7920 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
dependabot[bot]	0738427f08	build(deps): bump logger_json from 7.0.3 to 7.0.4 in /elixir (#10084) ... Bumps [logger_json](https://github.com/Nebo15/logger_json) from 7.0.3 to 7.0.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Nebo15/logger_json/releases">logger_json's releases</a>.</em></p> <blockquote> <h2>7.0.4</h2> <h2>What's Changed</h2> <ul> <li>Add indentation to the code snippet for docs by <a href="https://github.com/RudolfMan"><code>@​RudolfMan</code></a> in <a href="https://redirect.github.com/Nebo15/logger_json/pull/160">Nebo15/logger_json#160</a></li> <li>Google Cloud: Handle non-binary values in <code>format_affected_user/1</code> by <a href="https://github.com/raulpe7eira"><code>@​raulpe7eira</code></a> in <a href="https://redirect.github.com/Nebo15/logger_json/pull/161">Nebo15/logger_json#161</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4">https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="1524672b6c"><code>1524672</code></a> Bump version</li> <li><a href="88a149b0ac"><code>88a149b</code></a> fix(google-cloud): <code>format_affected_user/1</code> with non-binary values (<a href="https://redirect.github.com/Nebo15/logger_json/issues/161">#161</a>)</li> <li><a href="6e7768060e"><code>6e77680</code></a> Add indentation to the code snippet for docs (<a href="https://redirect.github.com/Nebo15/logger_json/issues/160">#160</a>)</li> <li>See full diff in <a href="https://github.com/Nebo15/logger_json/compare/7.0.3...7.0.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 15:24:41 +00:00
dependabot[bot]	c02986299e	build(deps): bump postgrex from 0.20.0 to 0.21.0 in /elixir (#10085) ... Bumps [postgrex](https://github.com/elixir-ecto/postgrex) from 0.20.0 to 0.21.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md">postgrex's changelog</a>.</em></p> <blockquote> <h2>v0.21.0 (2025-07-31)</h2> <p>This release requires Erlang/OTP 25+</p> <ul> <li> <p>Enhancements</p> <ul> <li>Add query timeout option on ReplicationConnection</li> </ul> </li> <li> <p>Bug fixes</p> <ul> <li>PGHOST option does not override explicitly given endpoint configuration</li> <li>Add ltxtquery support</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/elixir-ecto/postgrex/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 15:24:15 +00:00
dependabot[bot]	60b6c40da2	build(deps): bump next from 15.3.3 to 15.4.5 in /website (#10079) ... Bumps [next](https://github.com/vercel/next.js) from 15.3.3 to 15.4.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v15.4.5</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Fix API stripping JSON incorrectly (<a href="https://redirect.github.com/vercel/next.js/issues/82062">#82062</a>)</li> <li>Fix i18n fallback: false collision (<a href="https://redirect.github.com/vercel/next.js/issues/82158">#82158</a>)</li> <li>Revert &quot;Fix tracing of server actions imported by client components (<a href="https://redirect.github.com/vercel/next.js/issues/82167">#82167</a>)</li> <li>Ensure setAssetPrefix updates config instance (<a href="https://redirect.github.com/vercel/next.js/issues/82165">#82165</a>)</li> <li>Turbopack: update mimalloc (<a href="https://redirect.github.com/vercel/next.js/issues/82166">#82166</a>)</li> <li>fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82175">#82175</a>)</li> <li>fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/82174">#82174</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/ijjk"><code>@​ijjk</code></a>, <a href="https://github.com/sokra"><code>@​sokra</code></a>, and <a href="https://github.com/styfle"><code>@​styfle</code></a> for helping!</p> <h2>v15.4.4</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Fix dynamicParams false layout case in dev (<a href="https://redirect.github.com/vercel/next.js/issues/82026">#82026</a>)</li> <li>Turbopack: fix scope hoisting variable renaming bug (<a href="https://redirect.github.com/vercel/next.js/issues/81640">#81640</a>)</li> <li>Upgrade to swc v33 (<a href="https://redirect.github.com/vercel/next.js/issues/81750">#81750</a>)</li> <li>Revert &quot;[metadata] use https protocol for schema urls&quot; (<a href="https://redirect.github.com/vercel/next.js/issues/81934">#81934</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/bgw"><code>@​bgw</code></a> <a href="https://github.com/mischnic"><code>@​mischnic</code></a> <a href="https://github.com/huozhi"><code>@​huozhi</code></a> <a href="https://github.com/lukesandberg"><code>@​lukesandberg</code></a> and <a href="https://github.com/ijjk"><code>@​ijjk</code></a> for helping!</p> <h2>v15.4.3</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Turbopack: fix dist dir on Windows (<a href="https://redirect.github.com/vercel/next.js/issues/81758">#81758</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/mischnic"><code>@​mischnic</code></a> for helping!</p> <h2>v15.4.2</h2> <blockquote> <p>[!NOTE]</p> </blockquote> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="b9aab5dbe9"><code>b9aab5d</code></a> v15.4.5</li> <li><a href="a8c93c49dd"><code>a8c93c4</code></a> Disable test new tests jobs</li> <li><a href="ed2a6c7548"><code>ed2a6c7</code></a> [backport]: fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/82118">#82118</a>...</li> <li><a href="f00fcc9011"><code>f00fcc9</code></a> [backport]: fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82114">#82114</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/82175">#82175</a>)</li> <li><a href="55a7568e9d"><code>55a7568</code></a> Backport: Turbopack: update mimalloc (<a href="https://redirect.github.com/vercel/next.js/issues/81993">#81993</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/82166">#82166</a>)</li> <li><a href="5bc4b368e5"><code>5bc4b36</code></a> [backport] Ensure setAssetPrefix updates config instance (<a href="https://redirect.github.com/vercel/next.js/issues/82165">#82165</a>)</li> <li><a href="717dfb6ec9"><code>717dfb6</code></a> [Backport] Revert &quot;Fix tracing of server actions imported by client component...</li> <li><a href="6372ba03e8"><code>6372ba0</code></a> [backport] Fix i18n fallback: false collision (<a href="https://redirect.github.com/vercel/next.js/issues/82158">#82158</a>)</li> <li><a href="1e2c3792f8"><code>1e2c379</code></a> Fix API stripping JSON incorrectly (<a href="https://redirect.github.com/vercel/next.js/issues/82062">#82062</a>)</li> <li><a href="fe5db65859"><code>fe5db65</code></a> v15.4.4</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v15.3.3...v15.4.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 15:23:12 +00:00
