#2327 Allow filtering short URL lists by those not including certain tags.

Now, the GET /short-urls endpoint accepts two new params: excludeTags, which is an array of strings with the tags that should not be included, and excludeTagsMode, which accepts the values any and all, and determines if short URLs should be filtered out if they contain any of the excluded tags, or all the excluded tags.

Additionally, the short-url:list command also supports the same feature via --exclude-tag option, which requires a value and can be provided multiple times, and --exclude-tags-all, which does not expect a value and determines if the mode should be all, or any.

#2192 Allow filtering short URL lists by the API key that was used to create them.

Now, the GET /short-urls endpoint accepts a new apiKeyName param, which is ignored if the request is performed with a non-admin API key which name does not match the one provided here.

Additionally, the short-url:list command also supports the same feature via the --api-key-name option.

#2330 Add support to serve Shlink with FrankenPHP, by providing a worker script in bin/frankenphp-worker.php.

#2449 Add support to provide redis credentials separately when using redis sentinels, where provided servers are the sentinels and not the redis instances.

For this, Shlink supports two new env ras / config options, as REDIS_SERVERS_USER and REDIS_SERVERS_PASSWORD.

#2498 Allow orphan visits, non-orphan visits and tag visits lists to be filtered by domain.

This is done via the domain query parameter in API endpoints, and via the --domain option in console commands.

#2472 Add support for PHP 8.5

#2291 Add api-key:delete console command to delete API keys.

#2438 Add MERCURE_ENABLED env var and corresponding config option, to more easily allow the mercure integration to be toggled.

For BC, if this env var is not present, we'll still consider the integration enabled if the MERCURE_PUBLIC_HUB_URL env var has a value. This is considered deprecated though, and next major version will rely only on MERCURE_ENABLED, so if you are using Mercure, make sure to set MERCURE_ENABLED=true to be ready.

#2387 Add REAL_TIME_UPDATES_TOPICS env var and corresponding config option, to granularly decide which real-time updates topics should be enabled.

#2418 Add more granular control over how Shlink handles CORS. It is now possible to customize the Access-Control-Allow-Origin, Access-Control-Max-Age and Access-Control-Allow-Credentials headers via env vars or config options.

#2386 Add new any-value-query-param and valueless-query-param redirect rule conditions.

These new rules expand the existing query-param, which requires both a specific non-empty value in order to match the condition.

The new conditions match as soon as a query param exists with any or no value (in the case of any-value-query-param), or if a query param exists with no value at all (in the case of valueless-query-param).

#2360 Add TRUSTED_PROXIES env var and corresponding config option, to configure a comma-separated list of all the proxies in front of Shlink, or simply the amount of trusted proxies in front of Shlink.

This is important to properly detect visitor's IP addresses instead of incorrectly matching one of the proxy's IP address, and if provided, it disables a workaround introduced in #2359.

#2274 Add more supported device types for the device redirect condition:

• linux: Will match desktop devices with Linux.
• windows: Will match desktop devices with Windows.
• macos: Will match desktop devices with MacOS.
• chromeos: Will match desktop devices with ChromeOS.
• mobile: Will match any mobile devices with either Android or iOS.

#2093 Add REDIRECT_CACHE_LIFETIME env var and corresponding config option, so that it is possible to set the Cache-Control visibility directive (public or private) when the REDIRECT_STATUS_CODE has been set to 301 or 308.

#2323 Add LOGS_FORMAT env var and corresponding config option, to allow the logs generated by Shlink to be in console or JSON formats.

#2373 Ensure deprecation warnings do not end up escalated to ErrorExceptions by ProblemDetailsMiddleware.

In order to do this, Shlink will entirely ignore deprecation warnings when running in production, as those do not mean something is not working, but only that something will break in future versions.

#2351 Fix visitor IP address resolution when Shlink is served behind more than one reverse proxy.

This regression was introduced due to a change in behavior in akrabat/rka-ip-address-middleware, that now picks the first address from the right after excluding all trusted proxies.

Since Shlink does not set trusted proxies, this means the first IP from the right is now picked instead of the first from the left, so we now reverse the list before trying to resolve the IP.

In the future, Shlink will allow you to define trusted proxies, to avoid other potential side effects because of this reversing of the list.

#2354 Fix error "NOSCRIPT No matching script. Please use EVAL" thrown when creating a lock in redis.

#2319 Fix unique index for short_code and domain_id in short_urls table not being used in Microsoft SQL engines for rows where domain_id is null.