Bump github.com/nats-io/nats-server/v2 from 2.10.22 to 2.10.23

[dependabot]

Bumps github.com/nats-io/nats-server/v2 from 2.10.22 to 2.10.23.

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.10.23

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version

• 1.23.4 (#6228)

Dependencies

• golang.org/x/crypto v0.30.0 (#6230)
• golang.org/x/sys v0.27.0 (#6229)
• golang.org/x/time v0.8.0 (#6105)
• github.com/nats-io/nkeys v0.4.8 (#6192)

Added

JetStream

• Support for responding to forwarded proposals (for future use, #6157)

Windows

• New ca_certs_match option has been added in the tls block for searching the certificate store for only certificates matching the specified CAs (#5115)
• New cert_match_skip_invalid option has been added in the tls block for ignoring certificates that have expired or are not valid yet (#6042)
• The cert_match_by option can now be set to thumbprint, allowing an SHA1 thumbprint to be specified in cert_match (#6042, #6047)

Improved

JetStream

• Reduced the number of allocations in consumers from get-next requests and when returning some error codes (#6039)
• Metalayer recovery at startup will now more reliably group assets for creation/update/deletion and handle pending consumers more reliably, reducing the chance of ghost consumers and misconfigured streams happening after restarts (#6066, #6069, #6088, #6092)
• Creation of filtered consumers is now considerably faster with the addition of a new multi-subject num-pending calculation (#6089, #6112)
• Consumer backoff should now be correctly respected with multiple in-flight deliveries to clients (#6104)
• Add node10 node size to stree, providing better memory utilisation for some subject spaces, particularly those that are primarily numeric or with numeric tokens (#6106)
• Some JetStream log lines have been made more consistent (#6065)
• File-backed Raft groups will now use the same sync intervals as the filestore, including when sync always is in use (#6041)
• Metalayer snapshots will now always be attempted on shutdown (#6067)
• Consumers will now detect if an ack is received past the stream last sequence and will no longer register pre-acks from a snapshot if this happens, reducing memory usage (#6109)
• Reduced copies and number of allocations when generating headers for republished messages (#6127)
• Adjusted the spread of filestore sync timers (#6128)
• Reduced the number of allocations in Raft group send queues, improving performance (#6132)
• Improvements to Raft append entry handling and log consistency (#5661, #5689, #5714, #5957, #6027, #6073)
• Improvements to Raft stepdown behaviour (#5666, #5344, #5717)
• Improvements to Raft elections and vote handling (#5671, #6056)
• Improvements to Raft term handling (#5684, #5792, #5975, #5848, #6060)
• Improvements to Raft catchups (#5987, #6038, #6072)
• Improvements to Raft snapshot handling (#6053, #6055)
• Reduced the overall metalayer snapshot frequency by increasing the minimum interval and no longer pre-empting consumer deletes (#6165)
• Consumer info requests for non-existent consumers will no longer be relayed, reducing overall load on the metaleader (#6176)
• The metaleader will now log if it takes a long time to perform a metalayer snapshot (#6178)
• Unnecessary client and subject information will no longer be included in the meta snapshots, reducing the size and encoding time (#6185)

... (truncated)

Commits

• 145e44d [nats] Release v2.10.23
• c21273a Bump to 2.10.23-RC.12
• 4aae81c Cherry-picks for 2.10.23-RC.12 (#6234)
• 5a986d1 Fix datarace in filestore calling tombs().
• 192f48b Bump golang.org/x/crypto from 0.29.0 to 0.30.0
• 4d566d1 Bump golang.org/x/sys from 0.27.0 to 0.28.0
• b07ff95 Bump to 2.10.23-RC.11
• 27bfab7 Update to Go 1.23.4, 1.22.10
• a6872a4 Cherry-picks for 2.10.23-RC.11 (#6222)
• 716b139 Add jitter for flushing stream state
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)