github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-28 10:18:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,903 Commits 1 Branch 0 Tags
271c4803576bd69bb001bd08adcd524684cdd67c
Commit Graph

1687 Commits

Author SHA1 Message Date
Thomas Eizinger
271c480357 fix(connlib): don't attempt to encrypt too large packets (#7263) 
When encrypting packets, we need to reserve a buffer within which
boringtun will encrypt the IP packet. Unfortunately, `boringtun` panics
if that buffer is not big enough which essentially brings all of
`connlib` down.

Really, we should never see a packet that is too large and ideally, we
enforce this at compile-time by creating different variants of
`IpPacket` that are sized accordingly. That is a large refactoring so
until then, we simply discard them instead of panicking.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2024-11-05 04:17:21 +00:00
Thomas Eizinger
269060669a fix(connlib): limit number of max buffered messages to portal (#7264) 
When we have connectivity issues to the portal, such as in #7254 or
#7200, messages will pile up in this buffer. In case Firezone is left
running for long enough, the connection will fail after a certain number
of retries. Often times though, the user will exit Firezone before that
because nothing is working.

We have to mitigate unbounded buffer growth anyway and clearing the
buffer gives us an opportunity to emit a warning which will send an
alert to Sentry, notifying us that something isn't working for a
particular customer.

Resolves: #6397.
 2024-11-05 03:51:14 +00:00
Thomas Eizinger
b3b9f08343 chore(clients): use custom log format also for log files (#7261) 
The custom, easier-to-read log format also needs to be applied to the
file logger.
 2024-11-04 23:54:53 +00:00
dependabot[bot]
a2828a217b build(deps): Bump thiserror from 1.0.64 to 1.0.68 in /rust (#7260) 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.64 to
1.0.68.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/thiserror/releases">thiserror's
releases</a>.</em></p>
<blockquote>
<h2>1.0.68</h2>
<ul>
<li>Handle incomplete expressions more robustly in format arguments,
such as while code is being typed (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/341">#341</a>,
<a
href="https://redirect.github.com/dtolnay/thiserror/issues/344">#344</a>)</li>
</ul>
<h2>1.0.67</h2>
<ul>
<li>Improve expression syntax support inside format arguments (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/335">#335</a>,
<a
href="https://redirect.github.com/dtolnay/thiserror/issues/337">#337</a>,
<a
href="https://redirect.github.com/dtolnay/thiserror/issues/339">#339</a>,
<a
href="https://redirect.github.com/dtolnay/thiserror/issues/340">#340</a>)</li>
</ul>
<h2>1.0.66</h2>
<ul>
<li>Improve compile error on malformed format attribute (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/327">#327</a>)</li>
</ul>
<h2>1.0.65</h2>
<ul>
<li>Ensure OUT_DIR is left with deterministic contents after build
script execution (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/325">#325</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8d06fb5549"><code>8d06fb5</code></a>
Release 1.0.68</li>
<li><a
href="372fd8a71a"><code>372fd8a</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/344">#344</a>
from dtolnay/binop</li>
<li><a
href="08f89925bf"><code>08f8992</code></a>
Disregard equality binop in fallback parser</li>
<li><a
href="d2a823d2ae"><code>d2a823d</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/343">#343</a>
from dtolnay/unnamed</li>
<li><a
href="b3bf7a6f69"><code>b3bf7a6</code></a>
Add logic to determine whether unnamed fmt arguments are present</li>
<li><a
href="490f9c017b"><code>490f9c0</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/342">#342</a>
from dtolnay/synfull</li>
<li><a
href="7daf1b169d"><code>7daf1b1</code></a>
Defer is_syn_full() call until first expression</li>
<li><a
href="c92ac9940b"><code>c92ac99</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/341">#341</a>
from dtolnay/parsescan</li>
<li><a
href="40a53f7f33"><code>40a53f7</code></a>
Interleave Expr parsing and scanning better</li>
<li><a
href="925f2dde77"><code>925f2dd</code></a>
Release 1.0.67</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/thiserror/compare/1.0.64...1.0.68">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=1.0.64&new-version=1.0.68)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-04 19:06:15 +00:00
dependabot[bot]
0fb121f75d build(deps): Bump tauri-plugin-shell from 2.0.1 to 2.0.2 in /rust (#7168) 
Bumps
[tauri-plugin-shell](https://github.com/tauri-apps/plugins-workspace)
from 2.0.1 to 2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases">tauri-plugin-shell's
releases</a>.</em></p>
<blockquote>
<h2>updater v2.0.2</h2>
<h2>[2.0.2]</h2>
<ul>
<li><a
href="a1a82208ed"><code>a1a82208</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/1873">#1873</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../lucasfernog"><code>@​lucasfernog</code></a>)
Downgrade MSRV to 1.77.2 to support Windows 7.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri-plugin-updater v2.0.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/updater)
    Packaged 28 files, 174.0KiB (87.1KiB compressed)
Uploading tauri-plugin-updater v2.0.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/updater)
    Uploaded tauri-plugin-updater v2.0.2 to registry `crates-io`
note: waiting for `tauri-plugin-updater v2.0.2` to be available at
registry `crates-io`.
You may press ctrl-c to skip waiting; the crate should be available
shortly.
   Published tauri-plugin-updater v2.0.2 at registry `crates-io`
</code></pre>
<!-- raw HTML omitted -->
<h2>dialog v2.0.2</h2>
<h2>[2.0.1]</h2>
<ul>
<li><a
href="2302c2db1c"><code>2302c2db</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/1910">#1910</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../Legend-Master"><code>@​Legend-Master</code></a>)
Fix <code>ask</code> and <code>confirm</code> not using system button
texts</li>
<li><a
href="aee14ed426"><code>aee14ed4</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/1892">#1892</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../nashaofu"><code>@​nashaofu</code></a>)
Set <code>save</code> dialog mime type from the <code>filters</code>
extensions on Android.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri-plugin-dialog v2.0.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/dialog)
    Packaged 48 files, 199.7KiB (90.5KiB compressed)
Uploading tauri-plugin-dialog v2.0.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/dialog)
    Uploaded tauri-plugin-dialog v2.0.2 to registry `crates-io`
note: waiting for `tauri-plugin-dialog v2.0.2` to be available at
registry `crates-io`.
You may press ctrl-c to skip waiting; the crate should be available
shortly.
   Published tauri-plugin-dialog v2.0.2 at registry `crates-io`
</code></pre>
<!-- raw HTML omitted -->
<h2>fs v2.0.2</h2>
<h2>[2.0.1]</h2>
<ul>
<li><a
href="ae8024565f"><code>ae802456</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/1950">#1950</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../amrbashir"><code>@​amrbashir</code></a>)
Improve performance of the <code>FileHandle.read</code> and
<code>writeTextFile</code> APIs.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3fd283121f"><code>3fd2831</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1909">#1909</a>)</li>
<li><a
href="ae8024565f"><code>ae80245</code></a>
perf(fs): improve <code>FileHandle.read</code> performance (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1950">#1950</a>)</li>
<li><a
href="2302c2db1c"><code>2302c2d</code></a>
fix(dialog): <code>ask</code> and <code>confirm</code> not using system
button texts (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1910">#1910</a>)</li>
<li><a
href="44c50c1275"><code>44c50c1</code></a>
chore(deps): update rust crate tauri to 2.0.4 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1952">#1952</a>)</li>
<li><a
href="415bf2abc3"><code>415bf2a</code></a>
chore(deps): update eslint monorepo to v9.13.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1951">#1951</a>)</li>
<li><a
href="36207a93f3"><code>36207a9</code></a>
chore(deps): update dependency <code>@​tauri-apps/cli</code> to v2.0.3
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1925">#1925</a>)</li>
<li><a
href="854754e10b"><code>854754e</code></a>
chore(deps): update dependency typescript-eslint to v8.10.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1949">#1949</a>)</li>
<li><a
href="1c2f137a8a"><code>1c2f137</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1929">#1929</a>)</li>
<li><a
href="8c67d44aef"><code>8c67d44</code></a>
refactor(store)!: more reworks (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1860">#1860</a>)</li>
<li><a
href="cfd48b3b2e"><code>cfd48b3</code></a>
feat: allow http calls without origin header (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/1941">#1941</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/os-v2.0.1...fs-v2.0.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri-plugin-shell&package-manager=cargo&previous-version=2.0.1&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-11-04 18:32:44 +00:00
Reactor Scram
7daa1a9ec3 chore(ci): build RPM package (#7190) 
Refs #6145 

