github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,017 Commits 1 Branch 0 Tags
2f43bb9110796da2dfcd0f5913ff53c8d3922e11
Commit Graph

2223 Commits

Author SHA1 Message Date
Thomas Eizinger
f51fd53708 chore(eBPF): use RangeInclusive::contains again (#8812) 
Now that we have figured out what the problem was with the eBPF kernel
not routing certain packets, we can undo the manual implementation of
the allocation range checking again and use the more concise
`RangeInclusive::contains`.

Related: #8809
Related: #8807
 2025-04-18 15:49:23 +00:00
Thomas Eizinger
492e54efaa build(rust): bump network-types to v0.0.8 (#8811) 
This new release includes several patches we have made upstream that
allow us to remove some of the vendored types from the crate. All fields
that we access from `network-types` are now stored as byte-arrays and
thus retain the big-endian byte ordering from the network.

Resolves: #8686
Related: https://github.com/vadorovsky/network-types/pull/34
Related: https://github.com/vadorovsky/network-types/pull/36
Related: https://github.com/vadorovsky/network-types/pull/38
 2025-04-18 15:21:14 +00:00
Thomas Eizinger
c52d88f421 fix(relay): stateless encoding/decoding (#8810) 
The STUN message encoder & decoder from `stun_codec` are stateful
operations. However, they only operate on one datagram at the time. If
encoding or decoding fails, their internal state is corrupted and must
be discarded. At present, this doesn't happen which leads to further
failures down the line because new datagrams coming in cannot be
correctly decoded.

To fix this, we scope the stateful nature of these encoders and decoders
to their respective functions.

Resolves: #8808
 2025-04-18 15:12:46 +00:00
Thomas Eizinger
96e739439b fix(relay): remove Config caching (#8809) 
In #8650, we originally added a feature-flag for toggling the eBPF TURN
router on and off at runtime. This later got removed again in #8681.
What remained was a "caching system" of the config that the eBPF kernel
and user space share with each other.
This config was initialised to the default configuration. If the
to-be-set config was the same as the current config, the config would
not actually apply to the array that was shared with the eBPF kernel.

At the time, we assumed that, if the config was not set in the kernel,
the lookup in the array would yield `None` and we would fall back to the
`Default` implementation of `Config`. This assumption was wrong. It
appears that look-ups in the array always yield an element: all zeros.
Initialising our config with all zeros yields the following:


![image](https://github.com/user-attachments/assets/6556f32d-8cff-4fba-aa29-f9ac7349ace6)

Of course, if this range is not initialised correctly, we can never
actually route packets arriving on allocation ports and with UDP
checksumming turned off, all packets routed the other way will have an
invalid checksum and therefore be dropped by the receiving host.

Our integration test did not catch this because in there, we purposely
disable UDP checksumming. That meant that the "caching" check in the
`ebpf::Program` did not trigger and we actually did set a `Config` in
the array, therefore initialising the allocation port range correctly
and allowing the packet to be routed.

To fix this, we remove this caching check again which means every
`Config` we set on the eBPF program actually gets copied to the shared
array. Originally, this caching check was introduced to avoid a syscall
on every event-loop iteration as part of checking the feature-flag. Now
that the feature-flag has been removed, we don't need to have this cache
anymore.
 2025-04-18 13:50:42 +00:00
Thomas Eizinger
4ade88b1b1 fix(eBPF): implement "is port in allocation range" ourselves (#8807) 
I am suspecting that something is wrong with the check that a port is
indeed within that range. Thus, we now implemented this ourselves with
two simple conditions.
 2025-04-18 06:43:33 +00:00
Thomas Eizinger
c5c195f282 chore(eBPF): change error log-levels (#8805) 
Neither of the moved error cases should happen very often so it is fine
to log them on debug.

