<para>
Add support for the OAuth authentication method (Jacob Champion, Daniel Gustafsson, Thomas Munro)
<ulink url="&commit_baseurl;b3f0be788">§</ulink>
</para>
<para>
This adds an "oauth" authentication method to pg_hba.conf, libpq OAuth options, a server variable oauth_validator_libraries to load token validation libraries, and
a configure flag --with-libcurl to add the required compile-time libraries.
</para>
</listitem>
<!--
Author: Daniel Gustafsson <dgustafsson@postgresql.org>
2024-10-24 [45188c2ea] Support configuring TLSv1.3 cipher suites
-->
<listitem>
<para>
Add server variable ssl_tls13_ciphers to allow specification of multiple colon-separated TLSv1.3 cipher suites (Erica Zhang, Daniel Gustafsson)
<ulink url="&commit_baseurl;45188c2ea">§</ulink>
</para>
</listitem>
<!--
Author: Daniel Gustafsson <dgustafsson@postgresql.org>
2025-03-18 [daa02c6bd] Add X25519 to the default set of curves
-->
<listitem>
<para>
Change server variable ssl_groups's default to include elliptic curve X25519 (Daniel Gustafsson, Jacob Champion)
<ulink url="&commit_baseurl;daa02c6bd">§</ulink>
</para>
</listitem>
<!--
Author: Daniel Gustafsson <dgustafsson@postgresql.org>
2024-10-24 [3d1ef3a15] Support configuring multiple ECDH curves
-->
<listitem>
<para>
Rename server variable ssl_ecdh_curve to ssl_groups and allow multiple colon-separated ECDH curves to be specified (Erica Zhang, Daniel Gustafsson)
<ulink url="&commit_baseurl;3d1ef3a15">§</ulink>
</para>
<para>The previous name still works.
</para>
</listitem>
<!--
Author: Daniel Gustafsson <dgustafsson@postgresql.org>
2025-01-24 [924d89a35] pgcrypto: Add function to check FIPS mode
-->
<listitem>
<para>
Add function pg_check_fipsmode() to report the server's FIPS mode (Daniel Gustafsson)
<ulink url="&commit_baseurl;924d89a35">§</ulink>
</para>
</listitem>
<!--
Author: Heikki Linnakangas <heikki.linnakangas@iki.fi>
2025-04-02 [a460251f0] Make cancel request keys longer
Author: Heikki Linnakangas <heikki.linnakangas@iki.fi>
2024-07-29 [9d9b9d46f] Move cancel key generation to after forking the backend
-->
<listitem>
<para>
Make cancel request keys 256 bits (Heikki Linnakangas, Jelte Fennema-Nio)
<ulink url="&commit_baseurl;a460251f0">§</ulink>
<ulink url="&commit_baseurl;9d9b9d46f">§</ulink>
</para>
<para>
This is only possible when the server and client support wire protocol version 3.2, introduced in this release.
</para>
</listitem>
<!--
Author: Nathan Bossart <nathan@postgresql.org>
2025-01-06 [c758119e5] Allow changing autovacuum_max_workers without restarting
-->
<listitem>
<para>
Add server variable autovacuum_worker_slots to specify the maximum number of background workers (Nathan Bossart)
<ulink url="&commit_baseurl;c758119e5">§</ulink>
</para>
<para>
With this variable set, autovacuum_max_workers can be adjusted at runtime up to this maximum without a server restart.
</para>
</listitem>
<!--
Author: Nathan Bossart <nathan@postgresql.org>
2025-02-05 [306dc520b] Introduce autovacuum_vacuum_max_threshold.
-->
<listitem>
<para>
Allow specification of the fixed number of dead tuples that will trigger an autovacuum (Nathan Bossart, Frédéric Yhuel)
<ulink url="&commit_baseurl;306dc520b">§</ulink>
</para>
<para>
The server variable is autovacuum_vacuum_max_threshold. Percentages are still used for triggering.
</para>
</listitem>
<!--
Author: Andres Freund <andres@anarazel.de>
2025-03-24 [adb5f85fa] Redefine max_files_per_process to control additionally o
-->
<listitem>
<para>
Change server variable max_files_per_process to limit only files opened by a backend (Andres Freund)
<ulink url="&commit_baseurl;adb5f85fa">§</ulink>
</para>
<para>
Previously files opened by the postmaster were also counted toward this limit.
</para>
</listitem>
<!--
Author: Nathan Bossart <nathan@postgresql.org>
2024-07-26 [0dcaea569] Introduce num_os_semaphores GUC.
-->
<listitem>
<para>
Add server variable num_os_semaphores to report the