBSD since it's not supported on that
  platform and will break compilation

v2.0.0

• Broker 2.0.0 now depends on CAF 0.18.0 with a wire format targeting
  compatibility with Zeek 4.0.x.

• CMake 3.5+ is now required to compiler Broker.

• Support for the optional Python Bindings now requires at least Python 3.5

• For proper resource management/cleanup, the Python API now requires
  using Endpoint, Subscriber, StatusSubscriber, and Store objects within a
  with statement or alternatively doing an explicit call to the
  reset() method of subscriber/store objects before the associated
  Endpoint's shutdown() method.

v1.4.0

• Adds a new broker::store_event API that can be used to observe
  data store modifications.

• Adds support for Windows platform.

• RocksDB support is now opt-in instead of automatically detected and used
  at configuration-time. Use the --enable-rocksdb and
  --with-rocksdb= flags to opt-in.

Note: Releases in the v1.4.x series are aligned for use in Zeek v3.2.x and do not support Zeek v3.0.x (Broker v1.2.x are meant to be used for that Zeek LTS release branch).