- `Error::NotTurn` only happens if we receive a UDP packet that isn't
STUN traffic (port 3478) or not in the allocation-port range. I am
suspecting there to be a bug that I am aiming to fix in #8804.
- `Error::NotAChannelDataMessage` will happen for all STUN control
traffic, like channel bindings, allocation requests, etc. Those only
happen occasionally so won't spam too much.
- `Ipv4PacketWithOptions` should basically not happen at all because -
as far as I know - IPv4 options aren't used a lot.

In any case, when debugging, it is useful to see when we do hit these
cases to know, why a packet was offloaded to user space.
 2025-04-18 04:55:43 +00:00
Thomas Eizinger
0079f76ebd fix(eBPF): store allocation port-range in big-endian (#8804) 
Any communication between user-space and the eBPF kernel happens via
maps. The keys and values in these maps are serialised to bytes, meaning
the endianness of how these values are encoded matters!

When debugging why the eBPF kernels were not performing as much as we
thought they would, I noticed that only very small packets were getting
relayed. In particular, only packets encoded as channel-data packets
were getting unwrapped correctly. The reverse didn't happen at all.
Turning the log-level up to TRACE did reveal that we do in fact see
these packets but they don't get handled.

Here is the relevant section that handles these packets:


74ccf8e0b2/rust/relay/ebpf-turn-router/src/main.rs (L127-L151)

We can see the `trace!` log in the logs and we know that it should be
handled by the first `if`. But for some reason it doesn't.

x86 systems like the machines running in GCP are typically
little-endian. Network-byte ordering is big-endian. My current theory is
that we are comparing the port range with the wrong endianness and
therefore, this branch never gets hit, causing the relaying to be
offloaded to user space.

By storing the fields within `Config` in byte-arrays, we can take
explicit control over which endianness is used to store these fields.
 2025-04-18 04:51:40 +00:00
Jamil
a2e32a4918 ci: Bump apple to 1.4.10 to ship PKG (#8797) 
This publishes the 1.4.10 permalinks for the PKG download.
 2025-04-17 15:13:44 +00:00
Thomas Eizinger
38dedb8275 feat(relay): allow controlling log-level at runtime (#8800) 
When debugging issues with the relays on GCP, it is useful to be able to
change the log-level at runtime without having to redeploy them. We can
achieve this by running an additional HTTP server as part of the relay
that response to HTTP POST requests that contain new logging directives.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-17 13:22:12 +00:00
Thomas Eizinger
4a39d5eafb chore(connlib): log malformed IP packets (#8799) 
When determining, how to NAT a certain packet, we need to identify
whether it is a UDP, TCP or ICMP packet and extract the relevant port or
identifier from it. When parsing these packets, we may run into a
situation where the IP number says that the packet is TCP but it is
actually malformed and we cannot parse the port from it.

In such situations, we end up constructing a `UnsupportedProtocol` error
that then confusingly states the we don't support the TCP protocol (or
UDP / ICMP if those are malformed).

The parsing error here is currently silently discarded as part of the
`.ok()` combinator when constructing the relevant slice. To make these
logs easier to understand, we now add an `inspect_err` call prior to
this the prints, why the packet could not be parsed.

Long-term, I am planning to refactor our IP packet model to eagerly
parse the layer 3 + 4 headers. This will also be necessary to implement
segmentation offloading on the TUN device. Doing so will improve
situations like because we will either pass through the malformed packet
(if at least the header is intact) or drop it much earlier already. In
either case, accessing things like port numbers will be infallible as
part of the processing code.
 2025-04-17 04:27:21 +00:00
Jamil
aab691a67f ci: Release Apple clients 1.4.9 (#8793) 
These contain the recent UDP thread enhancements.
 2025-04-15 20:14:43 +00:00
Jamil
743f5fdfeb ci: bump clients/gateway to ship write improvements (#8792) 
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-04-15 06:21:23 +00:00
Thomas Eizinger
901207b274 chore(rust): remove stale error context (#8787) 
Minor oversight from #8783. We accidentally retained this `.context`
even though there are now multiple error paths from the `Eventloop`, not
just portal connection errors.
 2025-04-14 20:35:11 -07:00
Thomas Eizinger
5ca61a3e3d fix(connlib): disable apple-fast-datapath on quinn-udp (#8784) 
There appears to be a regression on the most recent MacOS release (15.4)
where we can no longer set `src_ip` on outgoing datagrams for IPv6
sockets. In order to unblock the upcoming release, disable the
`fast-apple-datapath` feature until we know how to fix it.

