v2.181.0

This release fixes a bug in the proxy's outbound load balancer that
could cause panics, especially when the balancer processes many service
discovery updates in a short period of time.

v2.180.0

This release includes only minor internal changes and dependency
updates.

v2.179.0

This release fixes a problem with HTTP/1.1 `CONNECT` requests. When a
server responds to a `CONNECT` request with `content-length` or
`transfer-encoding` headers (in violation of RFC 7231), the proxy must
actively strip these headers to avoid making the Hyper server fail the
response.

v2.178.0

This release fixes an issue with the way proxies discover control plane
components via DNS. When `SRV` records cannot be resolved, the proxy
would no not necessarily fall back to resolving `A` records. This has
been fixed.

The inbound proxy can now discover policies dynamically. Ports that are
configured in the `LINKERD2_PROXY_INBOUND_PORTS` are discovered as the
proxy starts up; but now the proxy will discover policies for ports that
are not in this list. The pod's default policy is used initially, but
once a policy is received from the control plane it is used.

v2.177.0

This release updates "ingress-mode" proxies to be able to forward
non-HTTP traffic within the cluster. Protocol detection is always
attempted for outbound connections, however, when in ingress mode.

This release also adds a new `process_uptime_seconds_total` metric.

v2.176.0

This release fixes an issue where proxies would not honor the cluster's
opaqueness settings for non-pod/service addresses. This could cause
protocol detection to be peformed, for instance, when using off-cluster
databases.

This release also disables the use of regexes in Linkerd log filters
(i.e., as set by `LINKERD2_PROXY_LOG`). Malformed log directices could,
in theory, cause a proxy to stop responding.

v2.161.3

This release fixes opaqueness settings when communicating with
non-pod/service addresses.

v2.161.2

This release cherry-picks commits from the main branch into the
release/v2.161 branch, including fixes for multicluster gateways. This
change does NOT include changes to the proxy's TLS infrastructure, as
these changes are not backwards-compatible.

v2.175.0

This release alters the policy-related labels that the proxy sets on inbound traffic:

* The `srv_kind` label is set with a value of "default" or "server",
  depending on whether the `srv_name` label correponds to a default
  policy or a `Server` resource. `srv_name` no longer includes a
  "default:" prefix for default policies.
* The `saz_name` label is removed, replaced by `authz_kind` and
  `authz_name` labels. Similarly, the `authz_kind` label is either
  `default` or `serverauthorization`, and the `authz_name` label never
  includes a "default:" prefix.

v2.174.0

This release fixes an issue that could prevent proxies from sending HTTP
Upgrade requests (e.g., for websockets) through multi-cluster gateways.

Many dependencies have been updated, notably including a new version of
`h2` that improves debug logging, avoids panics in time-related
operations, and fixes an issue with parsing certain types of headers.