dependabot[bot]	adc17a30e9	build(deps): bump com.android.application from 8.11.1 to 8.12.0 in /kotlin/android in the com-android group (#10094) ... Bumps the com-android group in /kotlin/android with 1 update: com.android.application. Updates `com.android.application` from 8.11.1 to 8.12.0 [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:07:10 +00:00
dependabot[bot]	4b0199c048	build(deps): bump the junit group in /kotlin/android with 2 updates (#10096) ... Bumps the junit group in /kotlin/android with 2 updates: androidx.browser:browser and androidx.test.ext:junit. Updates `androidx.browser:browser` from 1.8.0 to 1.9.0 Updates `androidx.test.ext:junit` from 1.2.1 to 1.3.0 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:06:25 +00:00
dependabot[bot]	2c3f686d08	build(deps): bump androidx.test.espresso:espresso-contrib from 3.6.1 to 3.7.0 in /kotlin/android (#10097) ... Bumps androidx.test.espresso:espresso-contrib from 3.6.1 to 3.7.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:06:00 +00:00
dependabot[bot]	19bfb16c57	build(deps): bump com.google.firebase.crashlytics from 3.0.4 to 3.0.5 in /kotlin/android (#10098) ... Bumps com.google.firebase.crashlytics from 3.0.4 to 3.0.5. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:05:41 +00:00
dependabot[bot]	0b2fcbd16f	build(deps): bump taiki-e/install-action from 2.55.3 to 2.57.5 (#10091) ... Bumps [taiki-e/install-action](https://github.com/taiki-e/install-action) from 2.55.3 to 2.57.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's releases</a>.</em></p> <blockquote> <h2>2.57.5</h2> <ul> <li>Update <code>vacuum@latest</code> to 0.17.7.</li> </ul> <h2>2.57.4</h2> <ul> <li>Update <code>trivy@latest</code> to 0.65.0.</li> </ul> <h2>2.57.3</h2> <ul> <li>Update <code>syft@latest</code> to 1.29.1.</li> </ul> <h2>2.57.2</h2> <ul> <li> <p>Update <code>grcov@latest</code> to 0.10.3.</p> </li> <li> <p>Update <code>cargo-shear@latest</code> to 1.4.1.</p> </li> </ul> <h2>2.57.1</h2> <ul> <li> <p>Update <code>git-cliff@latest</code> to 2.10.0.</p> </li> <li> <p>Update <code>cargo-binstall@latest</code> to 1.14.2.</p> </li> </ul> <h2>2.57.0</h2> <ul> <li>Support <code>mdbook-alerts</code>. (<a href="https://redirect.github.com/taiki-e/install-action/pull/1060">#1060</a>, thanks <a href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li> </ul> <h2>2.56.24</h2> <ul> <li>Update <code>just@latest</code> to 1.42.4.</li> </ul> <h2>2.56.23</h2> <ul> <li>Update <code>release-plz@latest</code> to 0.3.139.</li> </ul> <h2>2.56.22</h2> <ul> <li>Update <code>wasmtime@latest</code> to 35.0.0.</li> </ul> <h2>2.56.21</h2> <ul> <li>Improve error message for unsupported host architectures.</li> </ul> <h2>2.56.20</h2> <ul> <li>Update <code>syft@latest</code> to 1.29.0.</li> </ul> <h2>2.56.19</h2> <ul> <li>Update <code>cargo-llvm-cov@latest</code> to 0.6.18.</li> </ul> <h2>2.56.18</h2> <ul> <li>Update <code>just@latest</code> to 1.42.3.</li> </ul> <h2>2.56.17</h2> <ul> <li>Update <code>wasmtime@latest</code> to 34.0.2.</li> </ul> <h2>2.56.16</h2> <ul> <li> <p>Update <code>cargo-zigbuild@latest</code> to 0.20.1.</p> </li> <li> <p>Update <code>cargo-lambda@latest</code> to 1.8.6.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this project will be documented in this file.</p> <p>This project adheres to <a href="https://semver.org">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased]</h2> <h2>[2.57.5] - 2025-08-01</h2> <ul> <li>Update <code>vacuum@latest</code> to 0.17.7.</li> </ul> <h2>[2.57.4] - 2025-07-31</h2> <ul> <li>Update <code>trivy@latest</code> to 0.65.0.</li> </ul> <h2>[2.57.3] - 2025-07-31</h2> <ul> <li>Update <code>syft@latest</code> to 1.29.1.</li> </ul> <h2>[2.57.2] - 2025-07-29</h2> <ul> <li> <p>Update <code>grcov@latest</code> to 0.10.3.</p> </li> <li> <p>Update <code>cargo-shear@latest</code> to 1.4.1.</p> </li> </ul> <h2>[2.57.1] - 2025-07-27</h2> <ul> <li> <p>Update <code>git-cliff@latest</code> to 2.10.0.</p> </li> <li> <p>Update <code>cargo-binstall@latest</code> to 1.14.2.</p> </li> </ul> <h2>[2.57.0] - 2025-07-26</h2> <ul> <li>Support <code>mdbook-alerts</code>. (<a href="https://redirect.github.com/taiki-e/install-action/pull/1060">#1060</a>, thanks <a href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li> </ul> <h2>[2.56.24] - 2025-07-25</h2> <ul> <li>Update <code>just@latest</code> to 1.42.4.</li> </ul> <h2>[2.56.23] - 2025-07-24</h2> <ul> <li>Update <code>release-plz@latest</code> to 0.3.139.</li> </ul> <h2>[2.56.22] - 2025-07-24</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="d31232495a"><code>d312324</code></a> Release 2.57.5</li> <li><a href="00ad1b8748"><code>00ad1b8</code></a> Update <code>vacuum@latest</code> to 0.17.7</li> <li><a href="e8c1cf74a6"><code>e8c1cf7</code></a> Release 2.57.4</li> <li><a href="f5b10fbf06"><code>f5b10fb</code></a> Update <code>trivy@latest</code> to 0.65.0</li> <li><a href="17ad3887d7"><code>17ad388</code></a> Release 2.57.3</li> <li><a href="450b647d5c"><code>450b647</code></a> Update <code>syft@latest</code> to 1.29.1</li> <li><a href="bbdef1c33c"><code>bbdef1c</code></a> Release 2.57.2</li> <li><a href="c01bd8006a"><code>c01bd80</code></a> Update <code>grcov@latest</code> to 0.10.3</li> <li><a href="658daa5fc2"><code>658daa5</code></a> Update <code>cargo-shear@latest</code> to 1.4.1</li> <li><a href="a416ddeedb"><code>a416dde</code></a> Release 2.57.1</li> <li>Additional commits viewable in <a href="https://github.com/taiki-e/install-action/compare/v2.55.3...d31232495ad76f47aad66e3501e47780b49f0f3e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:05:00 +00:00
dependabot[bot]	54e6edaf1b	build(deps): bump docker/metadata-action from 5.7.0 to 5.8.0 (#10092) ... Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.7.0 to 5.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/metadata-action/releases">docker/metadata-action's releases</a>.</em></p> <blockquote> <h2>v5.8.0</h2> <ul> <li>New <code>is_not_default_branch</code> global expression by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/535">docker/metadata-action#535</a></li> <li>Allow to match part of the git tag or value for semver/pep440 types by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/536">docker/metadata-action#536</a> <a href="https://redirect.github.com/docker/metadata-action/pull/537">docker/metadata-action#537</a></li> <li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/523">docker/metadata-action#523</a></li> <li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/526">docker/metadata-action#526</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/metadata-action/pull/533">docker/metadata-action#533</a></li> <li>Bump moment-timezone from 0.5.47 to 0.6.