Related: https://github.com/quinn-rs/quinn/issues/2206
Resolves: #8779
 2025-04-15 03:14:04 +00:00
Thomas Eizinger
7f5a81cc5a chore(rust-ffi): log non-authentication errors on error (#8785) 
In the FFI layer, it is tricky to decide what we should do with errors.
On the one hand, logging and returning errors is an anti-pattern because
it may lead to duplicate logs. In this particular case however, it is
useful to log the error on the Rust side because it allows our Sentry
integration to capture and include the DEBUG logs prior to this one
which may add crucial context.
 2025-04-15 02:28:09 +00:00
Thomas Eizinger
7c2163ddf4 fix(connlib): fail event-loops if UDP threads stop (#8783) 
The UDP socket threads added in #7590 are designed to never exit. UDP
sockets are stateless and therefore any error condition on them should
be isolated to sending / receiving a particular datagram. It is however
possible that code panics which will shut down the threads
irrecoverably. In this unlikely event, `connlib`'s event-loop would keep
spinning and spam the log with "UDP socket stopped". There is no good
way on how we can recover from such a situation automatically, so we
just quit `connlib` in that case and shut everything down.

To model this new error path, we refactor the `DisconnectError` to be
internally backed by `anyhow`.
 2025-04-15 02:27:37 +00:00
Thomas Eizinger
d693904063 chore(connlib): include total length of GSO batch in error msg (#8776) 
At present, we assume that we can send datagrams with the full 65535
bytes as the payload. If that were ever to fail, we are going to receive
a Sentry alert about it. For that one to be meaningful, include the
total length of the batch in the error message.
 2025-04-14 12:50:19 +00:00
Thomas Eizinger
b3746b330f refactor(connlib): spawn dedicated threads for UDP sockets (#7590) 
Correctly implementing asynchronous IO is notoriously hard. In order to
not drop packets in the process, one has to ensure a given socket is
ready to accept packets, buffer them if it is not case, suspend
everything else until the socket is ready and then continue.

Until now, we did this because it was the only option to run the UDP
sockets on the same thread as the actual packet processing. That in turn
was motivated by wanting to pass around references of the received
packets for processing. Rust's borrow-checker does not allow to pass
references between threads which forced us to have the sockets on the
same thread as the packet processing.

Like we already did in other places in `connlib`, this can be solved
through the use of buffer pools. Using a buffer pool, we can use heap
allocations to store the received packets without having to make a new
allocation every time we read new packets. Instead, we can have a
dedicated thread that is connected to `connlib`'s packet processing
thread via two channels (one for inbound and one for outbound packets).
These channels are bounded, which ensures backpressure is maintained in
case one of the two threads lags behind. These bounds also mean that we
have at most N buffers from the buffer pool in-flight (where N is the
capacity of the channel).

Within those dedicated threads, we can then use `async/await` notation
to suspend the entire task when a socket isn't ready for sending.

Resolves: #8000
 2025-04-14 06:18:06 +00:00
Thomas Eizinger
be897ed6c5 chore(gateway): require 4 cores to spawn more TUN threads (#8775) 
By default, we spawn 1 TUN send and 1 TUN receive thread on the Gateway.
In addition to that, we also have the main processing thread that
encrypts and decrypts packets. With #7590, we will be separating out the
UDP send and receive operations into yet another thread. As a result, we
will have at a minimum 4 threads running that perform IO or important
work.

