The runner doing the Android builds is running out of disk space. Since
we don't use the emulator, adb, or other tools for the build, we can
save some space by not installing these.
Related: https://github.com/firezone/firezone/actions/runs/15742063800
To make releases even more smoother, this PR creates a bit of automation
that automatically bumps the versions in the `scripts/bump-versions.sh`
script and opens a PR for it.
To make our FFI layer between Android and Rust safer, we adopt the
UniFFI tool from Mozilla. UniFFI allows us to create a dedicated crate
(here `client-ffi`) that contains Rust structs annotated with various
attributes. These macros then generate code at compile time that is
built into the shared object. Using a dedicated CLI from the UniFFI
project, we can then generate Kotlin bindings from this shared object.
The primary motivation for this effort is memory safety across the FFI
boundary. Most importantly, we want to ensure that:
- The session pointer is not used after it has been free'd
- Disconnecting the session frees the pointer
- Freeing the session does not happen as part of a callback as that
triggers a cyclic dependency on the Rust side (callbacks are executed on
a runtime and that runtime is dropped as part of dropping the session)
To achieve all of these goals, we move away from callbacks altogether.
UniFFI has great support for async functions. We leverage this support
to expose a `suspend fn` to Android that returns `Event`s. These events
map to the current callback functions. Internally, these events are read
from a channel with a capacity of 1000 events. It is therefore not very
time-critical that the app reads from this channel. `connlib` will
happily continue even if the channel is full. 1000 events should be more
than sufficient though in case the host app cannot immediately process
them. We don't send events very often after all.
This event-based design has major advantages: It allows us to make use
of `AutoCloseable` on the Kotlin side, meaning the `session` pointer is
only ever accessed as part of a `use` block and automatically closed
(and therefore free'd) at the end of the block.
To communicate with the session, we introduce a `TunnelCommand` which
represents all actions that the host app can send to `connlib`. These
are passed through a channel to the `suspend fn` which continuously
listens for events and commands.
Resolves: #9499
Related: #3959
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
When working on the Swift codebase, I noticed that running the formatter
produced a massive diff. This PR re-formats the Swift code with `swift
format . --recursive --in-place` and adds a CI check to enforce it going
forward.
Resolves: #9534
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
- Adds a timeout to the required_checks workflow
- Expects all jobs to run, exiting the script early for main branch runs
- Adds `set -xe` so we catch script errors going forward
This CI run is running for over an hour, not sure which job it's waiting
on:
https://github.com/firezone/firezone/actions/runs/15565464294
When a CI job is running as part of a merge group, it's possible the
base ref is a few commits away if the merge queue has items in it. So we
update the fetch depth to 20.
We don't need to rebuild the Tauri clients every time we change Rust
code but we almost certainly want to rebuild them if we change any code
in the client itself so we can smoke test them.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
When evaluating the status of all required checks, we currently only look at the very first one. This is error prone and may result in `required-check` to be marked as successful too early. Instead of iterating through the list of jobs we have scheduled, we now instead look at all jobs that are running as part of the CI run. The idea here is:
- Any job that got started need to complete (one way or another)
- If _any_ job fails, we fail the required check
- If all jobs complete without a single failure, we pass the check
This plays well with "skipped" jobs which we sometimes have as part of CI.
This PR optimises our CI pipeline to only run workflows when certain
files change. To achieve this, we introduce a top-level `planner` job
that all other jobs primarily depend on. The `planner` job then computes
which other jobs to run and creates an output with a list of those.
Running only certain jobs is only the first half of the problem. The
second half is creating a dedicated job that we can mark as "required"
in GitHub. Without such a "required" check, the merge queue wouldn't
know, when a PR is good to be merged.
