# MinIO AIStor EDGE.2026-06-06T03-55-05Z

Released: 2026-06-06

This EDGE build delivers the new Tables Unreferenced File Removal maintenance
feature, a major internode RDMA upgrade (lossless RoCE auto-detection and
per-rail NUMA-local routing that reaches ~92% of line rate), per-bucket ILM
activity metrics, and several security hardening fixes. It also resolves a
cross-pool lifecycle data-loss bug, a site-replication deadlock, and ships a
broad set of console UX improvements.

---

## Downloads

### Binary Downloads

| Platform | Architecture | Download                                                                 |
| -------- | ------------ | ------------------------------------------------------------------------ |
| Linux    | amd64        | [minio](https://dl.min.io/aistor/minio/edge/linux-amd64/minio)           |
| Linux    | arm64        | [minio](https://dl.min.io/aistor/minio/edge/linux-arm64/minio)           |
| macOS    | arm64        | [minio](https://dl.min.io/aistor/minio/edge/darwin-arm64/minio)          |
| macOS    | amd64        | [minio](https://dl.min.io/aistor/minio/edge/darwin-amd64/minio)          |
| Windows  | amd64        | [minio.exe](https://dl.min.io/aistor/minio/edge/windows-amd64/minio.exe) |

### FIPS Binaries

| Platform | Architecture | Download                                                                 |
| -------- | ------------ | ------------------------------------------------------------------------ |
| Linux    | amd64        | [minio.fips](https://dl.min.io/aistor/minio/edge/linux-amd64/minio.fips) |
| Linux    | arm64        | [minio.fips](https://dl.min.io/aistor/minio/edge/linux-arm64/minio.fips) |

### Package Downloads

| Format | Architecture | Download                                                                                                                         |
| ------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------- |
| DEB    | amd64        | [minio_20260606035505.0.0_amd64.deb](https://dl.min.io/aistor/minio/edge/linux-amd64/minio_20260606035505.0.0_amd64.deb)         |
| DEB    | arm64        | [minio_20260606035505.0.0_arm64.deb](https://dl.min.io/aistor/minio/edge/linux-arm64/minio_20260606035505.0.0_arm64.deb)         |
| RPM    | amd64        | [minio-20260606035505.0.0-1.x86_64.rpm](https://dl.min.io/aistor/minio/edge/linux-amd64/minio-20260606035505.0.0-1.x86_64.rpm)   |
| RPM    | arm64        | [minio-20260606035505.0.0-1.aarch64.rpm](https://dl.min.io/aistor/minio/edge/linux-arm64/minio-20260606035505.0.0-1.aarch64.rpm) |

### Container Images

```bash
# Standard
docker pull quay.io/minio/aistor/minio:EDGE.2026-06-06T03-55-05Z
podman pull quay.io/minio/aistor/minio:EDGE.2026-06-06T03-55-05Z

# FIPS
docker pull quay.io/minio/aistor/minio:EDGE.2026-06-06T03-55-05Z.fips
podman pull quay.io/minio/aistor/minio:EDGE.2026-06-06T03-55-05Z.fips
```

Note: Homebrew is only available for RELEASE builds, not EDGE builds.

---

## Security Updates

- **Prevent `aws:SourceIp` spoofing via `X-Forwarded-For`** — the source IP
  used in `aws:SourceIp` policy conditions could be forged through the
  `X-Forwarded-For` header, allowing an attacker to bypass IP-restricted Allow
  rules. The header is now trusted only from configured upstream proxies. A new
  `MINIO_API_TRUSTED_UPSTREAM_PROXIES` environment variable (and matching
  `trusted_upstream_proxies` API config subkey) defines the trusted proxy
  CIDRs; setting it to `-` denies all upstream proxies (#5380).
- **Restrict `s3:ExistingObjectTag` evaluation in PutObjectTagging** —
  `PutObjectTaggingHandler` evaluated the `s3:ExistingObjectTag` policy
  condition against attacker-controlled request-body tags instead of the
  object's actual stored tags. Policy evaluation now uses the object's existing
  metadata (#5308).
- **Patched Go toolchain (1.26.4)** — rebuilds against the patched Go standard
  library, resolving `GO-2026-5039` (`net/textproto`), `GO-2026-5038` (`mime`),
  and `GO-2026-5037` (`crypto/x509`) (#5496).