This bundles aarch64 and x86_64 RPMs in CI and CD.

We'll need a 2nd PR to add everything to the changelog and knowledge
base, after the first release with RPMs is cut.
 2024-11-01 18:06:09 +00:00
dependabot[bot]
3137b528db build(deps-dev): Bump vite from 5.4.9 to 5.4.10 in /rust/gui-client (#7225) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 5.4.9 to 5.4.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.10</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v5.4.10/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.4.10/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.4.10 (2024-10-23)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/18367">#18367</a>,augment
hash for CSS files to prevent chromium erroring by loading previous fil
(<a
href="7d1a3bcc43">7d1a3bc</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/18367">#18367</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/18412">#18412</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5f52bc8b9e"><code>5f52bc8</code></a>
release: v5.4.10</li>
<li><a
href="7d1a3bcc43"><code>7d1a3bc</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/18367">#18367</a>,augment
hash for CSS files to prevent chromium erroring ...</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.4.10/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=5.4.9&new-version=5.4.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-01 16:36:00 +00:00
dependabot[bot]
209cf7ab35 build(deps-dev): Bump @tauri-apps/cli from 2.0.3 to 2.0.4 in /rust/gui-client (#7223) 
Bumps [@tauri-apps/cli](https://github.com/tauri-apps/tauri) from 2.0.3
to 2.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v2.0.4</h2>
<h2>[2.0.4]</h2>
<h3>Enhancements</h3>
<ul>
<li><a
href="e4c9268b19"><code>e4c9268b1</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/11258">#11258</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../regexident"><code>@​regexident</code></a>)
Support custom project directory structure where the Tauri app folder is
not a subfolder of the frontend project.
The frontend and Tauri app project paths can be set with the
<code>TAURI_FRONTEND_PATH</code> and the <code>TAURI_APP_PATH</code>
environment variables respectively.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.0.4</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1367ff5ec6"><code>1367ff5</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11373">#11373</a>)</li>
<li><a
href="fbb45c674c"><code>fbb45c6</code></a>
fix(api): broken <code>addPluginListener</code> implementation, closes
<a
href="https://redirect.github.com/tauri-apps/tauri/issues/8068">#8068</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11423">#11423</a>)</li>
<li><a
href="eb61d44f9f"><code>eb61d44</code></a>
feat(core): fallback to Window and AppHandle resource table on close (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11398">#11398</a>)</li>
<li><a
href="c8f55b615d"><code>c8f55b6</code></a>
feat(bundler): add <code>wix &gt; version</code> option (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11388">#11388</a>)</li>
<li><a
href="bd1b2a1e85"><code>bd1b2a1</code></a>
chore(deps) Update Tauri API Definitions (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/10807">#10807</a>)</li>
<li><a
href="37557ffa35"><code>37557ff</code></a>
chore(deps) Update Tauri CLI (dev) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/10808">#10808</a>)</li>
<li><a
href="6cd917c227"><code>6cd917c</code></a>
feat(core): add methods for predefined items with specific text on
`Menu/Subm...</li>
<li><a
href="8278a36318"><code>8278a36</code></a>
chore(deps) Update Rust crate uuid to v1.11.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11049">#11049</a>)</li>
<li><a
href="f8b559dacd"><code>f8b559d</code></a>
chore(deps) Update Rust crate windows-registry to 0.3.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11193">#11193</a>)</li>
<li><a
href="add09c8034"><code>add09c8</code></a>
chore(deps) Update Rust crate brotli to v7 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11195">#11195</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.0.3...@tauri-apps/cli-v2.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tauri-apps/cli&package-manager=npm_and_yarn&previous-version=2.0.3&new-version=2.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-01 16:35:18 +00:00
Thomas Eizinger
741553ebd0 chore(windows): log error when creating named pipe fails (#7203) 
I looked into this because of
https://firezone-inc.sentry.io/issues/6033906390. We only have a single
event there, i.e. it seems to have succeeded on the 2nd attempt.
Regardless, it would be useful to learn _why_ it failed. To do that, we
include the original error in the log statement.
 2024-11-01 16:32:53 +00:00
dependabot[bot]
3456800d13 build(deps): Bump @tauri-apps/api from 2.0.2 to 2.0.3 in /rust/gui-client (#7224) 
Bumps [@tauri-apps/api](https://github.com/tauri-apps/tauri) from 2.0.2
to 2.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v2.0.3</h2>