Jobs cannot have dynamic dependencies on other jobs. We therefore need
to emulate this by creating a polling loop that hits the GitHub API
every 10s and evaluates, whether all "required" jobs, i.e. the ones we
planned to run, have finished successfully.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Bumps
[getsentry/action-release](https://github.com/getsentry/action-release)
from 1.8.0 to 3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/releases">getsentry/action-release's
releases</a>.</em></p>
<blockquote>
<h2>3.1.1</h2>
<ul>
<li>fix: Only pass <code>urlPrefix</code> to sentry-cli if it's not
empty (<a
href="https://redirect.github.com/getsentry/action-release/issues/275">#275</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.0</h2>
<ul>
<li>feat: Add <code>release</code> and <code>release_prefix</code> in
favor of <code>version</code> and <code>version_prefix</code> (<a
href="https://redirect.github.com/getsentry/action-release/issues/273">#273</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>Input parameter <code>version</code> has been deprecated and will be
removed in a future version in favor of a newly introduced
<code>release</code> parameter.</p>
<p>Input parameter <code>version_prefix</code> has been deprecated and
will be removed in a future version in favor of a newly introduced
<code>release_prefix</code> parameter.</p>
<h2>3.0.0</h2>
<p>Version <code>3.0.0</code> contains breaking changes:</p>
<ul>
<li>feat(sourcemaps)!: Enable injecting debug ids by default (<a
href="https://redirect.github.com/getsentry/action-release/issues/272">#272</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>The action now automatically injects Debug IDs into your JavaScript
source files and source maps to ensure your stacktraces can be
properly un-minified.</p>
<p>This is a <strong>breaking change as it modifies your source
files</strong>. You can disable this behavior by setting <code>inject:
false</code>:</p>
<pre lang="yaml"><code>- uses: getsentry/action-release@v3
with:
environment: 'production'
sourcemaps: './dist'
inject: false
</code></pre>
<p>Read more about <a
href="https://docs.sentry.io/platforms/javascript/sourcemaps/troubleshooting_js/artifact-bundles/">Artifact
Bundles and Debug IDs here</a>.</p>
<h2>2.0.0</h2>
<blockquote>
<p>[!NOTE]<br />
This release contains no changes over <code>v1.10.4</code> and is just
meant to unblock users that have upgraded to <code>v2</code> before.</p>
<p>We <strong>recommend</strong> pinning to <code>v1</code>.</p>
</blockquote>
<p>Last week we pushed a <code>v2</code> branch that triggered
dependabot which treated it as a release.
This was not meant to be a release, but many users have upgraded to
<code>v2</code>.</p>
<p>This release will help unblock users that have upgraded to
<code>v2</code>.</p>
<p>Please see: <a
href="https://redirect.github.com/getsentry/action-release/issues/258">#258</a></p>
<h2>1.11.0</h2>
<ul>
<li>feat: Use hybrid docker/composite action approach (<a
href="https://redirect.github.com/getsentry/action-release/issues/265">#265</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>After receiving user feedback both on runtime and compatibility
issues for <code>1.10.0</code>
the action has been reworked to use a Docker based approach on Linux
runners, mimicking
<code>< 1.9.0</code> versions, while Mac OS and Windows runners will
follow the <code>1.10.0</code> approach
of installing <code>@sentry/cli</code> in the run step.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/action-release/blob/master/CHANGELOG.md">getsentry/action-release's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>3.1.1</h2>
<ul>
<li>fix: Only pass <code>urlPrefix</code> to sentry-cli if it's not
empty (<a
href="https://redirect.github.com/getsentry/action-release/issues/275">#275</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<h2>3.1.0</h2>
<ul>
<li>feat: Add <code>release</code> and <code>release_prefix</code> in
favor of <code>version</code> and <code>version_prefix</code> (<a
href="https://redirect.github.com/getsentry/action-release/issues/273">#273</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>Input parameter <code>version</code> has been deprecated and will be
removed in a future version in favor of a newly introduced
<code>release</code> parameter.</p>
<p>Input parameter <code>version_prefix</code> has been deprecated and
will be removed in a future version in favor of a newly introduced
<code>release_prefix</code> parameter.</p>
<h2>3.0.0</h2>
<p>Version <code>3.0.0</code> contains breaking changes:</p>
<ul>
<li>feat(sourcemaps)!: Enable injecting debug ids by default (<a
href="https://redirect.github.com/getsentry/action-release/issues/272">#272</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>The action now automatically injects Debug IDs into your JavaScript
source files and source maps to ensure your stacktraces can be
properly un-minified.</p>
<p>This is a <strong>breaking change as it modifies your source
files</strong>. You can disable this behavior by setting <code>inject:
false</code>:</p>
<pre lang="yaml"><code>- uses: getsentry/action-release@v3