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/525">docker/metadata-action#525</a></li> <li>Bump semver from 7.7.1 to 7.7.2 in <a href="https://redirect.github.com/docker/metadata-action/pull/524">docker/metadata-action#524</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0">https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c1e51972af"><code>c1e5197</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/537">#537</a> from crazy-max/pep440-match</li> <li><a href="89dd65a569"><code>89dd65a</code></a> chore: update generated content</li> <li><a href="699ee45cf1"><code>699ee45</code></a> allow to match part of the git tag or value for pep440 type</li> <li><a href="e0542a6360"><code>e0542a6</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/536">#536</a> from crazy-max/semver-match</li> <li><a href="b7facdfcef"><code>b7facdf</code></a> chore: update generated content</li> <li><a href="81c60dfb8b"><code>81c60df</code></a> allow to match part of the git tag or value for semver type</li> <li><a href="de1119515d"><code>de11195</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/535">#535</a> from crazy-max/not_def_branch</li> <li><a href="2f9c64b1b1"><code>2f9c64b</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/533">#533</a> from docker/dependabot/npm_and_yarn/form-data-2.5.5</li> <li><a href="510f746975"><code>510f746</code></a> chore: update generated content</li> <li><a href="2bc3f4e0f1"><code>2bc3f4e</code></a> is_not_default_branch global expression</li> <li>Additional commits viewable in <a href="902fa8ec7d...c1e51972af">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:04:27 +00:00
dependabot[bot]	f0a8eee164	build(deps): bump the react group in /rust/gui-client with 5 updates (#10089) ... Bumps the react group in /rust/gui-client with 5 updates: | Package | From | To | | --- | --- | --- | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.1.0` | `19.1.1` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.1.8` | `19.1.9` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.1.0` | `19.1.1` | | [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `19.1.6` | `19.1.7` | | [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.7.0` | `7.7.1` | Updates `react` from 19.1.0 to 19.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>19.1.1 (July 28, 2025)</h2> <h3>React</h3> <ul> <li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a href="https://redirect.github.com/facebook/react/pull/33680">#33680</a> by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react's changelog</a>.</em></p> <blockquote> <h2>19.1.1 (July 28, 2025)</h2> <h3>React</h3> <ul> <li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a href="https://redirect.github.com/facebook/react/pull/33680">#33680</a> by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="87e33ca2b7"><code>87e33ca</code></a> Set release versions to 19.1.1</li> <li><a href="5a1eb6f61a"><code>5a1eb6f</code></a> fix: rename bottom stack frame (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/33680">#33680</a>)</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.1.1/packages/react">compare view</a></li> </ul> </details> <br /> Updates `@types/react` from 19.1.8 to 19.1.9 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `react-dom` from 19.1.0 to 19.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react-dom's releases</a>.</em></p> <blockquote> <h2>19.1.1 (July 28, 2025)</h2> <h3>React</h3> <ul> <li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a href="https://redirect.github.com/facebook/react/pull/33680">#33680</a> by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react-dom's changelog</a>.</em></p> <blockquote> <h2>19.1.1 (July 28, 2025)</h2> <h3>React</h3> <ul> <li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a href="https://redirect.github.com/facebook/react/pull/33680">#33680</a> by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="87e33ca2b7"><code>87e33ca</code></a> Set release versions to 19.1.1</li> <li><a href="b793948e15"><code>b793948</code></a> Bump next prerelease version numbers (<a href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/32782">#32782</a>)</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.1.1/packages/react-dom">compare view</a></li> </ul> </details> <br /> Updates `@types/react-dom` from 19.1.6 to 19.1.7 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare view</a></li> </ul> </details> <br /> Updates `react-router` from 7.7.0 to 7.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/releases">react-router's releases</a>.</em></p> <blockquote> <h2>v7.7.1</h2> <p>See the changelog for release notes: <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v771">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v771</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md">react-router's changelog</a>.</em></p> <blockquote> <h2>7.7.1</h2> <h3>Patch Changes</h3> <ul> <li>In RSC Data Mode, fix bug where routes with errors weren't forced to revalidate when <code>shouldRevalidate</code> returned false (<a href="https://redirect.github.com/remix-run/react-router/pull/14026">#14026</a>)</li> <li>In RSC Data Mode, fix <code>Matched leaf route at location &quot;/...&quot; does not have an element or Component</code> warnings when error boundaries are rendered. (<a href="https://redirect.github.com/remix-run/react-router/pull/14021">#14021</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="4eb1fd1d3f"><code>4eb1fd1</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14068">#14068</a>)</li> <li><a href="929f77311a"><code>929f773</code></a> chore: Update version for release (pre) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14051">#14051</a>)</li> <li><a href="d2f6396e43"><code>d2f6396</code></a> Add jsdocs for useOutletContext from main</li> <li><a href="ea1cd40dca"><code>ea1cd40</code></a> docs: minor updates (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14038">#14038</a>)</li> <li><a href="433872f6ab"><code>433872f</code></a> Force revalidation of RSC routes with errors (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14026">#14026</a>)</li> <li><a href="3fdce65c72"><code>3fdce65</code></a> Fix RSC outlet fallback warnings on error (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14021">#14021</a>)</li> <li><a href="15e9a9eca9"><code>15e9a9e</code></a> chore: format</li> <li><a href="5bbbc9db06"><code>5bbbc9d</code></a> docs(api): add some extra reference links (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13985">#13985</a>)</li> <li><a href="b95cf3ff1b"><code>b95cf3f</code></a> Add JSDocs for RSC apis (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14019">#14019</a>)</li> <li><a href="3acd610339"><code>3acd610</code></a> docs(api): Fix doc examples that are missing async (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14017">#14017</a>)</li> <li>Additional commits viewable in <a href="https://github.com/remix-run/react-router/commits/react-router@7.7.1/packages/react-router">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:03:51 +00:00