<!-- raw HTML omitted -->
<pre><code>No known vulnerabilities found
</code></pre>
<!-- raw HTML omitted -->
<h2>[2.0.3]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="fbb45c674c"><code>fbb45c674</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/11423">#11423</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fixes <code>addPluginListener</code> not working.</li>
</ul>
<h3>What's Changed</h3>
<ul>
<li><a
href="2e88633ba4"><code>2e88633ba</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/11369">#11369</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Remove references to no longer used
<code>__TAURI_INTERNALS__.metadata.windows</code> and
<code>__TAURI_INTERNALS__.metadata.webviews</code>.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&gt; @tauri-apps/api@2.0.3 npm-publish
/home/runner/work/tauri/tauri/packages/api
&gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access
public --loglevel silly --no-git-checks
<p>&gt; <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.0.3 build
/home/runner/work/tauri/tauri/packages/api
&gt; rollup -c --configPlugin typescript</p>
<p>
./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts,
./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts,
./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts,
./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.2s

src/index.ts →
../../crates/tauri/scripts/bundle.global.js...
created ../../crates/tauri/scripts/bundle.global.js in
1.8s
npm verbose cli /opt/hostedtoolcache/node/20.18.0/x64/bin/node
/opt/hostedtoolcache/node/20.18.0/x64/bin/npm
npm info using npm@10.8.2
npm info using node@v20.18.0
npm silly config
load:file:/opt/hostedtoolcache/node/20.18.0/x64/lib/node_modules/npm/npmrc
npm silly config load:file:/tmp/20a67e77a31c6f838c62e14ca76ea470/.npmrc
npm silly config load:file:/home/runner/work/_temp/.npmrc
npm silly config
load:file:/opt/hostedtoolcache/node/20.18.0/x64/etc/npmrc
npm verbose title npm publish tauri-apps-api-2.0.3.tgz
npm verbose argv &quot;publish&quot; &quot;--ignore-scripts&quot;
&quot;tauri-apps-api-2.0.3.tgz&quot; &quot;--access&quot;
&quot;public&quot; &quot;--loglevel&quot; &quot;silly&quot;
&quot;--no-git-checks&quot;
npm verbose logfile logs-max:10
dir:/home/runner/.npm/_logs/2024-10-20T13_48_18_437Z-
npm verbose logfile
/home/runner/.npm/_logs/2024-10-20T13_48_18_437Z-debug-0.log
npm verbose publish [ 'tauri-apps-api-2.0.3.tgz' ]
npm silly logfile done cleaning log files
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1367ff5ec6"><code>1367ff5</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11373">#11373</a>)</li>
<li><a
href="fbb45c674c"><code>fbb45c6</code></a>
fix(api): broken <code>addPluginListener</code> implementation, closes
<a
href="https://redirect.github.com/tauri-apps/tauri/issues/8068">#8068</a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11423">#11423</a>)</li>
<li><a
href="eb61d44f9f"><code>eb61d44</code></a>
feat(core): fallback to Window and AppHandle resource table on close (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11398">#11398</a>)</li>
<li><a
href="c8f55b615d"><code>c8f55b6</code></a>
feat(bundler): add <code>wix &gt; version</code> option (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11388">#11388</a>)</li>
<li><a
href="bd1b2a1e85"><code>bd1b2a1</code></a>
chore(deps) Update Tauri API Definitions (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/10807">#10807</a>)</li>
<li><a
href="37557ffa35"><code>37557ff</code></a>
chore(deps) Update Tauri CLI (dev) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/10808">#10808</a>)</li>
<li><a
href="6cd917c227"><code>6cd917c</code></a>
feat(core): add methods for predefined items with specific text on
`Menu/Subm...</li>
<li><a
href="8278a36318"><code>8278a36</code></a>
chore(deps) Update Rust crate uuid to v1.11.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11049">#11049</a>)</li>
<li><a
href="f8b559dacd"><code>f8b559d</code></a>
chore(deps) Update Rust crate windows-registry to 0.3.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11193">#11193</a>)</li>
<li><a
href="add09c8034"><code>add09c8</code></a>
chore(deps) Update Rust crate brotli to v7 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/11195">#11195</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.0.2...@tauri-apps/api-v2.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tauri-apps/api&package-manager=npm_and_yarn&previous-version=2.0.2&new-version=2.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-01 15:55:58 +00:00
Thomas Eizinger
5564e578fe fix(telemetry): flush sentry.io events in dedicated task (#7205) 
`sentry`'s transport layer appears to be using blocking IO for flushing
events. Performing blocking IO within a future that is running on a
worker-thread of tokio causes this operation to hang and eventually
time-out after 5 seconds. As a result, many events - especially traces -
don't get flushed to sentry when an app is being shut down.