with:
environment: 'production'
sourcemaps: './dist'
inject: false
</code></pre>
<p>Read more about <a
href="https://docs.sentry.io/platforms/javascript/sourcemaps/troubleshooting_js/artifact-bundles/">Artifact
Bundles and Debug IDs here</a>.</p>
<h2>1.11.0</h2>
<ul>
<li>feat: Use hybrid docker/composite action approach (<a
href="https://redirect.github.com/getsentry/action-release/issues/265">#265</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<p>After receiving user feedback both on runtime and compatibility
issues for <code>1.10.0</code>
the action has been reworked to use a Docker based approach on Linux
runners, mimicking
<code>< 1.9.0</code> versions, while Mac OS and Windows runners will
follow the <code>1.10.0</code> approach
of installing <code>@sentry/cli</code> in the run step.</p>
<h2>1.10.5</h2>
<h3>Various fixes & improvements</h3>
<ul>
<li>fix: Mark <code>GITHUB_WORKSPACE</code> a safe git directory (<a
href="https://redirect.github.com/getsentry/action-release/issues/260">#260</a>)
by <a
href="https://github.com/andreiborza"><code>@andreiborza</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="00ed2a6cc2"><code>00ed2a6</code></a>
release: 3.1.1</li>
<li><a
href="b7a5f0b042"><code>b7a5f0b</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="a154094c90"><code>a154094</code></a>
fix: Only pass <code>urlPrefix</code> to sentry-cli if it's not empty
(<a
href="https://redirect.github.com/getsentry/action-release/issues/275">#275</a>)</li>
<li><a
href="f176a77e46"><code>f176a77</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="560af2d7d6"><code>560af2d</code></a>
Merge branch 'release/3.1.0'</li>
<li><a
href="fa247637f7"><code>fa24763</code></a>
release: 3.1.0</li>
<li><a
href="3d9b620426"><code>3d9b620</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="40ae96fdd8"><code>40ae96f</code></a>
meta(changelog): Update changelog for 3.1.0 (<a
href="https://redirect.github.com/getsentry/action-release/issues/274">#274</a>)</li>
<li><a
href="647ee93e33"><code>647ee93</code></a>
chore: Set docker tag for master [skip ci]</li>
<li><a
href="7711b5c927"><code>7711b5c</code></a>
feat: Add <code>release</code> and <code>release_prefix</code> in favor
of <code>version</code> and `version_p...</li>
<li>Additional commits viewable in <a
href="1841d945ba...00ed2a6cc2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Dependabot doesn't look in composite dirs for workflows to bump deps on,
so here we try to tell it explicitly.
It's important we either fix this or move the affected steps back to
somewhere that can be managed by dependabot in order to remain compliant
with SOC2 controls.
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.52.4 to 2.52.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.52.6</h2>
<ul>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.56.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.1.</p>
</li>
</ul>
<h2>2.52.5</h2>
<ul>
<li>
<p>Update <code>typos@latest</code> to 1.33.1.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.1.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.52.6] - 2025-06-04</h2>
<ul>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.56.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.1.</p>
</li>
</ul>
<h2>[2.52.5] - 2025-06-03</h2>
<ul>
<li>
<p>Update <code>typos@latest</code> to 1.33.1.</p>
</li>
<li>
<p>Update <code>git-cliff@latest</code> to 2.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.1.</p>
</li>
</ul>
<h2>[2.52.4] - 2025-05-31</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>[2.52.3] - 2025-05-30</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
<h2>[2.52.2] - 2025-05-27</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>[2.52.1] - 2025-05-25</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1cefd1553b"><code>1cefd15</code></a>
Release 2.52.6</li>
<li><a
href="6741c847f5"><code>6741c84</code></a>
Update <code>cargo-udeps@latest</code> to 0.1.56</li>
<li><a
href="821228b8ca"><code>821228b</code></a>
Update <code>git-cliff@latest</code> to 2.9.1</li>
<li><a
href="7bf3bbf310"><code>7bf3bbf</code></a>
Release 2.52.5</li>
<li><a
href="fcb7f36651"><code>fcb7f36</code></a>
Update <code>typos@latest</code> to 1.33.1</li>
<li><a
href="84dd63d16a"><code>84dd63d</code></a>
Update <code>git-cliff@latest</code> to 2.9.0</li>
<li><a
href="4871b28862"><code>4871b28</code></a>
Update <code>cargo-shear@latest</code> to 1.3.1</li>
<li>See full diff in <a
href="735e593394...1cefd1553b">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Now that our infra-as-code is moved into another repo, we need a
mechanism to trigger the staging deploy. We can use
`repository_dispatch` for that, which allows us to trigger the staging
workflow by sending an HTTP API request that matches the configuration
of the `repository_dispatch` workflow trigger on that repo.
Related: https://github.com/firezone/infra/pull/36
Only ignoring these in the pre-commit check is not enough as that only
affects CI. Instead, by adding these directories to the
`.prettierignore` file, they are also ignored when prettier is invoked
to format files.