dependabot[bot]	960df4242c	build(deps): bump the tauri group in /rust/gui-client with 2 updates (#10087) ... Bumps the tauri group in /rust/gui-client with 2 updates: [@tauri-apps/api](https://github.com/tauri-apps/tauri) and [@tauri-apps/cli](https://github.com/tauri-apps/tauri). Updates `@tauri-apps/api` from 2.6.0 to 2.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s releases</a>.</em></p> <blockquote> <h2><code>@​tauri-apps/api</code> v2.7.0</h2> <!-- raw HTML omitted --> <pre><code>No known vulnerabilities found </code></pre> <!-- raw HTML omitted --> <h2>[2.7.0]</h2> <h3>New Features</h3> <ul> <li><a href="232265c70e"><code>232265c70</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13209">#13209</a> by <a href="https://www.github.com/tauri-apps/tauri/../../kandrelczyk"><code>@​kandrelczyk</code></a>) Added <code>getBundleType</code> to the app module.</li> </ul> <h3>Enhancements</h3> <ul> <li><a href="96391467e9"><code>96391467e</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13783">#13783</a> by <a href="https://www.github.com/tauri-apps/tauri/../../JosephBrooksbank"><code>@​JosephBrooksbank</code></a>) Allow events emitted with <code>emit</code> to be handled correctly by <code>listen</code> callbacks when in a mocked environment</li> </ul> <h3>Bug Fixes</h3> <ul> <li><a href="152d971bcd"><code>152d971bc</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13744">#13744</a> by <a href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>) Expose <code>unregisterCallback</code>, <code>runCallback</code>, <code>callbacks</code> in <code>mockIPC</code></li> <li><a href="b821796add"><code>b821796ad</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13810">#13810</a> by <a href="https://www.github.com/tauri-apps/tauri/../../asdolo"><code>@​asdolo</code></a>) Add missing <code>trafficLightPosition</code> TypeScript type definition</li> </ul> <!-- raw HTML omitted --> <pre><code>&gt; @tauri-apps/api@2.7.0 npm-publish /home/runner/work/tauri/tauri/packages/api &gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access public --loglevel silly --no-git-checks <p>&gt; <code>@​tauri-apps/api</code><a href="https://github.com/2"><code>@​2</code></a>.7.0 build /home/runner/work/tauri/tauri/packages/api &gt; rollup -c --configPlugin typescript</p> <p> ./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts, ./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts, ./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts, ./src/window.ts → ./dist, ./dist... created ./dist, ./dist in 1.5s  src/index.ts → ../../crates/tauri/scripts/bundle.global.js... created ../../crates/tauri/scripts/bundle.global.js in 1.8s npm verbose cli /opt/hostedtoolcache/node/20.19.3/x64/bin/node /opt/hostedtoolcache/node/20.19.3/x64/bin/npm npm info using npm@10.8.2 npm info using node@v20.19.3 npm silly config load:file:/opt/hostedtoolcache/node/20.19.3/x64/lib/node_modules/npm/npmrc npm silly config load:file:/tmp/2aa98b41aabaf31df3a84589911580aa/.npmrc npm silly config load:file:/home/runner/work/_temp/.npmrc npm silly config load:file:/opt/hostedtoolcache/node/20.19.3/x64/etc/npmrc npm verbose title npm publish tauri-apps-api-2.7.0.tgz &lt;/tr&gt;&lt;/table&gt; </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="96439c2c42"><code>96439c2</code></a> chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm audit</li> <li><a href="ab97f36b64"><code>ab97f36</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li> <li><a href="6a4451bcd9"><code>6a4451b</code></a> fix(windows): isolation pattern create iframe loop (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li> <li><a href="56277e4722"><code>56277e4</code></a> chore(deps): update napi to v3 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li> <li><a href="7a6fd5b75d"><code>7a6fd5b</code></a> fix(bundler): Move AppRun to mirror (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li> <li><a href="7f3c989111"><code>7f3c989</code></a> feat(tauri): add <code>plugin_boxed</code> methods (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13837">#13837</a>)</li> <li><a href="bda8304107"><code>bda8304</code></a> fix(cli): error out when migrating from v2 alpha (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13833">#13833</a>)</li> <li><a href="fb9d9c7fd1"><code>fb9d9c7</code></a> chore(readme): Update discord invite (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13836">#13836</a>)</li> <li><a href="8263b412c6"><code>8263b41</code></a> chore(deps): update dependency rollup to v4.45.1 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13831">#13831</a>)</li> <li><a href="3025d90951"><code>3025d90</code></a> feat: expose some window props from runtime-wry (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13822">#13822</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.6.0...@tauri-apps/api-v2.7.0">compare view</a></li> </ul> </details> <br /> Updates `@tauri-apps/cli` from 2.6.2 to 2.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s releases</a>.</em></p> <blockquote> <h2><code>@​tauri-apps/cli</code> v2.7.1</h2> <h2>[2.7.1]</h2> <h3>Dependencies</h3> <ul> <li>Upgraded to <code>tauri-cli@2.7.1</code></li> </ul> <h2><code>@​tauri-apps/cli</code> v2.7.0</h2> <h2>[2.7.0]</h2> <h3>New Features</h3> <ul> <li><a href="33d079392a"><code>33d079392</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13811">#13811</a> by <a href="https://www.github.com/tauri-apps/tauri/../../mhbagheri-99"><code>@​mhbagheri-99</code></a>) Allow runner configuration to be an object with cmd, cwd, and args properties. The runner can now be configured as <code>{ &quot;cmd&quot;: &quot;my_runner&quot;, &quot;cwd&quot;: &quot;/path&quot;, &quot;args&quot;: [&quot;--quiet&quot;] }</code> while maintaining backwards compatibility with the existing string format.</li> </ul> <h3>Enhancements</h3> <ul> <li><a href="232265c70e"><code>232265c70</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13209">#13209</a> by <a href="https://www.github.com/tauri-apps/tauri/../../kandrelczyk"><code>@​kandrelczyk</code></a>) Binaries are patched before bundling to add the type of a bundle they will placed in. This information will be used during update process to select the correct target.