Thus, in order to benefit from TUN multi-queue, we need more than 4
cores to be able to efficiently parallelise work.

Related: #8769
 2025-04-14 01:18:40 +00:00
Thomas Eizinger
859aa3cee0 feat(connlib): add context to event-loop errors (#8773) 
This should make it easier to diagnose any error returned from the
event-loop.
 2025-04-14 00:07:27 +00:00
Thomas Eizinger
19d954c76c fix(connlib): prioritise GSO batches with smaller segments (#8772) 
In order to implement GSO in `connlib`, we opted for an approach where
packets of the same length are being appended to a buffer. Each of these
buffers is the sent to the kernel in a single syscall, which drastically
decreases the per-packet overhead of syscalls and therefore improves
performance.

Within `connlib` itself, we prioritise control-protocol associated
packets over tunnel traffic. The idea here is that even under high-load,
we want to ensure that STUN probes between the peers and to the relays
are sent in a timely manner. Failing to send these probes results in a
false-positive detection of a lost connection because the `connlib`'s
internal state uses timeouts to detect such situations.

Despite processing the packets itself in a timely manner, it is still
possible that they get delayed depending on which order the get flushed
to the socket. This order is currently non-deterministic because
`GsoQueue` uses a `HashMap` internally and when accessing the
batched-together datagrams, we just access it via `iter_mut`.

To fix this, we use a `BTreeMap` instead and explicitly define the `Key`
to start with the `segment_size` field. As a result, entries within the
`BTreeMap` will be sorted ascending by `segment_size` (i.e. the size of
individual packets within the batch). Packets of smaller size are more
likely to be control messages like STUN binding requests or TURN
messages to the relays for managing allocations.

By sorting the map explicitly, we ensure that if the UDP socket is ready
to send, we flush out these messages first before moving on to bigger
packets such as the ones containing (more likely) WireGuard data
messages.
 2025-04-14 00:04:39 +00:00
Thomas Eizinger
d560eb00fd chore(rust): remove resolved duplicated dependency exclusion (#8766) 
We no longer have multiple versions of `tauri-winrt-notification` in our
dependency tree and can therefore remove this exclusion rule.

To ensure that we don't forget to update these in the future, we now
deny the `unnecessary-skip` lint that warns us when we have one of those
entries.
 2025-04-13 02:54:33 +00:00
Thomas Eizinger
574bd75ae5 build(rust): depend on quinn-udp's main branch (#8763) 
The latest `main` of `quinn-udp` includes important patches that will
surface errors around dropped packets.
 2025-04-13 01:57:47 +00:00
Thomas Eizinger
e0f94824df fix(gateway): default to 1 TUN thread on single-core systems (#8765) 
On single-core systems, spawning more than one TUN thread results in
contention that hurts performance more than it helps.

Resolves: #8760
 2025-04-13 01:54:04 +00:00
Thomas Eizinger
439da65180 chore(connlib): log all tunnel errors on WARN (#8764) 
Currently, errors encountered as part of operating the tunnel are
non-fatal and only logged on `TRACE` in order to not flood the logs.
Recent improvements around how the event loop operates made it such that
we actually emit a lot less errors and ideally there should be 0.
Therefore we can now employ a much more strict policy and log all errors
here on `WARN` in order to get Sentry alerts.
 2025-04-13 01:35:37 +00:00
Thomas Eizinger
132487c29e fix(connlib): correctly compute the GSO batch size (#8754) 
We are currently naively chunking our buffer into `segment_size *
max_gso_segments()`. `max_gso_segments` is by default 64. Assuming we
processed several IP packets, this would quickly balloon to a size that
the kernel cannot handle. For example, during an `iperf3` run, we
receive _a lot_ of packets at maximum MTU size (1280). With the overhead
that we are adding to the packet, this results in a UDP payload size of
1320.

```
1320 x 64 = 84480
```

That is way too large for the kernel to handle and it will fail the
`sendmsg` call with `EMSGSIZE`. Unfortunately, this error wasn't
surfaced because `quinn_udp` handles it internally because it can also
happen as a result of MTU probes.

