#Mac#Release
Version 5.7.3-2785
- Now you can see the number of times a rule has been used in the rule list.
- Optimized the implementation method of blocking QUIC traffic to increase the likelihood of clients correctly falling back.
- The Smart group will use the SUBSTITUTE policy (DIRECT) instead of failing directly when there are no sub-policies.
- Fixed an issue where the server-cert-fingerprint-sha256 parameter was not effective for TLS-like protocols with sni=off settings.
- Added a new rule type HOSTNAME-TYPE, used to determine the type of request hostname. Optional values are: IPv4, IPv6, DOMAIN, SIMPLE. (SIMPLE refers to hostnames without a dot, such as localhost)
- Optimized DNS request logs. Now more information is displayed. Additionally, if DIRECT policy connects directly without triggering DNS in the rule system, related DNS logs can still be shown.
- When deleting a policy that is being used by a policy group, it is now allowed to delete it directly and automatically remove it from all policy groups.
- Bug fixes and other Improvements.
Official Channel: @SurgeTestFlightFeed
#Mac#Release
Version 5.7.2-2762
- Optimize the matching performance of ASN rules in the rule set.
- Fix the issue where FINAL rules cannot be edited through UI.
- Fix the problem that invalid cron expressions would cause scripts to be executed repeatedly.
- Optimized the management mechanism of the script engine.
- Other detail issues fixed.
Official Channel: @SurgeTestFlightFeed
#Mac#Release
Version 5.7.2-2761
- Optimize the matching performance of ASN rules in the rule set.
- Fix the issue where FINAL rules cannot be edited through UI.
- Fix the problem that invalid cron expressions would cause scripts to be executed repeatedly.
- Optimized the management mechanism of the script engine.
- Other detail issues fixed.
Official Channel: @SurgeTestFlightFeed
#Mac#Release
Version 5.7.1-2758
- Optimize the matching performance of small rule sets, especially evident on older CPU models.
- The external resource update page can display error information generated by rule set processing.
- Automatically ignore invalid empty lines in the rule set.
- Fixed an issue where applying temporary rules would not interrupt existing connections if a policy change occurred.
- Fixed an issue when using Ponte policy within Smart group, if the target device is itself, it was not automatically switched to DIRECT policy.
- Corrected the time error displayed in request logs for Ponte device requests.
- Fixed a low probability crash that occurs when external policy group content changes.
- During the initialization phase of Smart group, no longer display most used tags to avoid misunderstanding .
- Fixed a crash that could occur when adding a policy group if an external policy was selected but no URL was provided.
- Corrected an issue where items did not correctly display their storage location after being moved on the key management page.
Official Channel: @SurgeTestFlightFeed
#Mac#Release
Version 5.7.1-2757
- Optimize the matching performance of small rule sets, especially evident on older CPU models.
- The external resource update page can display error information generated by rule set processing.
- Automatically ignore invalid empty lines in the rule set.
- Fixed an issue where applying temporary rules would not interrupt existing connections if a policy change occurred.
- Fixed an issue when using Ponte policy within Smart group, if the target device is itself, it was not automatically switched to DIRECT policy.
- Corrected the time error displayed in request logs for Ponte device requests.
- Fixed a low probability crash that occurs when external policy group content changes.
- During the initialization phase of Smart group, no longer display most used tags to avoid misunderstanding .
- Fixed a crash that could occur when adding a policy group if an external policy was selected but no URL was provided.
- Corrected an issue where items did not correctly display their storage location after being moved on the key management page.
Official Channel: @SurgeTestFlightFeed
#Mac#Release
Version 5.7.0-2724
### Smart Group
This is a new type of policy group, driven by our carefully designed algorithm engine, which can automatically select the appropriate policy from the sub-policies of this policy group. The goal of the Smart policy group is to replace the original automatic testing groups (url/load-balance/fallback), greatly optimizing the experience while minimizing the need for manual intervention in policy groups. Users only need to put the available policies into this group.
For details, see: https://kb.nssurge.com/surge-knowledge-base/guidelines/smart-group
### Rule System
- Overall performance optimization of the rule system.
- Significant optimization of the indexing algorithm in large domain rule sets, improving the search efficiency by more than ten times for rule sets with more than 100,000 rules.