</li> </ul> <h3>Bug Fixes</h3> <ul> <li><a href="916aeaa486"><code>916aeaa48</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13781">#13781</a> by <a href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>) Fixes Android dev and build commands reading <code>tauri.ios.conf.json</code> instead of <code>tauri.android.conf.json</code> to merge platform-specific configuration.</li> <li><a href="0f248b111f"><code>0f248b111</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13799">#13799</a> by <a href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>) Install iOS dependencies when needed.</li> <li><a href="7a6fd5b75d"><code>7a6fd5b75</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13863">#13863</a> by <a href="https://www.github.com/tauri-apps/tauri/../../FabianLars"><code>@​FabianLars</code></a>) The AppImage bundler now pulls the AppRun binaries from our GitHub mirror, fixing 404 errors.</li> <li><a href="bda8304107"><code>bda830410</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a> by <a href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>) Fail with an error when trying to migrate from v2 alpha</li> <li><a href="bda8304107"><code>bda830410</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a> by <a href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>) Use v2 stable instead of v2-rc when migrating from v2-beta</li> </ul> <h3>Dependencies</h3> <ul> <li>Upgraded to <code>tauri-cli@2.7.0</code></li> </ul> <h2><code>@​tauri-apps/cli</code> v2.6.3</h2> <h2>[2.6.3]</h2> <h3>Bug Fixes</h3> <ul> <li><a href="916aeaa486"><code>916aeaa48</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13781">#13781</a> by <a href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>) Fixes Android dev and build commands reading <code>tauri.ios.conf.json</code> instead of <code>tauri.android.conf.json</code> to merge platform-specific configuration.</li> <li><a href="0f248b111f"><code>0f248b111</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13799">#13799</a> by <a href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>) Install iOS dependencies when needed.</li> <li><a href="7a6fd5b75d"><code>7a6fd5b75</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13863">#13863</a> by <a href="https://www.github.com/tauri-apps/tauri/../../FabianLars"><code>@​FabianLars</code></a>) The AppImage bundler now pulls the AppRun binaries from our GitHub mirror, fixing 404 errors.</li> <li><a href="bda8304107"><code>bda830410</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a> by <a href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>) Fail with an error when trying to migrate from v2 alpha</li> <li><a href="bda8304107"><code>bda830410</code></a> (<a href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a> by <a href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>) Use v2 stable instead of v2-rc when migrating from v2-beta</li> </ul> <h3>Dependencies</h3> <ul> <li>Upgraded to <code>tauri-cli@2.7.0</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="fd63f229d5"><code>fd63f22</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13871">#13871</a>)</li> <li><a href="af95fb6014"><code>af95fb6</code></a> fix: sign main binary after patching with bundle info (fix <a href="https://redirect.github.com/tauri-apps/tauri/issues/13868">#13868</a>) (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13870">#13870</a>)</li> <li><a href="65bb24b9ae"><code>65bb24b</code></a> fix(cli): fix metadata version</li> <li><a href="332ec355a1"><code>332ec35</code></a> fix(cli): add default triplets to napi targets config</li> <li><a href="2c46b1873e"><code>2c46b18</code></a> chore(deps): update dependency eslint-config-prettier to v10.1.8 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13855">#13855</a>)</li> <li><a href="96439c2c42"><code>96439c2</code></a> chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm audit</li> <li><a href="ab97f36b64"><code>ab97f36</code></a> apply version updates (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li> <li><a href="6a4451bcd9"><code>6a4451b</code></a> fix(windows): isolation pattern create iframe loop (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li> <li><a href="56277e4722"><code>56277e4</code></a> chore(deps): update napi to v3 (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li> <li><a href="7a6fd5b75d"><code>7a6fd5b</code></a> fix(bundler): Move AppRun to mirror (<a href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.6.2...@tauri-apps/cli-v2.7.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:01:23 +00:00
dependabot[bot]	4926de9cf9	build(deps): bump dtolnay/rust-toolchain from a54c7afa936fefeb4456b2dd8068152669aa8203 to b3b07ba8b418998c39fb20f53e8b695cdcc8de1b in /.github/actions/setup-rust (#10093) ... Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) from a54c7afa936fefeb4456b2dd8068152669aa8203 to b3b07ba8b418998c39fb20f53e8b695cdcc8de1b. <details> <summary>Commits</summary> <ul> <li><a href="b3b07ba8b4"><code>b3b07ba</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/rust-toolchain/issues/152">#152</a> from dtolnay/trailingwhitespace</li> <li><a href="6ff96e92a9"><code>6ff96e9</code></a> Clean up trailing whitespace from PR 145</li> <li><a href="3038d437c0"><code>3038d43</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/rust-toolchain/issues/151">#151</a> from dtolnay/winrustup</li> <li><a href="d69c8f6cd5"><code>d69c8f6</code></a> Use rustup.rs advertised download URLs</li> <li><a href="c9b8f05fe9"><code>c9b8f05</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/rust-toolchain/issues/149">#149</a> from dtolnay/wincargohome</li> <li><a href="eceb16e78c"><code>eceb16e</code></a> Respect pre-existing CARGO_HOME on Windows</li> <li><a href="449259c7e2"><code>449259c</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/rust-toolchain/issues/150">#150</a> from dtolnay/githubpath</li> <li><a href="f36efbae07"><code>f36efba</code></a> Fix GITHUB_PATH</li> <li><a href="3d21cbbc39"><code>3d21cbb</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/rust-toolchain/issues/148">#148</a> from dtolnay/backslash</li> <li><a href="802126c77d"><code>802126c</code></a> Consistently use backslash directories on Windows</li> <li>Additional commits viewable in <a href="a54c7afa93...b3b07ba8b4">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-01 12:00:28 +00:00
