The OpenResty network platform based on NGINX and LuaJIT, version 1.31.1.1, has been officially released. The complete release notes are available online.

This release provides source code distributions, Win32/Win64 binary distributions, and packages for all common Linux distributions. You can download the packages from this link.

Special thanks to all our developers and contributors! Thanks to OpenResty Inc. for sponsoring much of the OpenResty core development work.

Key Changes

Highlights of this release include:

  • Nginx Core: Upgraded from nginx 1.29.2 to 1.31.1
  • OpenSSL: Upgraded from 3.5.5 to 3.5.6
  • lua-nginx-module (upgraded to v0.10.31)
    • Added precontent_by_lua directive
    • Added proxy_ssl_verify_by_lua* directives
    • Added APIs for retrieving the server random and master key
    • Added tcpsock:getsslsession and multiple SSL-related FFI functions
    • Added support for custom trusted CA stores during cosocket TLS handshakes
    • Added keepintvl and keepcnt options for TCP sockets
    • Allowed ngx.header['WWW-Authenticate'] to set multiple values using a table
    • Fixed multiple crash issues related to QUIC connection shutdown, worker process shutdown, and the SSL cache
  • stream-lua-nginx-module (upgraded to v0.0.19)
    • Added proxy_ssl_certificate_by_lua directive
    • Implemented the serversslhandshake method on downstream sockets
    • Added tcpsock:get_ssl_session and multiple SSL-related FFI APIs
    • Added reuseport support when binding local ports on UDP cosockets
    • Added support for custom trusted CA stores during cosocket TLS handshakes
  • lua-resty-core (upgraded to v0.1.34rc2)
    • Added tcpsock:settrustedstore() for setting a trusted CA store per handshake
    • Added sock:getsslpointer(), sock:getsslctx(), and ssl.get_upstream_ssl_pointer
    • Added tcpsock.getfd() and tcpsock:settrustedstore() for the stream subsystem
    • Added the precontent_by_lua directive and Lua APIs for retrieving the server random and master key
  • LuaJIT (upgraded to v2.1-20260415)
    • Added ffi.abi("dualnum")
    • Numerous fixes and optimizations across ARM64, s390x, FFI, and more
    • Fixed multiple edge cases related to DUALNUM, string operations, and JIT compilation
  • Other component upgrades
    • ngx_postgres upgraded to v1.1
    • xss-nginx-module upgraded to v0.07, with added dynamic module build support
    • lua-resty-mysql upgraded to v0.30, with added ed25519 support
    • echo-nginx-module upgraded to v0.64
    • lua-upstream-nginx-module upgraded to v0.08
    • lua-resty-upstream-healthcheck upgraded to v0.09
    • lua-resty-string upgraded to v0.17, with added AES-256-CTR binding
    • lua-cjson upgraded to v2.1.0.17, with options to allow comments on decode and indentation on encode
    • drizzle-nginx-module upgraded to v0.1.13

For the complete list of changes, the HTML changelog, and other related links, please see the complete release notes.

Website

OpenResty is a mature network platform that integrates the standard Nginx core, Lua/LuaJIT, numerous third-party Nginx modules and Lua libraries, and most of their external dependencies. This makes OpenResty a complete and powerful network solution. For more information, please visit the OpenResty homepage:

https://openresty.org/

Quality Assurance

We have conducted extensive testing on Amazon EC2 test clusters and ensured that all components, including the Nginx core, work well together. The latest test reports can be found here:

https://qa.openresty.org/

Commercial Version

We run OpenResty based on the latest open-source version in our own global CDN network (known as “Mini CDN”). This network supports our openresty.org and openresty.com websites and is also used for our commercial software. For more information, please visit https://openresty.com/.

Feedback

We welcome feedback on this release. You may create a new GitHub issue, send us an email, or join the discussion on our BBS.