---

## New Features

### Tables: Unreferenced File Removal

A new warehouse-level maintenance type for Iceberg tables periodically scans
each table's location and removes objects no longer referenced by any snapshot,
reclaiming storage from orphaned data files. It runs as a background,
cluster-leader-locked task and uses a soft-delete model: orphaned objects become
noncurrent versions under a delete marker, and a managed lifecycle rule
hard-deletes them after a configurable grace period — giving operators a
recovery window. Enabling the feature automatically turns on bucket versioning.
Two per-warehouse parameters control behavior: `unreferencedDays` (how old an
unreferenced object must be before it is collected, default 3 days) and
`noncurrentDays` (how long it stays recoverable before permanent deletion,
default 2 days) (#4751, #5563).

### Per-bucket ILM activity metrics

Operators can now scrape per-bucket lifecycle action counts at
`/minio/metrics/v3/bucket/ilm/<bucket>` to detect ILM backlog or size ILM
worker pools without object-level logging. New counters cover delete,
delete-version, delete-all-versions, transition, transition-version, and
restored-object deletions. Counters are node-local; aggregate cluster-wide with
`sum by (bucket)`. Matching Prometheus recording rules collapse the node
dimension at ingest time to keep series counts manageable at 1,000–10,000
bucket scale (#4526).

### Internode RDMA: lossless RoCE and per-rail routing

- **Lossless DSCP auto-detection** — the internode RDMA path now auto-detects
  the lossless RoCE traffic class from the host DCB configuration (PFC + APP
  table). On validated hardware this took 15-node all-to-all throughput from
  collapse (~1–6 Gb/s/node) to **367 Gb/s/node (92% of line rate) with zero
  application errors**. New overrides `MINIO_RDMA_INTERNODE_TRAFFIC_CLASS` and
  `MINIO_RDMA_INTERNODE_SERVICE_LEVEL` are available, and a full validated
  lossless RoCE runbook ships in `docs/distributed/RDMA.md` (#5532).
- **Per-rail routing and per-NIC metrics** — on multi-NIC nodes each object
  stream is pinned to one NIC drawing from a NUMA-local send pool, avoiding
  cross-socket memory traffic. A per-remote in-flight write cap (env
  `MINIO_RDMA_INTERNODE_MAX_WRITES_PER_PEER`, default 4) provides flow control,
  and new per-NIC flow-control metrics are exposed at
  `/system/network/internode/rdma`. Single-NIC nodes are unaffected (#5581).

### Console improvements

- **Error log viewer** brought to parity with Audit Logs: multi-value chip
  filters for nodes, APIs, buckets, and object prefixes (with wildcard support),
  plus message search with inline highlighting (#5327).
- **Alerts page redesign** matching the Audit Logs visual style, with clearer
  erasure-set-health alert titles (#5432).
- **Users table UX** improvements: a dedicated per-user access keys page, a
  shared access-key list component, toolbar bulk actions, and pagination for
  LDAP users (#5471).
- **Toggle for internal log recorders** — enable or disable internal log
  recorders directly (#5475).

---

## Performance Improvements

- **Restored full PUT throughput on the write path** — a per-read
  `DisableDirectIO` call was stripping `O_DIRECT` from peer shard writes,
  forcing buffered I/O and cutting PUT throughput roughly in half with tail
  stalls. Removing it restores direct I/O on writes; verified on a 4-node ×
  24-NVMe cluster (#5467).
- **Bulk LDAP access-key listing** replaces N+1 per-key fetches with a single
  bulk request (#5486).
- **Deferred cache invalidation** until after bulk operations complete, reducing
  redundant work during batch actions (#5509).
- **Console object sorting** parses `lastModified` once per entry, avoiding
  repeated date allocations on large listings (#5521).
- **Quota page** no longer re-fetches account info on every filter or sort
  change (#5512).

---

## Bug Fixes

### Data integrity and lifecycle

- Fixed cross-pool `AllVersionsExpiration` that could delete newer versions of
  an object living in other pools, causing data loss. The scanner now fetches
  the cluster-wide latest version before fan-out and skips enforcement when the
  scanned version is not the latest (#5524).
- Block tier removal when bucket lifecycle rules still reference it, preventing
  silently stranded transitioned objects (#3871).
- Normalize replicated and inventory-job object metadata so duplicate
  `Content-Type`/`content-type` headers are no longer produced (#5526).