To fix this, we make `Telemetry::stop` an `async fn` and offload the
flushing to a task on tokio's thread-pool for blocking IO.
 2024-11-01 15:52:09 +00:00
Thomas Eizinger
c48f3669c1 chore(gateway): log domain as field in dns resolution warning (#7204) 
Logging the `domain` as part of the log message makes Sentry think that
these are distinct errors when in fact it is the same error but for
different domains.

Resolves: #7199.
 2024-11-01 15:50:40 +00:00
dependabot[bot]
d27cceedda build(deps-dev): Bump @types/node from 22.7.5 to 22.8.6 in /rust/gui-client (#7222) 
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 22.7.5 to 22.8.6.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/node&package-manager=npm_and_yarn&previous-version=22.7.5&new-version=22.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-01 14:41:30 +00:00
Thomas Eizinger
88404c3148 chore: publish headless-client v1.3.5 (#7191) 
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-31 20:49:24 +00:00
Reactor Scram
a69f35505a chore(docs): fix platform support in README (#7201) 
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-10-31 19:59:29 +00:00
Thomas Eizinger
59412223cb chore: bump Android and Apple apps to next version (#7192) 
We are in the process of releasing these so we need to bump their
version to the next one.
 2024-10-31 14:24:33 +00:00
Thomas Eizinger
8c9c5aeb8c chore: publish GUI client 1.3.10 (#7195) 
We've successfully published release 1.3.10 for the GUI client:
https://github.com/firezone/firezone/releases/tag/gui-client-1.3.10.

