The release of the Redis 7.0 DBMS, which belongs to the class of NoSQL systems, has been published. Redis provides functions for storing data in key/value format, extended with support for structured data formats such as lists, hashes, and sets, as well as the ability to execute server-side script handlers in the Lua language. The project code is supplied under a BSD license. Add-on modules that offer advanced features for corporate users, such as RediSearch, RedisGraph, RedisJSON, RedisML, RedisBloom, have been shipped under a proprietary RSAL license since 2019. The development of open versions of these modules under the AGPLv3 license tried to continue the GoodFORM project, which has been stagnating lately.
Unlike in-memory storage systems such as Memcached, Redis provides persistent storage of data on disk and guarantees the safety of the database in the event of an abnormal shutdown. The source texts of the project are distributed under the BSD license. Client libraries are available for most popular languages, including Perl, Python, PHP, Java, Ruby, and Tcl. Redis supports transactions that allow you to execute a group of commands in one step, guaranteeing consistency and consistency (commands from other requests cannot wedge) the execution of a given set of commands, and in case of problems, allowing you to roll back changes. All data is fully cached in RAM.
Commands such as increment/decrement, standard operations on lists and sets (union, intersection), key renaming, multiple selections, and sorting functions are provided for data manipulation. Two storage modes are supported: periodic synchronization of data to disk and logging of changes to disk. In the second case, the complete safety of all changes is guaranteed. It is possible to organize master-slave data replication to several servers, carried out in a non-blocking mode. A publish/subscribe messaging mode is also available, in which a channel is created from which messages are distributed to subscribed clients.
Key changes in Redis 7.0:
- Added support for server-side functions. Unlike previously supported Lua scripts, the functions are not tied to the application and are aimed at implementing additional logic that extends the capabilities of the server. Functions are processed inextricably with the data and in relation to the database, and not to the application, including being replicated and stored in persistent storage.
- A second edition of the ACL is proposed, which allows you to control access to data based on keys and allows you to define different sets of access rules for commands with the ability to bind several selectors (sets of permissions) to each user. Each key can be identified with certain permissions, for example, you can restrict access to only read or write to a certain subset of keys.
- A sharded implementation of the Publish-Subscribe message distribution paradigm is provided, running in a cluster, in which a message is sent to a specific node to which the message channel is bound, after which this message is redirected to the remaining nodes included in the shard. Clients can receive messages by subscribing to a channel, both by connecting to the primary node and to the secondary nodes of the section. Control is performed using the SSUBSCRIBE, SUNSUBSCRIBE and SPUBLISH commands.
- Added support for processing subcommands in most contexts.
- Added new commands:
- ZMPOP, BZMPOP.
- LMPOP, BLMPOP.
- SINTERCARD, ZINTERCARD.
- SPUBLISH, SSUBSCRIBE, SUNSUBSCRIBE, PUBSUB SHARDCHANNELS/SHARDNUMSUB.
- EXPIRETIME, PEXPIRETIME.
- EVAL_RO, EVALSHA_RO, SORT_RO.
- FUNCTION *, FCALL, FCALL_RO.
- COMMAND DOCS, COMMAND LIST.
- LATENCY HISTOGRAM.
- CLUSTER SHARDS, CLUSTER LINKS, CLUSTER DELSLOTSRANGE, CLUSTER ADDSLOTSRANGE.
- CLIENT NO-EVICT.
- ACL DRYRUN.
- Provided the ability to process multiple configurations at once in a single CONFIG SET/GET call.
- Added "--json", "-2", "--scan", "--functions-rdb" options to redis-cli utility.
- By default, client access to settings and commands that affect security is disabled (for example, the DEBUG and MODULE commands are disabled, changing configurations with the PROTECTED_CONFIG flag is prohibited). Redis-cli stopped outputting commands containing sensitive data to the history file.
- Made a large portion of optimizations aimed at improving performance and reducing memory consumption. For example, memory consumption has been significantly reduced when cluster mode is enabled, when performing copy-on-write operations, and when working with hashes and zset keys. Improved logic for flushing data to disk (fsync call). Reduced the number of network packets and system calls when sending responses to the client. Improved replication efficiency.
- The vulnerability CVE-2022-24735 in the environment for executing Lua scripts has been fixed, allowing substitution of one's own Lua code and causing it to be executed in the context of another user, including those with higher privileges.
- Addressed vulnerability CVE-2022-24736 that could allow redis-server process to crash due to null pointer dereference. The attack is carried out by loading specially designed Lua scripts.
Source: opennet.ru