### Distributed and reliability

- Fixed 12 data races across the locking, replication, heal, and cache paths,
  all confirmed under `-race` (#5555).
- Fixed a recursive `RLock` deadlock in the site-replication `concDo` path that
  could wedge site replication until restart (#5552), and stopped
  site-replication `concDo` goroutines from reading shared cluster state without
  a lock (#5584).
- Corrected an off-by-one in the pool-index bounds check during new-drive
  formatting (#3602).
- Reject nested pool endpoint paths at server startup instead of allowing an
  invalid topology (#3812).
- `proxyToLeader` now distinguishes "no leader" from "is leader," avoiding
  misrouted requests during leader transitions (#5484).
- The scanner excess-alert monitor now runs per-node, so excess-versions and
  excess-folders alerts fire correctly in multi-node clusters (#4914).
- Fixed windowed metrics returning zero when data is written to a past time slot
  (#5505).

### Tables

- Updated tables config spec endpoints for PyIceberg 0.11 compatibility (#5407).
- Made the Delta Sharing table ID consistent across list and metadata responses
  (#5495).
- Backfill start now distinguishes "not leader" from "already running" (#5456).
- Support nested namespaces in the table share UI (#5508).

### IAM, notifications, and licensing

- Use a round-robin partitioner for logger, audit, API, error, and alert Kafka
  targets to spread records evenly across partitions (`notify_kafka` keeps the
  default partitioner) (#3600).
- Populate `AccountStatus` in bulk access-key list responses for OpenID and
  built-in STS keys, so clients can show disabled keys without an extra call
  per key (#5469).
- Implement cookie chunking so console login succeeds for LDAP users belonging
  to a very large number of groups (previously failed with "cookie too large")
  (#5416).
- Only the leader node performs the daily license renewal, reducing redundant
  SUBNET calls across the cluster (#5429).

### Console

- Migrated LDAP and OpenID pages to the authenticated `apiFetch` client (#5494).
- LDAP/OIDC configuration fields are now read-only (except the enable toggle)
  when set via environment variables (#5457).
- Show the full bucket name in dropdowns via tooltip (#5458).
- Collapse the Buckets sidebar entry to a simple link for non-admin users
  (#5554).
- Removed the "Add tier" option from the transition rules dialog (#5518) and
  improved the tier configuration page (#5410).
- Made the LDAP Groups tab consistent with the Groups page (#5551), improved
  action-button color contrast (#5525), cleared the redundant close button from
  log/alert detail sheet headers (#5546), and renamed system logs in the system
  inventory (#5468).
- Standardized the Policies/Groups bulk-action pattern and removed redundant
  item-count text (#5487, #5503).
- Removed the per-bucket monitoring page (#5565) and cleaned up dead
  erasure-set exports and an inert Cancel button (#5568).

---

## Improvements

- Updated KMS dependencies to current upstream versions, absorbing associated
  API changes (#5354).

---

## Security & Compliance

### Software Bill of Materials (SBOM)

This release includes comprehensive SBOM documentation in multiple formats:

- [SPDX JSON](sbom-EDGE.2026-06-06T03-55-05Z.spdx.json) - Standard SBOM format
- [CycloneDX JSON](sbom-EDGE.2026-06-06T03-55-05Z.cyclonedx.json) - Security scanner compatible
- [Go Modules](go-modules-EDGE.2026-06-06T03-55-05Z.txt) - Human-readable dependency list

SBOM files document all direct and transitive dependencies for security auditing and compliance requirements.

---

## Upgrade Instructions

For detailed upgrade instructions, please read: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/

Platform-specific upgrade guides:

- **Linux/Bare Metal**: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/upgrade-aistor-linux/
- **Kubernetes with Helm**: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/upgrade-aistor-kubernetes-helm/

### New Configuration Options

- `MINIO_API_TRUSTED_UPSTREAM_PROXIES` / `trusted_upstream_proxies` (api config
  subkey) — trusted upstream proxy CIDRs for resolving the real client source
  IP used in `aws:SourceIp` policy conditions. Set to `-` to deny all upstream
  proxies (#5380).
- `MINIO_RDMA_INTERNODE_TRAFFIC_CLASS` — internode RDMA lossless traffic class;
  `0` (AUTO) auto-detects from host DCB (#5532).
- `MINIO_RDMA_INTERNODE_SERVICE_LEVEL` — internode RDMA service level override
  (#5532).
- `MINIO_RDMA_INTERNODE_MAX_WRITES_PER_PEER` — per-remote in-flight write cap
  for internode RDMA (default 4) (#5581).

### Support

For enterprise support:

- SUBNET Support: https://subnet.min.io
- Documentation: https://docs.min.io