This PR bumps the versions for development going forward.
 2024-10-31 14:22:13 +00:00
dependabot[bot]
34882eb689 build(deps): Bump etherparse from 0.15.0 to 0.16.0 in /rust (#7167) 
Bumps [etherparse](https://github.com/JulianSchmid/etherparse) from
0.15.0 to 0.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/JulianSchmid/etherparse/releases">etherparse's
releases</a>.</em></p>
<blockquote>
<h2>v0.16.0 Add IP Packet Defragmentation Support</h2>
<h2>What's Changed</h2>
<ul>
<li>typo by <a
href="https://github.com/ugur-a"><code>@​ugur-a</code></a> in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/106">JulianSchmid/etherparse#106</a></li>
<li>Add etherparse-defrag by <a
href="https://github.com/JulianSchmid"><code>@​JulianSchmid</code></a>
in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/92">JulianSchmid/etherparse#92</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ugur-a"><code>@​ugur-a</code></a> made
their first contribution in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/106">JulianSchmid/etherparse#106</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.15.0...v0.16.0">https://github.com/JulianSchmid/etherparse/compare/v0.15.0...v0.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/JulianSchmid/etherparse/blob/master/changelog.md">etherparse's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog:</h1>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93c7f0bb13"><code>93c7f0b</code></a>
Resolved clippy warnings</li>
<li><a
href="447c592aab"><code>447c592</code></a>
Increment proptest crate version</li>
<li><a
href="00c04f7dbe"><code>00c04f7</code></a>
Resolved clippy warning</li>
<li><a
href="b6d98e5100"><code>b6d98e5</code></a>
Extended tests for frag pool</li>
<li><a
href="0a58fa5e64"><code>0a58fa5</code></a>
Corrected fragment reconstruction</li>
<li><a
href="74739e5a4f"><code>74739e5</code></a>
Correct ip defrag pool new return type</li>
<li><a
href="c0741f51f3"><code>c0741f5</code></a>
Applying rust fmt &amp; add return_buf to ip defrag pool</li>
<li><a
href="31c8e84f4b"><code>31c8e84</code></a>
Update proptest and mark some tests as not relevant for miri</li>
<li><a
href="29894ab462"><code>29894ab</code></a>
Further work on defragmentation</li>
<li><a
href="9464a0f363"><code>9464a0f</code></a>
Adapt readme to defrag module</li>
<li>Additional commits viewable in <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.15.0...v0.16.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=etherparse&package-manager=cargo&previous-version=0.15.0&new-version=0.16.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-31 04:46:57 +00:00
dependabot[bot]
0dd93fcfe6 build(deps): Bump tokio from 1.40.0 to 1.41.0 in /rust (#7169) 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.40.0 to 1.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/tokio/releases">tokio's
releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.41.0</h2>
<h1>1.41.0 (Oct 22th, 2024)</h1>
<h3>Added</h3>
<ul>
<li>metrics: stabilize <code>global_queue_depth</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6854">#6854</a>,
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6918">#6918</a>)</li>
<li>net: add conversions for unix <code>SocketAddr</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6868">#6868</a>)</li>
<li>sync: add <code>watch::Sender::sender_count</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6836">#6836</a>)</li>
<li>sync: add <code>mpsc::Receiver::blocking_recv_many</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6867">#6867</a>)</li>
<li>task: stabilize <code>Id</code> apis (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6793">#6793</a>,
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6891">#6891</a>)</li>
</ul>
<h3>Added (unstable)</h3>
<ul>
<li>metrics: add H2 Histogram option to improve histogram granularity
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6897">#6897</a>)</li>
<li>metrics: rename some histogram apis (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6924">#6924</a>)</li>
<li>runtime: add <code>LocalRuntime</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6808">#6808</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>runtime: box futures larger than 16k on release mode (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6826">#6826</a>)</li>
<li>sync: add <code>#[must_use]</code> to <code>Notified</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6828">#6828</a>)</li>
<li>sync: make <code>watch</code> cooperative (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6846">#6846</a>)</li>
<li>sync: make <code>broadcast::Receiver</code> cooperative (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6870">#6870</a>)</li>
<li>task: add task size to tracing instrumentation (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6881">#6881</a>)</li>
<li>wasm: enable <code>cfg_fs</code> for <code>wasi</code> target (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6822">#6822</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>net: fix regression of abstract socket path in unix socket (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6838">#6838</a>)</li>
</ul>
<h3>Documented</h3>
<ul>
<li>io: recommend <code>OwnedFd</code> with <code>AsyncFd</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6821">#6821</a>)</li>
<li>io: document cancel safety of <code>AsyncFd</code> methods (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6890">#6890</a>)</li>
<li>macros: render more comprehensible documentation for
<code>join</code> and <code>try_join</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6814">#6814</a>,
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6841">#6841</a>)</li>
<li>net: fix swapped examples for <code>TcpSocket::set_nodelay</code>
and <code>TcpSocket::nodelay</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6840">#6840</a>)</li>
<li>sync: document runtime compatibility (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6833">#6833</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/6793">#6793</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6793">tokio-rs/tokio#6793</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6808">#6808</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6808">tokio-rs/tokio#6808</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6810">#6810</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6810">tokio-rs/tokio#6810</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6814">#6814</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6814">tokio-rs/tokio#6814</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6821">#6821</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6821">tokio-rs/tokio#6821</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6822">#6822</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6822">tokio-rs/tokio#6822</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6826">#6826</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6826">tokio-rs/tokio#6826</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6828">#6828</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6828">tokio-rs/tokio#6828</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6833">#6833</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6833">tokio-rs/tokio#6833</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6836">#6836</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6836">tokio-rs/tokio#6836</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6838">#6838</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6838">tokio-rs/tokio#6838</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6840">#6840</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/6840">tokio-rs/tokio#6840</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="01e04daaa1"><code>01e04da</code></a>
chore: prepare Tokio v1.41.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6917">#6917</a>)</li>
<li><a
href="92ccadeb3c"><code>92ccade</code></a>
runtime: fix stability feature flags for docs (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6909">#6909</a>)</li>
<li><a
href="fbfeb9a68a"><code>fbfeb9a</code></a>
metrics: rename <code>*_poll_count_*</code> to
<code>*_poll_time_*</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6924">#6924</a>)</li>
<li><a
href="da745ff335"><code>da745ff</code></a>
metrics: add H2 Histogram option to improve histogram granularity (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6897">#6897</a>)</li>
<li><a
href="ce1c74f1cc"><code>ce1c74f</code></a>
metrics: fix deadlock in injection_queue_depth_multi_thread test (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6916">#6916</a>)</li>
<li><a
href="28c9a14a2e"><code>28c9a14</code></a>
metrics: rename <code>injection_queue_depth</code> to
<code>global_queue_depth</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6918">#6918</a>)</li>
<li><a
href="32e0b4325f"><code>32e0b43</code></a>
ci: freeze FreeBSD and wasm-unknown-unknown on rustc 1.81 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6911">#6911</a>)</li>
<li><a
href="1656d8e231"><code>1656d8e</code></a>
sync: add <code>mpsc::Receiver::blocking_recv_many</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6867">#6867</a>)</li>
<li><a
href="c9e998e4b3"><code>c9e998e</code></a>
ci: print the correct sort order of the dictionary on failure (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6905">#6905</a>)</li>
<li><a
href="512e9decfb"><code>512e9de</code></a>
rt: add LocalRuntime (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6808">#6808</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-1.40.0...tokio-1.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.40.0&new-version=1.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-31 04:45:09 +00:00
Reactor Scram
51250faa0d chore(telemetry): make the firezone device ID a context not a tag (#7179) 
Closes #7175 

Also fixes a bug with the initialization order of Tokio and Sentry.

