-
#16524 Enhanced base64 encoding and decoding functions in rule engine SQL with support for padding and URL-safe options.
The base64_encode and base64_decode functions now support optional parameters to control encoding behavior:
no_padding: Encode or decode without padding characters (=). Useful when you need to remove padding from encoded strings or decode strings that don't have padding.urlsafe: Use URL-safe base64 encoding/decoding. Replaces + with - and / with _, making the encoded string safe to use in URLs without encoding.
You can use these options individually or combine them. When combining options, the order doesn't matter.
Examples in rule SQL:
Encode without padding:
SELECT base64_encode(payload, 'no_padding') as encoded FROM "t/#"
Encode with URL-safe characters:
SELECT base64_encode(payload, 'urlsafe') as encoded FROM "t/#"
Encode with both options (no padding and URL-safe):
SELECT base64_encode(payload, 'no_padding', 'urlsafe') as encoded FROM "t/#"
Decode URL-safe base64:
SELECT base64_decode(payload, 'urlsafe') as decoded FROM "t/#"
Decode unpadded URL-safe base64:
SELECT base64_decode(payload, 'urlsafe', 'no_padding') as decoded FROM "t/#"
-
#16533 Added two new Variform expression helper functions json_value and jwt_value to extract values from JSON data and JWT tokens using dot-separated key paths.
The json_value function extracts values from JSON binary strings using a dot-separated path to navigate nested structures.
The jwt_value function decodes JWT token payloads and extracts claim values using the same path syntax.
For example, if username is a JSON object, you can access field with json_value(username, 'shop.floor');
if password is JWT with a customized claim, you can access the nested value with jwt_value(password, 'client_attrs.unitid').
-
#16539 Added support for keeping track of metric aliases when utilizing the spb_decode Rule Engine function.
Now, after a device or edge of network (EoN) node publishes its DBIRTH/NBIRTH messages, alias mappings in said message will be stored and used when the client later uses spb_decode on a message matching the DDATA/NDATA topic patterns. The original names of the metrics will be added to the output of spb_decode.
Note: when executing fallback actions, the mapping is not available in the environment they run in. This means that, if a fallback action republishes the undecoded DDATA/NDATA payload to a Sparkplug B DDATA/NDATA topic, the metric name fields will not be populated by the alias mapping.
-
#16581 Added a new Rule SQL function: spb_zip_kvs.
Given an already decoded, valid Sparkplug B message, it'll go through the metrics and "zip" each property name and its value together.
-
properties (and any nested PropertySet values) have their keys and values fields
removed and the values of the two former fields zipped together and merged with the
original map. Values that have the PropertySet or PropertySetList types are
recursively transformed like this.
-
Values of PropertySetList type have their propertyset field removed and replaced by
an array of PropertySets, transformed following the above item's description.
-
If present, dataset_value field is transformed in a similar fashion: its columns and
rows fields are removed and their values zipped together in an object merged with the
original object. types and num_of_columns fields are removed from output.
-
Other values/fields are untouched.
For example, given this input decoded Sparkplug B message:
{
"metrics": [
{
"properties": {
"values": [
{"int_value": 99},
{
"propertyset_value": {
"values": [{"int_value": 999}],
"keys": ["inner"]
}
},
{
"propertysets_value": {
"propertyset": [
{
"values": [{"int_value": 1}],
"keys": ["inner1"]
},
{
"values": [{"int_value": 2}],
"keys": ["inner2"]
}
]
}
}
],
"keys": [
"leaf",
"nested_prop",
"nested_prop_list"
]
}
},
{
"dataset_value": {
"num_of_columns": 2,
"types": [7, 12],
"rows": [
{
"elements": [
{"int_value": 3},
{"string_value": "3"}
]
},
{
"elements": [
{"int_value": 4},
{"string_value": "4"}
]
}
],
"columns": ["col1", "col2"]
}
}
]
}
Then, the output of spb_zip_kvs will be:
{
"metrics": [
{
"properties": {
"nested_prop_list": {
"propertysets_value": [
{"inner1": {"int_value": 1}},
{"inner2": {"int_value": 2}}
]
},
"nested_prop": {
"propertyset_value": {"inner": {"int_value": 999}}
},
"leaf": {"int_value": 99}
}
},
{
"dataset_value": {
"col2": {"elements": [{"int_value": 4}, {"string_value": "4"}]},
"col1": {"elements": [{"int_value": 3}, {"string_value": "3"}]}
}
}
]
}
-
#16480 Fixed an issue where WebSocket connections could crash after the peer closed the connection, typically observed under moderate load.
crasher: initial call: cowboy_tls:connection_process/4,
error: {{case_clause,{error,closed}},[
{cowboy_websocket_linger,websocket_send_close,2,[{file,"cowboy_websocket_linger.erl"},{line,752}]},
{cowboy_websocket_linger,websocket_close,3,[{file,"cowboy_websocket_linger.erl"},{line,743}]},
{proc_lib,wake_up,3,[{file,"proc_lib.erl"},{line,340}]}
]}
messages: [
{ssl,{sslsocket,{gen_tcp,#Port<...>,...},[...]},<<130,130,27,93,145,101,251,93>>},
{ssl_closed,{sslsocket,{gen_tcp,#Port<...>,...},[...]}}
], ...
-
#16515 Fixed a bug that caused WebSocket connections to crash when receiving broker messages larger than the client's advertised Maximum-Packet-Size.