- Corrected the issue where sub-rules of logical rules within a rule set could not be covered by the no-resolve and extended-matching parameters of the rule set.
- Added a new rule type DOMAIN-WILDCARD, supporting ? and * domain name matching.
- DOMAIN-SET and RULE-SET are changed to strict validation. If there are invalid lines in the file, the entire rule set will be invalidated to avoid problems caused by misuse.
### IPv6
- The behavior of the ipv6-vif parameter has been modified. When set to always, IPv6 functionality will be enabled even if ipv6=true is not set.
- Added a warning for the ipv6-vif=always parameter.
- Adjusted the automatic retry mechanism. Accessing IPv6 addresses in a non-IPv6 network will no longer enter the retry process, and the request will fail immediately (solving the problem of some applications stalling when IPv6 VIF is enabled in a non-IPv6 environment, but the application will still continue to send IPv6 requests).
### Other Optimizations
- Enhanced $notification.post, adding support for media resources, sound hints, and automatic dismissal.
- Optimized WireGuard failure handling.
- Reduced the power consumption of the TUIC protocol during sleep.
- Improved the precision of time statistics in the request log system, now accurate to µs level.
- Optimized various abnormal retry mechanisms, avoiding high resource usage caused by continuous retry in the face of some specific problems. For operations that need to be retried continuously (such as WireGuard reconnection, Ponte server reporting to iCloud), Surge will now retry after 0.1s, 0.5s, 1s, 5s, 10s, 30s after an error.
- Optimized the caching system for external resources.
- Added the profile line modifier #!REQUIREMENT.
### Minor Adjustments
- Limited the length of logs that can be written to request notes in debug mode by scripts.
- Changed the default UDP test target to 1.0.0.1.
- If incorrect types of fields are passed when using API in scripts, it will result in script errors.
- After the script is completed or times out, unfinished $httpClient will no longer call the callback function.
### Issue Fixes
- Fixed the issue where the HTTP Body captured from remote devices could not be read in the Dashboard.
- Fixed the problem where Header Rewrite rules could not match URLs based on the Host field.
- Corrected the issue where ip-version and tos parameters could not take effect when testing proxies.
- Fixed the crash issue caused by mistakenly passing null when executing scripts via HTTP-API.
#Mac#Release
Version 5.6.1-2612
### Fixes
- Bug fixes.
#Mac#Release
Version 5.6.0-2611
#### New Feature
- Mock (Map Local) feature fully enhanced.
- Added data types such as text, tiny-gif, base64 for inline direct data return.
- Added status-code parameter
- UI related configurations have not been updated yet. For usage methods, see the documentation: https://manual.nssurge.com/http-processing/mock.html
- When the parameter encrypted-dns-follow-outbound-mode=true is configured, if a DoH/DoQ/DoH3 connection matches a proxy server using a domain name, and if there is a DNS Local Mapping record for that proxy server's domain name containing an IP address or traditional DNS server, then it is permissible to query through that proxy server. (Querying DNS through a proxy server will break CDN optimization, leading to severe slowness when loading images and videos. Unless there are very special requirements and it is not necessary to configure in this way, domain rules should be used to ensure requests are directly queried by the proxy server.)
- Added feature Body Rewrite, see documentation for details: https://manual.nssurge.com/http-processing/body-rewrite.html- Added recognition for STUN packets, which can be matched using PROTOCOL,STUN. Similar to QUIC, to ensure compatibility, PROTOCOL,UDP can also continue to match STUN traffic.
#### Enhancements
- Optimized request logging. Now the specific rules matched for URL Rewrite and Header Rewrite will be displayed.
- Adjusted the logic of how the DNS engine handles empty results. Now when multiple DNS servers are configured, it no longer waits for all servers to respond with empty results in order to avoid additional waiting when AAAA records do not exist. (However, since the behavior of DNS servers may vary in different environments, observe whether this change causes side effects; please provide feedback if issues arise causing abnormal results.)
- Canceled warning notifications when ICMP exceeds limits
### Fixes
- Enhanced compatibility when decompressing HTTP Body.
- Fixed a crash in Surge caused by passing some incorrect types of parameters in scripts.