Previously:
1. Start Tokio, executor threads inherit main thread context
2. Load device ID and set it on the main telemetry hub

Now:
1. Load device ID and set it on the main telemetry hub
2. Start Tokio, executor threads inherit main thread context

The context and possibly tags didn't seem to propagate from the main hub
if we set them after the worker threads spawned.

Based on this understanding, the IPC service process is still wrong, but
a fix will have to wait, because telemetry in the IPC service is more
complicated than in the GUI process.

<img width="818" alt="image"
src="https://github.com/user-attachments/assets/9c9efec8-fc55-4863-99eb-5fe9ba5b36fa">
 2024-10-30 21:27:17 +00:00
Jamil
e9b2e4735a ci: Publish Gateway 1.4.0 (#7187) 
Publish the 1.4.0 release so it's available at `/api/releases` and will
send upgrade Gateway notifications.
 2024-10-30 20:44:33 +00:00
Thomas Eizinger
7213eb823d fix(rust): fallback to CARGO_PKG_VERSION if git is unavailable (#7188) 
When building inside a docker container, like we do for the
headless-client and gateway, the `.git` directory is not available.
Thus, determining what our current version is fails and gets reported as
"unknown". We are now also using this for Sentry which is not very
helpful if all errors are categorised under the same version.

In case somebody builds a gateway / client from source, we will have the
full version available. Most users will use our docker containers
though, meaning the version will only always be for a full release.

Resolves: #7184.
 2024-10-30 17:42:44 +00:00
Thomas Eizinger
b7bef6d062 chore(rust): use new try_send APIs in quinn-udp (#7185) 
With the recent lobbying effort in `quinn-udp`, we were able to get
`try_send` APIs for the UDP socket that doesn't silence any errors while
sending datagrams. Originally, the reasoning in `quinn-udp` was that
because UDP is an unreliable protocol anyway, errors don't need to be
surfaced because there must be upper-level mechanisms for retrying
messages. Whilst that is true, getting immediate feedback that something
isn't working can also be very beneficial. For example, if you don't
have proper IPv6 connectivity on a socket, the syscall will immediately
fail with `DestinationUnreachable`.

Within Firezone, we use these UDP sockets to send all kinds of messages,
including DNS queries to upstream servers. In case that doesn't work,
failing instantly allows us to send a SERVFAIL error back to the OS
right away instead of having to wait for a timeout.

Additionally, `quinn-udp` logs these send errors on WARN which cause
unnecessary noise in Sentry.

Resolves: #6353.
 2024-10-30 16:17:52 +00:00
Reactor Scram
14c9e2b2d5 chore(ci): use Vite bundler correctly in GUI smoke test (#7181) 
Closes #7171 

If the assets aren't bundled, Tauri will warn about it in `tracing`,
that will get sent to Sentry, and then it will be interpreted as an
error.

Timeline to prove that this fixes the false positive error in Sentry,
all times UTC on October 29th:

- 21:01:26 - Most recent events in Sentry as of 21:20:19
- 21:11:09 - Restarted CI while CD is quiet
- 21:14:01 - First smoke test begins
- 21:19:39 - Last smoke test ends
 2024-10-30 14:44:19 +00:00
Thomas Eizinger
e0d82eef27 fix(connlib): correctly categorise CI environment in Sentry (#7173) 2024-10-30 14:11:06 +00:00
Thomas Eizinger
de2afb23be chore: exclude noisy crates from Sentry breadcrumbs (#7189) 2024-10-30 14:09:43 +00:00
Gabi
dc97b9040d fix(connlib): large upstream dns message (#7183) 
If edns0 doesn't work correctly DNS servers might respond with messages
bigger than our maximum udp size.

In that case we need to truncate those messages when forwarding the
respond back to the interface and expect the OS to retry with TCP.

Otherwise we aren't able to allocate a packet big enough for this.

Fixes #7121

---------

Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-30 04:02:14 +00:00
Thomas Eizinger
7037830b19 chore(connlib): submit DEBUG events as breadcrumbs (#7177) 
This should give us much more context for a particular error without
having to bother a customer with sending us the logs / digging for them
ourselves in our staging or production environment.

Resolves: #7176.
 2024-10-29 23:39:07 +00:00
Thomas Eizinger
a2c9d148ac chore(gateway): bump version to 1.4.0 (#7090) 
In order to release #6941, we need to bump the gateway's version to
1.4.0. The portal has a version gate that only allows connection clients
which have version >= 1.4.0. Thus, in order to test #6941 on staging,
the version must not yet be bumped and is thus split out into this PR.
 2024-10-29 23:20:46 +00:00
Thomas Eizinger
62c29705cf chore(connlib): sort DSNs alphabetically (#7178) 2024-10-29 20:37:15 +00:00
Thomas Eizinger
1d9802f2e4 fix(connlib): don't add host candidates multiple times (#7172) 
We introduced a boolean bug in #7163 that causes us to attempt to add
host candidates much more often than necessary. This spams the logs on
DEBUG level but was otherwise not harmful.
 2024-10-29 15:13:40 +00:00
Thomas Eizinger
f7a388345b fix(connlib): reconnect in case we lose all relays (#7164) 
During normal operation, we should never lose connectivity to the set of
assigned relays in a client or gateway. In the presence of odd network
conditions and partitions however, it is possible that we disconnect
from a relay that is in fact only temporarily unavailable. Without an
explicit mechanism to retrieve new relays, this means that both clients
and gateways can end up with no relays at all. For clients, this can be
fixed by either roaming or signing out and in again. For gateways, this
can only be fixed by a restart!