Jamil	290b0c298f	fix(apple/ios): less aggressive setDns to avoid update loops (#10075) ... In https://github.com/firezone/firezone/pull/10022/files#diff-a84e8f62a17ac67f781019e6ac0456567fd18ffa7c13b3248609d78debb6480eL342 we removed the path connectivity filter that prevented path update loops on iOS. This was done to try and respond more aggressively to path updates in order to set system DNS resolvers, because we can't glean from the path's instance properties that any DNS configuration has changed - we simply have to assume so. Unfortunately, that caused an issue where we now enter a path update loop and effectively never fully bring the tunnel up. I've spent lots of time looking for a reliable work around that would allow us to both, (1) respond to path updates for DNS configuration changes on the system (we have to blindly react to these), and (2) avoid path update loops, but alas, without a significant time investment, there doesn't seem to be a way. So, we only set system resolvers on iOS in the path update handler if there was _also_ a detectable connectivity change, and settle on the assumption that **most** DNS configuration changes will be accompanied by a network connectivity change as well.	2025-08-01 06:20:24 +00:00
Thomas Eizinger	17a18fdfbb	feat(connlib): always use candidates in order of priority (#10063) ... To make things easier to debug, we enforce the order that candidates are processed in. We want candidates to be processed in the order of their inverse priority as higher priorities are better. For example, a host candidate has a higher priority than a relay candidate. This will make our logs more consistent because a `0-0` candidate pair is always a `host-host` pair. We enforce this with our own `IceCandidate` type which implements `PartialOrd` and `Ord`. This now moves the deserialisation for the portal messages to a `Deserialise` impl on this type. In order to ensure that a single faulty candidate doesn't invalidate the entire list, we use `serde_with` to skip over those elements that cannot be deserialised.	2025-08-01 01:57:29 +00:00
Thomas Eizinger	9b8efdcf08	chore(connlib): bump str0m (#10066) ... This bumps our str0m dependency to include improvements that I've been making to the logs: - https://github.com/algesten/str0m/pull/681 - https://github.com/algesten/str0m/pull/682	2025-08-01 01:55:56 +00:00
Thomas Eizinger	a7ba15c8c1	ci: test packet loss behaviour using download (#10067)	2025-08-01 01:55:02 +00:00
Jamil	54d91e2004	fix(portal): don't send reject_access for remaining flows (#10071) ... This fixes a simple logic bug where we were mistakenly reacting to a flow deletion event where flows still existed in the cache by sending `reject_access`. This fixes that bug, and adds more comprehensive logging to help diagnose issues like this more quickly in the future. This PR also fixes the following issues found during the investigation: - We were redundantly reacting to Token deletion in the channel pids. This is unnecessary: we send a global socket disconnect from the Token hook module instead. - We had a bug that would crash the WAL consumer if a "global" token (i.e. relay) was deleted or expired - these have no `account_id`. - We now always use `min(max(all_conforming_polices_expiration), token.expires_at)` when setting expiration on a new flow to minimize the possibility for access churn. - We now check to ensure the token and gateway are still undeleted when re-authorizing a given flow. This prevents us from failing to send `reject_access` when a token or gateway is deleted corresponding to a flow, but the other entities would have granted access. Related: https://firezone.statuspage.io/incidents/xrsm13tml3dh Related: #10068 Related: #9501	2025-08-01 00:03:00 +00:00
Thomas Eizinger	52a9079d6a	feat(snownet): use in-flight channels to relay data (#10062) ... In #7548, we added a feature to Firezone where TURN channels get bound on-demand as they are needed. To ensure many communication paths work, we also proactively bind them as soon as we receive a candidate from a remote. When a new remote candidate gets added, str0m forms pairs with all the existing local candidates and starts testing these candidate pairs. For local relay candidates, this means sending a channel data message from the allocation. At the moment, this results in the following pattern in the logs: ``` Received candidate from remote cid=20af9d29-c973-4d77-909a-abed5d7a0234 candidate=Candidate(relay=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759/udp raddr=[59A533B0D4D3CB3717FD3D655E1D419E1C9C0772]:0 prio=37492735) No channel to peer, binding new one active_socket=462A7A508E3C99875E69C2519CA020330A6004EC:3478 peer=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759 Already binding a channel to peer active_socket=Some(462A7A508E3C99875E69C2519CA020330A6004EC:3478) peer=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759 class=success response from=462A7A508E3C99875E69C2519CA020330A6004EC:3478 method=channel bind rtt=9.928424ms tid=042F52145848D6C1574BB997 ``` What happens here is: 1. We receive a new candidate and proactively bind a channel (this is a silent operation and therefore not visible in the logs). 2. str0m formed new pairs for these candidates and starts testing them, triggering a new channel binding because the previous one isn't completed yet. 3. We refuse to make another channel binding because we see that we already have one in-flight. 4. The channel binding succeeds. What we do now is: If we want to send data to a peer through a channel, we check whether we have a connected OR an in-flight channel and send it in both cases. If the channel binding is still in-flight, we therefore just pipeline the channel data message just after it. Chances are that - assuming no packet re-orderings on the network - by the time our channel data message arrives at the relay that binding is active and can be relayed. This allows the very first binding attempt from str0m to already succeed instead of waiting for the timeout and sending another binding request. In addition, it makes these logs less confusing.	2025-07-31 04:10:38 +00:00
Thomas Eizinger	e07e45ed29	chore(snownet): allow filtering TURN traffic in logs (#10061) ... Our TURN traffic is fairly minimal for this to be okay on DEBUG (instead of TRACE). However, it can be quite noisy when one is just scanning through the logs. Putting it on another target allows us to filter those out later. Note that these only concern the TURN control protocol. Channel data messages are separate from this and **not** logged.	2025-07-31 03:46:59 +00:00
Jamil	442a85ac15	fix(apple): reset network on wake from sleep (#10059) ... When a mac device goes to sleep, it typically does not turn off the WiFi radio. If the mac never leaves the network it was on upon sleep, then upon wake it will never receive a path update, and we would not have performed a connlib network reset. To fix this, we now properly detect a wake from sleep event and issue a network reset. Fixes #10056	2025-07-31 00:19:37 +00:00