-
#16553 Fixed an issue where not all retained messages would be delivered if a subscriber hit the retained message dispatch rate limit.
If the dispatch rate limit is reached while iterating over retained topics, then the client process will retry the iteration at a later time with exponential back-off (minimum 300 ms, maximum 10 s).
The retainer.flow_control.batch_deliver_number configuration has been deprecated.
The retainer.flow_control.batch_read_number no longer supports being set to 0 to mean read all remaining retained messages at once. If set to 0, it'll default to 1000 messages.
-
#16569 Fixed a rare race condition that could cause the supporting emqx_flapping process for flapping detection to crash under high system load.
-
#16651 Fixed a rare connection process crash during shutdown caused by operating on an already closed socket, typically under high system stress.
Prior to this fix, such race condition typically result in an error level log saying {badmatch,{ok,{sock_error,closed}....
-
#16675 Fixed timestamp ordering issue where disconnected_at could be later than connected_at during session takeover or discard scenarios.
Previously, disconnected_at was recorded too late (in ensure_disconnected), after the new session's connected_at was already set. This caused a race condition where disconnected_at > connected_at, making it difficult to track client presence state externally.
The fix records disconnected_at immediately when takeover begins or when discard is received, ensuring it's always earlier than the new session's connected_at. This ensures correct timestamp ordering for external presence state tracking systems.
-
#16715 Fixed an issue where retained $SYS messages (for example, broker/node identity topics) were stored without expiry, which could leave stale node identifiers visible in Dashboard views after StatefulSet rotation.
Now, newly published retained $SYS messages include Message-Expiry-Interval = 3600 (1 hour).
For already existing stale retained $SYS entries created before this change, you can manually clear them by publishing an empty retained message to the stale topic:
emqx eval 'emqx:publish(emqx_message:set_flag(retain, true, emqx_message:make(emqx_sys, <<"$SYS/brokers/[email protected]/sysdescr">>, <<>>))).'
Replace the topic in the command with the stale $SYS/... topic you want to remove.
-
#16731 Fixed a crash in emqx ctl subscriptions list that could happen when shared subscriptions were present.
Before this fix, listing subscriptions could fail for some clients and return no output.
After this fix, emqx ctl subscriptions list works reliably with both regular and shared subscriptions.
-
#16782 Fixed MQTT v5 protocol handling for invalid PUBLISH properties.
If a client sends a PUBLISH packet containing Subscription-Identifier, EMQX now treats it as a protocol error and disconnects the client.
-
#16507 Previously, when an MQTT Source's Connector recovered after losing its connection, topics would not be re-subscribed and the Source would stop working until the Connector itself was restarted. Now, the Source will re-subscribe upon reconnect.
-
#16542 Fixed an issue where Kafka producer connections could disconnect prematurely when Kafka was overloaded, causing excessive produce request retries.
The request timeout is now automatically set to at least twice the metadata request timeout (with a minimum of 30 seconds),
reducing unnecessary reconnections and retries when metadata requests take longer than expected.
This is especially beneficial when metadata request timeout is configured to a small value.
-
#16622 Fixed an issue where, if an Action used async query mode and its Connector was disconnect after more than one health check, its Fallback Actions could be triggered twice.
-
#16657 Fixed an issue where, when importing configuration from an older node version into a newer one, values would not be upgraded according to newer code, leading to strange behavior.
One such example is importing a MQTT Connector with static clientids from 5.10.0 into 6.0.0. In 5.10.0, usernames and passwords could not be associated with particular static clientids, and this was represented internally in a certain way. Later versions added the capability of creating those associations, with a different internal representation. This subtle internal representation conversion was missing when importing such configurations in previous EMQX versions.
-
#16659 When using an older MQTT Connector configuration with static clientids (from 5.10.0 and earlier) on later EMQX versions, the username and password at the root of the configuration was ignored. This could cause trouble when upgrading and keeping the same configuration, as the MQTT clients would stop using the credentials.
Now, if there are username and/or password fields in the root Connector, those credentials are merged with any specific ones specified per clientid, the latter taking precedence.
-
#16723 Fixed an issue with RabbitMQ Connector/Action/Source where, if some connection or channel processes died unexpectedly, the Connector/Action/Source would be reported as disconnected and never recover by itself without restarting it.
-
#16742
Fixes the issue of GreptimeDB TLS connection failure.
-
#16537 Fixed formatter crash when logging gen_rpc errors.
Prior to this fix, EMQX may report "FORMATTER CRASH" errors when gen_rpc logged certain error messages (e.g., transmission timeout errors).
The formatter now handles these error messages correctly without crashing.
-
#16661 Improve topic_metrics and cluster_rpc logging when invalid topic is requested.
-
#16674 Ensure Erlang pid is printed as a log data field.
-
#16699 Previously, under certain race conditions, long and cryptic logs like the following could be printed:
2026-02-03T13:53:54.576326+00:00 [error] Generic server <0.11323236.0> terminating. Reason: {{badkey,'actions.success'},[{erlang,map_get,['actions.success',#{}],[{error_info,#{module => erl_erts_errors}}]},{emqx_metrics_worker,idx_metric,4,[{file,"emqx_metrics_worker.erl"},{line,683}]},{emqx_metrics_worker,inc,4,[{file,"emqx_metrics_worker.erl"},{line,322}]},{emqx_rule_runtime,do_eval_action_reply_t...
Now, we print more meaningful information to help debug the issue.