Without connected relays, no connections can be established. With #7163,
we will at least be able to still establish direct connections. Yet,
that isn't good enough and we need a mechanism for restoring full
connectivity in such a case.

We creating a new connection, we already sample one of our relays and
assign it to this particular connection. This ensures that we don't
create an excessive amount of candidates for each individual connection.
Currently, this selection is allowed to be silently fallible. With this
PR, we make this a hard-error and bubble up the error that all the way
to the client's and gateway's event-loop. There, we initiate a reconnect
to the portal as a compensating action. Reconnecting to the portal means
we will receive another `init` message that allows us to reconnect the
relays.

Due to the nature of this implementation, this fix may only apply with a
certain delay from when we actually lost connectivity to the last relay.
However, this design has the advantage that we don't have to introduce
an additional state within `snownet`: Connections now simply fail to
establish and the next one soon after _should_ succeed again because we
will have received a new `init` message.

Resolves: #7162.
 2024-10-29 01:01:47 +00:00
Thomas Eizinger
046b9e0cd4 refactor(connlib): track srvflx candidates separately (#7163) 
As part of maintaining an allocation, we also perform STUN with our
relays to discover our server-reflexive address. At the moment, these
candidates are scoped to an `Allocation`. This is unnecessarily
restrictive. Similar to host candidates, server-reflexive candidate
entirely depend on the socket you send data from and are thus
independent of the allocation's state.

During normal operation, this doesn't really matter because all relay
traffic is sent through the same sockets so all `Allocation`s end up
with the same server-reflexive candidates. Where this does matter is
when we disconnect from relay's for one reason or another (for example:
#7162). The fact that all but host-candidates are scoped to
`Allocation`s means that without `Allocation`s, we cannot make any new
connections, not even direct ones. This is unnecessarily restrictive and
causes bugs within `Allocation` to have a bigger blast radius than
necessary.

With this PR, we keep server-reflexive candidates in the same set as
host candidates. This allows us to at least establish direct connections
in case something is wrong with the relays or our state tracking of
relays on the client side.
 2024-10-28 16:57:41 +00:00
Thomas Eizinger
1f7a0430b7 chore(rust): record tracing WARNs as Sentry exceptions (#7166) 
It appears that I have misunderstood the documentation of
`sentry-tracing`. When a message gets logged as an event (rather than an
"exception") `std::error::Error`s attached as tracing `Value`s do not
get recorded. It doesn't really matter whether we record our events as
exceptions or messages. We should ideally look at all of them and
particularly noisy ones can be muted forever in Sentry so we don't end
up in a "boy who cried wolf" situation. Therefore, this PR changes our
event filter to also submit WARNs as exceptions to make sure they get
logged accordingly.

Resolves: #7161.
Related: https://github.com/getsentry/sentry-rust/issues/702.
 2024-10-28 14:07:42 +00:00
Thomas Eizinger
c48c33d935 chore(gateway): lower "Tunnel error" to debug (#7165) 
This is spamming Sentry and we have almost reached our rate limit for
the amounts of events ingested.
 2024-10-28 14:04:49 +00:00
Thomas Eizinger
8e107b0d65 chore: don't wake Node on idle connections (#7149) 
In order to make Firezone more mobile-friendly, waking up the CPU less
often is key. In #6845, we introduced a low-power mode into `snownet`
that sends STUN messages on a longer interval if the connection is idle.
Whilst poking around `boringtun` as part integrating our fork into the
main codebase, I noticed that we are updating `boringtun`'s timers every
second - even on idle connections.

This PR applies the same idea of #6845 to the timers within `Node`: Idle
connections get "woken" less and if all connections are idle, we avoid
waking the `Node` altogether (unless we need to refresh allocations /
channels).

Calling `handle_timeout` less often revealed an issue in the tests where
we didn't fully process the state changes after invalidating a candidate
from the remote. To fix this, we now call `handle_timeout` directly
after `{add,remove}_remote_candidate`. This isn't super clean because at
first glance, it looks like `handle_timeout` should just be part of the
add/remove candidate function. It is quite common for sans-IO designs to
require calling `handle_timeout` after state has been changed. In
`{Client,Server}Node`, we do it implicitely so that we don't have to do
it in the tests and the event-loop.

It would be great to test this in some automated fashion but I haven't
figured out how yet. I did temporarily add an `info!` log to the
event-loop of the client and with this patch applied, the entire
event-loop goes to sleep on idle connections. It still does get woken
every now and then but no longer every second!
 2024-10-25 00:21:06 +00:00
Thomas Eizinger
82fcad0a3b refactor(rust): only send telemetry spans to Sentry (#7153) 
With the introduction of the `tracing-sentry` integration in #7105, we
started sending tracing spans to Sentry. By default, all spans with
level INFO and above get sampled at the configured rate and sent to
Sentry.

This results in a lot of useless transaction in Sentry because we use
INFO level spans in multiple places in connlib to attach contextual
information like the current connection ID.