- Adapted to new system restrictions, fixed the issue where selecting to display the main window is ineffective in some cases
- Fixed compatibility issues with non-https WebSocket in proxy mode and the new version of Safari
#Mac#Release
Version 5.5.0-2589
#### Module
- Added several new official modules; official modules can now be dynamically updated.
- Modules have a new classification field for convenient access and categorization in the UI.
- Modules now accept parameter tables, supporting multiple parameters. Parameters will be used to modify module content through text replacement.
#### Script
- New script execution engine. Optimized execution performance and memory usage.
- $httpClient has added several practical parameters.
For more details on the updates above, see the documentation.
#### Enhancements
- New parameter: always-raw-tcp-keywords. For usage, refer to documentation.
- Added SRC-PORT rule for matching client port numbers.
- IN-PORT/SRC-PORT/DEST-PORT three rules are categorized as port number rule types, supporting three kinds of expressions:
- Directly writing the port number, such as IN-PORT,6153
- Port number closed interval: such as DEST-PORT,10000-20000
- Using >, <, <=, >= operators, such as SRC-PORT,>=50000
- The UI can now maintain pure empty lines from original configurations after editing.
### Fixes
- Corrected a detail issue with QUIC flow control and optimized latency performance for Ponte/TUIC/Hysteria2 protocols.
- Other bug fixes.
#Mac#Release
Version 5.5.0-2588
#### Module
- Added several new official modules; official modules can now be dynamically updated.
- Modules have a new classification field for convenient access and categorization in the UI.
- Modules now accept parameter tables, supporting multiple parameters. Parameters will be used to modify module content through text replacement.
#### Script
- New script execution engine. Optimized execution performance and memory usage.
- $httpClient has added several practical parameters.
For more details on the updates above, see the documentation.
#### Enhancements
- New parameter: always-raw-tcp-keywords. For usage, refer to documentation.
- Added SRC-PORT rule for matching client port numbers.
- IN-PORT/SRC-PORT/DEST-PORT three rules are categorized as port number rule types, supporting three kinds of expressions:
- Directly writing the port number, such as IN-PORT,6153
- Port number closed interval: such as DEST-PORT,10000-20000
- Using >, <, <=, >= operators, such as SRC-PORT,>=50000
- The UI can now maintain pure empty lines from original configurations after editing.
### Fixes
- Corrected a detail issue with QUIC flow control and optimized latency performance for Ponte/TUIC/Hysteria2 protocols.
- Other bug fixes.
#Mac#Release
Version 5.5.0-2586
#### Module
- Added several new official modules; official modules can now be dynamically updated.
- Modules have a new classification field for convenient access and categorization in the UI.
- Modules now accept parameter tables, supporting multiple parameters. Parameters will be used to modify module content through text replacement.
#### Script
- New script execution engine. Optimized execution performance and memory usage.
- $httpClient has added several practical parameters.
For more details on the updates above, see the documentation.
#### Enhancements
- New parameter: always-raw-tcp-keywords. For usage, refer to documentation.
- Added SRC-PORT rule for matching client port numbers.
- IN-PORT/SRC-PORT/DEST-PORT three rules are categorized as port number rule types, supporting three kinds of expressions:
- Directly writing the port number, such as IN-PORT,6153
- Port number closed interval: such as DEST-PORT,10000-20000
- Using >, <, <=, >= operators, such as SRC-PORT,>=50000
- The UI can now maintain pure empty lines from original configurations after editing.
### Fixes
- Corrected a detail issue with QUIC flow control and optimized latency performance for Ponte/TUIC/Hysteria2 protocols.
- Other bug fixes.
#Mac#Release
Version 5.4.3-2540
- Rewrote the virtual IP database, now the database can automatically clean up data based on the last time of use.
- Fixed some issues that may occur when using Snell v4 with WireGuard and enabling reuse.
- For DNS requests with illegal domain names, an empty result response will be generated instead of being directly ignored.
- tun-included-routes and tun-excluded-routes parameters now supports IPv6 CIDR block when IPv6 VIF is enabled.
- Support configuring no-resolve for built-in rule sets/Inline rule sets.
- Surge Ponte connections no longer validate peer addresses to ensure normal operation in certain special scenarios.
- Bug fixes.