This release enhances data integrity and operational efficiency. Data is now automatically protected with default checksums on upload, and critical fixes prevent data loss in tiered storage environments. Performance is improved through optimized authentication workflows and more efficient background jobs, while cleaner audit logs simplify system monitoring. ### Breaking Changes * **Security Token Service (STS) token revocation is now disabled by default to improve authentication performance.** Administrators who require this feature must set the `MINIO_STS_TOKEN_REVOKE=on` environment variable to re-enable it. Deployments not using this variable will see improved authentication speeds but will be unable to revoke STS tokens. (#1213) ### Improvements * **Enhanced data integrity with automatic checksums for all object uploads.** A CRC64NVME checksum is now computed by default, improving S3 compatibility and providing data validation without client-side changes. (#1163) * **Accelerated data integrity checks with optimized checksum calculations.** Throughput for CRC32 and CRC64-NVMe operations is increased up to 4x on modern CPUs, improving performance for uploads, downloads, and healing. (#1194) * **Optimized the self-healing process for faster server restarts and reduced resource load.** The healing queue is now processed more efficiently, and healing operations are briefly delayed on startup to prioritize client requests. (#1176) * **Reduced audit log volume for cleaner, more focused operational monitoring.** High-frequency `CheckAbandonedFolder` events have been removed, and healing retries are now consolidated into a single audit event. (#1212, #1215) * **Improved performance and memory efficiency for batch object expiration jobs.** An internal cache is now managed more effectively, reducing memory consumption during large-scale deletions. (#1209) * **Increased the efficiency of permanent object deletion.** A redundant disk operation was removed to accelerate the process of permanently deleting an object. (#1164) * **Updated the MinIO Console to the latest version (v0.0.22).** This provides the most recent UI enhancements and fixes for a more refined management experience. (#1211) * **Strengthened container image build process by using native UBI components.** This prevents potential runtime library conflicts and enhances execution in containerized environments. (#1178) * **Streamlined server startup by skipping the O_DIRECT support check when the feature is disabled.** (#1177) ### Bug Fixes * **Resolved a critical data loss issue where tiered objects could be deleted during self-healing.** The healing process now correctly identifies transitioned objects, ensuring data integrity in tiered storage configurations. (#1192) * **Ensured Azure AD group policy mappings persist across server restarts.** This corrects an issue where permissions were incorrectly deleted, removing the need for manual reconfiguration. (#1171) * **Corrected site replication authentication failures that occurred after a server restart.** Replication credentials are now loaded reliably, ensuring consistent data synchronization between sites. (#1216) * **Eliminated intermittent `503 Service Unavailable` errors during `ListObjectParts` API calls,** improving the robustness of multipart upload workflows under high concurrency. (#1169) * **Fixed an issue causing `404 Not Found` errors when accessing objects in specific high-availability erasure coding configurations.** (#1185) * **Addressed a race condition that could cause a rare server crash during data usage scanning.** (#1210) * **Ensured batch jobs for expiring object versions complete reliably,** preventing intermittent failures and enforcing retention policies correctly. (#1174) * **Improved compatibility with certain OIDC providers by defaulting to HTTP/1.1 for client communication,** preventing connection failures. (#1170) * **Enabled successful container image builds on ARM64 (aarch64) architectures** by correcting a dependency issue. (#1186)