This PR introduces the concept of `telemetry` spans which - similar to
the `telemetry` log target in #7147 - qualifies a span for being sent to
Sentry. By convention, these are also defined as requiring the TRACE
level. This ensures we won't ever see them as part of regular log
output.
 2024-10-24 20:25:26 +00:00
Thomas Eizinger
5cf105f073 chore(android): start telemetry together with connlib session (#7151) 
As a first step for integration Sentry into the Android app, we launch
the Sentry Rust agent as soon as a `connlib` session starts up. At a
later point, we can also integrate Sentry into the Android app itself
using the Java / Kotlin SDK.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-24 20:03:06 +00:00
Thomas Eizinger
c12a02e348 chore(apple): start telemetry together with connlib session (#7152) 
This starts up telemetry together with each `connlib` session. At a
later point, we can also integrate the native Swift SDK into the MacOS /
iOS app to catch non-connlib specific problems.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2024-10-24 19:59:52 +00:00
Reactor Scram
4fe4001760 chore(rust/gui-client): migrate to Tauri v2 (#6996) 
Closes #4883 

Refs #7005 

Adds support for Ubuntu 24.04, drops support for Ubuntu 20.04

Known issues:
- On Ubuntu 22.04, sometimes GNOME shows the wrong tray icon
- On Ubuntu 24.04, the first time you open the tray menu, GNOME takes a
long time to open the menu.

---------

Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
 2024-10-24 16:31:28 +00:00
Thomas Eizinger
5f91259d31 chore(rust): capture backtraces for panics (#7133) 
Sentry by default has an integration to capture stacktraces for panics,
we just need to enable it. Here is what this looks like:
https://firezone-inc.sentry.io/issues/6013299023

Resolves: #7132.
 2024-10-24 14:18:40 +00:00
Thomas Eizinger
45a36ea190 chore: categorise docker-compose env in Sentry (#7128) 
Resolves: #7125.
 2024-10-24 14:08:31 +00:00
Thomas Eizinger
12ca4f1cc7 chore(connlib): introduce telemetry log target (#7147) 
With #7105, all ERROR events from `tracing` get logged as exceptions in
Sentry and all WARN events get logged as "messages". We don't want to
fill up the user's harddrive with logs which means we have to be
somewhat conservative, what gets logged on INFO and above (with INFO
being the default log level). There are certain events though where it
would be useful to know, how often they happen because too many of them
can indicate a problem.

To solve this problem, we introduce a dedicated `telemetry` log target
that the tracing-sentry integration layer watches for. Events for the
`telemetry` log target that gets logged on TRACE will be sampled at a
rate of 1% and submitted as messages to Sentry.
 2024-10-24 01:24:45 +00:00
Thomas Eizinger
58a770a857 chore(connlib): bump severity of several logs (#7140) 
Now that we have Sentry integrated with `tracing`, using `warn!` logs a
bit more liberally allows us to detect edge-cases that customers might
run into.

All the logs touched in this PR represent some kind of problem that it
would be good to know about.
 2024-10-24 01:01:30 +00:00
Thomas Eizinger
80c5b0df71 refactor(connlib): replace LogUnwrap with macros (#7138) 
Using a trait means the call-site of the log message will always be the
`log_unwrap` module, despite the `#[track_caller]` annotation. That one
only works for `std::panic::Location` unfortunately which `tracing`
isn't using.

Macros will be evaluated earlier and thus the messages will show up with
the correct module name.
 2024-10-23 23:44:23 +00:00
Thomas Eizinger
8b62f63065 chore(connlib): respond with empty records to HTTPS query (#7141) 
Applications may query domains for HTTPS RR using the HTTPS record type.
`connlib` operates on OSI layer 3 and thus can only hand out IPs for the
particular domains. The correct way to signal this to applications is to
answer the HTTPS query with NOERROR and return an empty set of records.


[RFC9460](https://www.rfc-editor.org/rfc/rfc9460.html#name-client-behavior)
says the following:

> 4. If one or more "compatible" ([Section
8](https://www.rfc-editor.org/rfc/rfc9460.html#mandatory)) ServiceMode
records are returned, these represent the alternative endpoints. Sort
the records by ascending SvcPriority.
> 5. Otherwise, SVCB resolution has failed, and the list of available
endpoints is empty.

This implies that returning no records is valid behaviour and forces the
client to consider the HTTPS DNS query as failed and query for A / AAAA
records instead (if it didn't do so via happy-eyeballs already).
 2024-10-23 23:28:20 +00:00
Thomas Eizinger
2ca91a3b1a chore(connlib): remove old mock feature (#7142) 
This is so stale, it definitely needs to go in the bin.
 2024-10-23 16:30:15 +00:00
Thomas Eizinger
6eecfc0cfb fix: replace panics with Result for IP packets (#7135) 
My theory for this issue is that we receive a UDP DNS response from an
upstream server that is bigger than our MTU and thus forwarding it
fails.

This PR doesn't fix that issue by itself but only mitigates the actual
panic. To properly fix the underlying issue, we need to parse the DNS
message. Truncate it and set the TC bit.

Related: #7121.
 2024-10-23 16:25:12 +00:00
Thomas Eizinger
ee30368970 refactor(connlib): simplify error handling on crash (#7134) 
The `fmt::Display` implementation of `tokio::task::JoinError` already
does exactly what we do here: Extracting the panic message if there is
one. Thus, we can simplify this code why just moving the `JoinError`
into the `DisconnectError` as its source.
 2024-10-23 16:13:39 +00:00
Thomas Eizinger
582e919929 test(connlib): don't generate IPs in sentinel range (#7139) 
Fixes: #7137.
 2024-10-23 06:42:40 +00:00