Thomas Eizinger	5753b72a5e	chore(snownet): fix typo in PeerSocket formatting (#10049)	2025-07-30 22:58:22 +00:00
Jamil	f169746389	chore(portal): use local website url for versions in dev (#10057) ... When starting a local client with a local portal, this URL is hit and times out, causing noise in the local gateway log. In order to develop against this API in local dev, it might be better to use the local website URL as well.	2025-07-30 21:16:24 +00:00
Jamil	89f9a915c1	fix(ci): only tag latest on release (#10053) ... This fixes an issue introduced when we moved to GHCR hosting where the `latest` tag was being applied to each `main` build of the `client` and `gateway` instead of publish builds only.	2025-07-30 17:05:00 +00:00
Thomas Eizinger	551e687cc7	chore(rust): bump boringtun (#10052) ... This brings in https://github.com/firezone/boringtun/pull/109.	2025-07-30 16:14:38 +00:00
Thomas Eizinger	c07173006f	docs: describe version compatibility between components (#10041) ... First draft of documenting the versioning scheme that we have been following. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com>	2025-07-30 09:14:02 +00:00
Thomas Eizinger	47703b4029	docs(windows): mention installation via winget (#10042) ... Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com>	2025-07-30 06:12:27 +00:00
Thomas Eizinger	6c1c42ea22	chore(snownet): fix handle_timeout span (#10046) ... Spans only attach to logs of lower severity, i.e. a DEBUG span is only visible for DEBUG and TRACE statements. In order to see the connection ID here with our INFO statements, we need to make it an INFO span. Also, a span does nothing unless it is entered 🤦‍♂️	2025-07-30 03:12:11 +00:00
Thomas Eizinger	2166c49033	chore(windows): remove noisy AccessDenied errors (#10043) ... These don't really tell us much. It appears that Windows is sometimes failing to access the pipe but then succeeds on the next attempt, hence why we have the retry loop in the first place. Logging a warning here just spams Sentry unnecessarily.	2025-07-29 12:48:58 +00:00
Thomas Eizinger	69f9a03ee8	refactor(connlib): simplify IpPacket struct (#9795) ... With the removal of the NAT64/46 modules, we can now simplify the internals of our `IpPacket` struct. The requirements for our `IpPacket` struct are somewhat delicate. On the one hand, we don't want to be overly restrictive in our parsing / validation code because there is a lot of broken software out there that doesn't necessarily follow RFCs. Hence, we want to be as lenient as possible in what we accept. On the other hand, we do need to verify certain aspects of the packet, like the payload lengths. At the moment, we are somewhat too lenient there which causes errors on the Gateway where we have to NAT or otherwise manipulate the packets. See #9567 or #9552 for example. To fix this, we make the parsing in the `IpPacket` constructor more restrictive. If it is a UDP, TCP or ICMP packet, we attempt to fully parse its headers and validate the payload lengths. This parsing allows us to then rely on the integrity of the packet as part of the implementation. This does create several code paths that can in theory panic but in practice, should be impossible to hit. To ensure that this does in fact not happen, we also tackle an issue that is long overdue: Fuzzing. Resolves: #6667 Resolves: #9567 Resolves: #9552	2025-07-29 04:42:57 +00:00
Thomas Eizinger	879f68cf73	refactor(connlib): use extract_if to expire resources (#10039) ... Rust 1.88 shipped a new std-function on `HashMap` to conditionally extract elements from a `HashMap`. This is handy for time-based expiry of resources on the Gateway.	2025-07-29 03:33:47 +00:00
Thomas Eizinger	5c3b15c1a9	chore(connlib): harmonise naming of IDs (#10038) ... When filtering through logs in Sentry, it is useful to narrow them down by context of a client, gateway or resource. Currently, these fields are sometimes called `client`, `cid`, `client_id` etc and the same for the Gateway and Resources. To make this filtering easier, name all of them `cid` for Client IDs, `gid` for Gateway IDs and `rid` for Resource IDs.	2025-07-29 03:33:09 +00:00
Thomas Eizinger	e9c74b1bfe	chore(connlib): treat Invalid Argument as unreachable hosts (#10037) ... These appear to happen on systems that e.g. don't have IPv6 support or where the destination cannot be reached. It is a bit of a catch-all but all the ones I am seeing in Sentry are false-positives. To reduce the noise a bit, we log these on DEBUG now.	2025-07-29 03:04:13 +00:00
Jamil	1763113511	test(ci): test 20% packet loss (#9846) ... Packet loss is a reality on the modern internet. Ideally, Firezone should be able to handle some level of packet loss and still function reliably, especially considering all of the UDP-based protocols we rely on. To test this, we set an extreme packet loss of 20% and perform a 10 MB download through Firezone. Doing so actually exposed a bug: For DNS resources, we need to set up the DNS resource NAT on the Gateway which happens through the p2p control protocol. This packet is resent at most every 2s but only if there are any other DNS queries. If we don't receive another DNS query but get traffic for the resource, we keep buffering those packets without trying to re-send the `AssignedIp`s packet.	2025-07-28 22:51:04 +00:00
dependabot[bot]	f79c822bba	build(deps): bump com.android.application from 8.10.1 to 8.11.1 in /kotlin/android in the com-android group (#9916) ... Bumps the com-android group in /kotlin/android with 1 update: com.android.application. Updates `com.android.application` from 8.10.1 to 8.11.1 [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-28 21:59:36 +00:00
Jamil	350a215fec	fix(docs): minor changelog typo fixes (#10036)	2025-07-28 21:39:26 +00:00
