This release introduces significant enhancements to data management and security, including support for the Apache Parquet format to reduce storage costs for batch job catalogs. Security controls are strengthened with external authorization for STS and stricter IAM policy validation. Data integrity is improved through enhanced checksum validation for site replication and object transfers.

### New Features
- **Generate batch job catalogs in Apache Parquet format** to significantly reduce storage footprint and accelerate downstream analytics workflows. (#1090)

### Improvements
- **Enhanced site replication with checksum validation** during data transfer to guarantee the integrity of replicated data against in-transit corruption. (#568)
- **Added support for full-object checksums via trailing headers**, enabling end-to-end data integrity validation for operations like bucket replication. (#1116)
- **Improved TLS certificate error logging** with specific parsing failure locations to accelerate troubleshooting of configuration issues. (#1097)
- **Reduced the size of diagnostic reports** by removing detailed CPU frequency statistics, making reports faster to generate and easier to transfer for support analysis. (#1100)
- **Updated the web-based AIStor Console to v0.0.20**, incorporating the latest functional enhancements and user interface fixes. (#1112)

### Performance Improvements
- **Limited concurrency for background folder checks** to prevent excessive resource utilization and maintain system responsiveness in large-scale deployments. (#1104)

### Security Updates
- **Enabled external authorization plugins for STS deny rules**, providing more granular control over temporary credentials. The system now also rejects role assumption requests for non-existent IAM policies. (#1098)

### Bug Fixes
- **Prevented server crashes when canceling a batch job**, ensuring cancellation is handled gracefully without service disruption. (#1103, #1109)
- **Strengthened internal node communication handling** during background tasks to prevent panics caused by unexpected responses. (#1108)
- **Restored authentication for STS temporary credentials** when an external identity provider is active. (#1093)
- **Implemented multipart uploads for large batch catalog exports** to prevent job failures caused by network timeouts. (#1102)
- **Added pre-run validation for batch job destination prefixes** to provide immediate feedback on invalid configurations. (#1115)
- **Improved S3 client compatibility** by aligning `ListObjectsV1` pagination behavior with AWS standards. (#1086)
- **Ensured network disconnection errors are reported correctly** to prevent silent failures and aid in diagnosing connectivity issues. (#1110)
- **Enforced strict validation of the `x-amz-trailer` header** to align with S3 API behavior and prevent ambiguous requests. (#1120)

### Breaking Changes
- **Replication performance settings have been moved** from the `api` subsystem to a new `replication` subsystem. Administrators must update any custom configurations or scripts to target the new subsystem. (#893)
- **Removed legacy per-drive API latency metrics** to reduce system overhead. Monitoring tools must be updated to use `mc admin trace` or Prometheus for performance diagnostics. (#1088)