Bumps
[taiki-e/install-action](https://github.com/taiki-e/install-action) from
2.52.2 to 2.52.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.52.4</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>2.52.3</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<h2>[2.52.4] - 2025-05-31</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.12.6.</p>
</li>
<li>
<p>Update <code>wash@latest</code> to 0.42.0.</p>
</li>
</ul>
<h2>[2.52.3] - 2025-05-30</h2>
<ul>
<li>
<p>Update <code>cargo-nextest@latest</code> to 0.9.97.</p>
</li>
<li>
<p>Update <code>trivy@latest</code> to 0.63.0.</p>
</li>
<li>
<p>Update <code>protoc@latest</code> to 3.31.1.</p>
</li>
</ul>
<h2>[2.52.2] - 2025-05-27</h2>
<ul>
<li>Update <code>mdbook@latest</code> to 0.4.51.</li>
</ul>
<h2>[2.52.1] - 2025-05-25</h2>
<ul>
<li>
<p>Update <code>taplo@latest</code> to 0.10.0.</p>
</li>
<li>
<p>Update <code>mdbook@latest</code> to 0.4.50.</p>
</li>
<li>
<p>Update <code>deepsource@latest</code> to 0.9.0.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.3.0.</p>
</li>
</ul>
<h2>[2.52.0] - 2025-05-22</h2>
<ul>
<li>
<p>Support <code>trivy</code>. (<a
href="https://redirect.github.com/taiki-e/install-action/pull/970">#970</a>,
thanks <a
href="https://github.com/jayvdb"><code>@jayvdb</code></a>)</p>
</li>
<li>
<p>Update <code>syft@latest</code> to 1.26.1.</p>
</li>
<li>
<p>Update <code>rclone@latest</code> to 1.69.3.</p>
</li>
<li>
<p>Update <code>cargo-shear@latest</code> to 1.2.8.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="735e593394"><code>735e593</code></a>
Release 2.52.4</li>
<li><a
href="4f4abc772a"><code>4f4abc7</code></a>
Update <code>cargo-binstall@latest</code> to 1.12.6</li>
<li><a
href="a13cc1aa67"><code>a13cc1a</code></a>
Update <code>wash@latest</code> to 0.42.0</li>
<li><a
href="2ee2c006bb"><code>2ee2c00</code></a>
Release 2.52.3</li>
<li><a
href="5e38d7308e"><code>5e38d73</code></a>
Update <code>cargo-nextest@latest</code> to 0.9.97</li>
<li><a
href="14dbe17742"><code>14dbe17</code></a>
Update <code>trivy@latest</code> to 0.63.0</li>
<li><a
href="097a2e7fdd"><code>097a2e7</code></a>
Update <code>protoc@latest</code> to 3.31.1</li>
<li>See full diff in <a
href="84c20235be...735e593394">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[vedantmgoyal9/winget-releaser](https://github.com/vedantmgoyal9/winget-releaser)
from 3e78d7ff0f525445bca5d6a989d31cdca383372e to
19e706d4c9121098010096f9c495a70a7518b30f.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="19e706d4c9"><code>19e706d</code></a>
fix: pwsh doesn't sort sometimes (resolves <a
href="https://redirect.github.com/vedantmgoyal9/winget-releaser/issues/323">#323</a>)</li>
<li>See full diff in <a
href="3e78d7ff0f...19e706d4c9">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The latest release now also sorts workspace dependencies, as well as
different dependency sections. Keeping these things sorted reduces the
chances of merge conflicts when multiple PRs edit these files.
The frontend of the GUI client is written in TypeScript and communicates
with the backend via event listeners. Currently, we only have
type-safety within either of those parts of the codebase but not across
it. The payloads of these events are JSON-encoded. Any change to this
interface therefore needs to be applied on either end.
To avoid this, we add `tslink` to the GUI client which generates
TypeScript interfaces from Rust structs. We still check those into Git
into order to make local builds easy (otherwise every dev would have to
set `TSLINK_BUILD=true` on their machine). Our Tauri CI build already
has a check to ensure the Git workspace isn't modified after building so
any changes to these generated files will fail CI.
This adds a bit more type-safety to the codebase and makes refactorings
on the GUI client easier.
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.17.0 to 6.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.18.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> is now supported with <a
href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318d"><code>2634353</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1381">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e01"><code>c0432d2</code></a>
chore: update generated content</li>
<li><a
href="0bb1f27d6b"><code>0bb1f27</code></a>
set builder driver and endpoint attributes for dbc summary support</li>
<li><a
href="5f9dbf956c"><code>5f9dbf9</code></a>
chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.61.0 to
0.62.1</li>
<li><a
href="0788c444d8"><code>0788c44</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1375">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f4"><code>aa179ca</code></a>
e2e: remove GCR</li>
<li>See full diff in <a
href="1dc7386353...263435318d">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