Thomas Eizinger	e81dc452f7	refactor(connlib): use a lock-free queue for the buffer pool (#9989) ... We use several buffer pools across `connlib` that are all backed by the same buffer-pool library. Within that library, we currently use another object-pool library to provide the actual pooling functionality. Benchmarking has shown that spend quite a bit of time (a few % of total CPU time), fighting for the lock to either add or remote a buffer from the pool. This is unnecessary. By using a queue, we can remove buffers from the front and add buffers at the back, both of which can be implemented in a lock-free way such that they don't contend. Using the well-known `crossbeam-queue` library, we have such a queue directly available. I wasn't able to directly measure a performance gain in terms of throughput. What we can measure though, is how much time we spend dealing with our buffer pool vs everything else. If we compare the `perf` outputs that were recorded during an `iperf` run each, we can see that we spend about 60% less time dealing with the buffer pool than we did before. |Before|After| |---|---| |<img width="1982" height="553" alt="Screenshot From 2025-07-24 20-27-50" src="https://github.com/user-attachments/assets/1698f28b-5821-456f-95fa-d6f85d901920" />|<img width="1982" height="553" alt="Screenshot From 2025-07-24 20-27-53" src="https://github.com/user-attachments/assets/4f26a2d1-03e3-4c0d-84da-82c53b9761dd" />| The number in the thousands on the left is how often the respective function was the currently executing function during the profiling run. Resolves: #9972	2025-07-28 21:39:11 +00:00
Thomas Eizinger	55304b3d2a	refactor(snownet): learn host candidates from TURN traffic (#9998) ... Presently, for each UDP packet that we process in `snownet`, we check if we have already seen this local address of ours and if not, add it to our list of host candidates. This is a safe way for ensuring that we consider all addresses that we receive data on as ones that we tell our peers that they should try and contact us on. Performance profiling has shown that hashing the socket address of each packet that is coming in is quite wasteful. We spend about 4-5% of our main thread time doing this. For comparison, decrypting packets is only about 30%. Most of the time, we will already know about this address and therefore, spending all this CPU time is completely pointless. At the same time though, we need to be sure that we do discover our local address correctly. Inspired by STUN, we therefore move this responsibility to the `allocation` module. The `allocation` module is responsible for interacting with our TURN servers and will yield server-reflexive and relay candidates as a result. It also knows, what the local address is that it received traffic on so we simply extend that to yield host candidates as well in addition to server-reflexive and relay candidates. On my local machine, this bumps us across the 3.5 Gbits/sec mark: ``` Connecting to host 172.20.0.110, port 5201 [ 5] local 100.93.174.92 port 57890 connected to 172.20.0.110 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 319 MBytes 2.67 Gbits/sec 18 548 KBytes [ 5] 1.00-2.00 sec 413 MBytes 3.46 Gbits/sec 4 884 KBytes [ 5] 2.00-3.00 sec 417 MBytes 3.50 Gbits/sec 4 1.10 MBytes [ 5] 3.00-4.00 sec 425 MBytes 3.56 Gbits/sec 415 785 KBytes [ 5] 4.00-5.00 sec 430 MBytes 3.60 Gbits/sec 154 820 KBytes [ 5] 5.00-6.00 sec 434 MBytes 3.64 Gbits/sec 251 793 KBytes [ 5] 6.00-7.00 sec 436 MBytes 3.66 Gbits/sec 123 811 KBytes [ 5] 7.00-8.00 sec 435 MBytes 3.65 Gbits/sec 2 788 KBytes [ 5] 8.00-9.00 sec 423 MBytes 3.55 Gbits/sec 0 1.06 MBytes [ 5] 9.00-10.00 sec 433 MBytes 3.63 Gbits/sec 8 1017 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-20.00 sec 8.21 GBytes 3.53 Gbits/sec 1728 sender [ 5] 0.00-20.00 sec 8.21 GBytes 3.53 Gbits/sec receiver iperf Done. ```	2025-07-28 21:38:39 +00:00
Thomas Eizinger	9c71026416	chore(connlib): gate more trace logs on debug_assertions (#10026) ... These are otherwise hit pretty often in the hot-path and slow packet routing down because tracing needs to evaluate whether it should log the statement.	2025-07-28 21:38:23 +00:00
Thomas Eizinger	1317bbb9e2	refactor(gui-client): replace tslink with tauri-specta (#10031) ... Despite still being in development, the `tauri-specta` project already proves to be quite useful. It allows us to generate TypeScript bindings for our commands and events, creating a type-safe contract between the frontend and the backend. For example, this ensures that the TypeScript code calls a command actually with the required parameters and thus avoids runtime failures. Similarly, the frontend can listen on type-safe events without having to use any magic strings.	2025-07-28 21:37:24 +00:00
Jamil	71c3450f98	chore(android): bump gradlew to 8.14.3 (#10033) ... This is needed to unblock #9916. Related: https://github.com/firezone/firezone/pull/9916	2025-07-28 21:37:07 +00:00
Firezone Bot	e6fc7e62da	chore: publish apple-client 1.5.5 (#10035)	2025-07-28 20:14:12 +00:00
Jamil	ef3ee3aba8	fix(portal): relax gateway group perms (#10034) ... This is hit by the client channel when a gateway group needs to be hydrated, which should only require "connect gateways" permissions.	2025-07-28 19:58:11 +00:00
Jamil	44a9691df5	refactor(portal): don't store account assoc on client (#10009) ... The full `account` struct is only used to render the client's interface, and doesn't need to be stored in the `client` struct when the `subject` struct already tracks it.	2025-07-28 16:24:58 +00:00
Jamil	4a448e5517	fix(portal): separate dev and runtime Oban configs (#10027) ... Oban includes its own configuration validation, which seems to prevent `runtime.exs` from overriding any compile-time options. This prevents us from using ENV vars to configure it, such as restricting job execution to `domain` nodes by setting `queues: []`. To fix that, we make sure to set Oban configuration in env-specific files `config/dev.exs` and `config/test.exs`, and at runtime for prod with `config/runtime.exs`. Fixes #10016	2025-07-28 15:13:52 +00:00
Firezone Bot	2309be11fc	chore: publish headless-client 1.5.2 (#10029)	2025-07-28 06:17:42 +00:00
Firezone Bot	cf40f4dd96	chore: publish gateway 1.4.14 (#10030)	2025-07-28 06:14:07 +00:00
Firezone Bot	7b8daf4074	chore: publish gui-client 1.5.6 (#10028)	2025-07-28 06:08:01 +00:00
Thomas Eizinger	fb9a142a9e	chore(snownet): add back span in handle_timeout (#10025) ... Whilst entering and leaving a span for every packet is very expensive, doing the same whenever we make timeout related changes is just fine. Thus, we re-introduce a span removed in #9949 but only for the `handle_timeout` function. This gives us the context of the connection ID for not just our own logs, but also the ones from `boringtun`.	2025-07-28 04:14:39 +00:00
Jamil	589d2bbf4b	fix(android): spawn shell to cargo (#10024) ... Unfortunately this seems to be a race condition with read or setting the path properly for this exec block. I've verified `cargo` is in the PATH, and have tried this on a fresh Mac with Android Studio (latest release version). Spawning cargo from `sh -c` fixes the issue.	2025-07-28 03:42:21 +00:00
Thomas Eizinger	bfa77bf7fc	chore(snownet): log connection ID in more places (#10023) ... With the removal of the span in #9949, we now need to explicitly log the connection ID in a few more places to have the necessary context.	2025-07-28 02:01:01 +00:00