We've already patched `quinn_udp` in the past to move the handling of
more quinn-specific errors to the infallible `send` function. The same
is being done for this error in
https://github.com/quinn-rs/quinn/pull/2199.

Resolves: #8699
 2025-04-12 13:10:43 +00:00
Thomas Eizinger
289bd35e4c feat(connlib): add packet counter metrics (#8752) 
This PR adds opentelemetry-based packet counter metrics to `connlib`. By
default, the collection of these metrics of disabled. Without a
registered metrics-provider, gathering these metrics are effectively
no-ops. They will still incur 1 or 2 function calls per packet but that
should be negligible compared to other operations such as encryption /
decryption.

With this system in place, we can in the future add more metrics to make
debugging easier.
 2025-04-12 08:35:26 +00:00
dependabot[bot]
245a4d52e9 build(deps): bump async-trait from 0.1.83 to 0.1.88 in /rust (#8758) 
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.83
to 0.1.88.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/async-trait/releases">async-trait's
releases</a>.</em></p>
<blockquote>
<h2>0.1.88</h2>
<ul>
<li>Fix lifetime bounding on generic parameters that have cfg (<a
href="https://redirect.github.com/dtolnay/async-trait/issues/289">#289</a>)</li>
</ul>
<h2>0.1.87</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>0.1.86</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>0.1.85</h2>
<ul>
<li>Omit <code>Self: 'async_trait</code> bound in impl when not needed
by signature (<a
href="https://redirect.github.com/dtolnay/async-trait/issues/284">#284</a>)</li>
</ul>
<h2>0.1.84</h2>
<ul>
<li>Support <code>impl Trait</code> in return type (<a
href="https://redirect.github.com/dtolnay/async-trait/issues/282">#282</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b3a59195c2"><code>b3a5919</code></a>
Release 0.1.88</li>
<li><a
href="a306be84ec"><code>a306be8</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/async-trait/issues/289">#289</a>
from dtolnay/cfg</li>
<li><a
href="d3059849a4"><code>d305984</code></a>
Fix lifetime bounding on generic parameters that have cfg</li>
<li><a
href="78506f1714"><code>78506f1</code></a>
Add regression test for issue 288</li>
<li><a
href="a11384eec6"><code>a11384e</code></a>
Add issue 283 link in test</li>
<li><a
href="32540aadec"><code>32540aa</code></a>
Release 0.1.87</li>
<li><a
href="137d14caf3"><code>137d14c</code></a>
Resolve mem_replace_with_default clippy lint</li>
<li><a
href="45fd82a71e"><code>45fd82a</code></a>
Ignore elidable_lifetime_names pedantic clippy lint</li>
<li><a
href="ea2f2a29a2"><code>ea2f2a2</code></a>
Point standard library links to stable</li>
<li><a
href="3b78161de9"><code>3b78161</code></a>
Update ui test suite to nightly-2025-02-12</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/async-trait/compare/0.1.83...0.1.88">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=async-trait&package-manager=cargo&previous-version=0.1.83&new-version=0.1.88)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-12 08:34:37 +00:00
dependabot[bot]
77de9dcbf1 build(deps-dev): bump vite from 6.2.5 to 6.2.6 in /rust/gui-client in the npm_and_yarn group (#8755) 
Bumps the npm_and_yarn group in /rust/gui-client with 1 update:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).

Updates `vite` from 6.2.5 to 6.2.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.6</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.2.6/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v6.2.6/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.2.6 (2025-04-10)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>)
(<a
href="3bb0883d22">3bb0883</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19830">#19830</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d3dbf25fd5"><code>d3dbf25</code></a>
release: v6.2.6</li>
<li><a
href="3bb0883d22"><code>3bb0883</code></a>
fix: reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v6.2.6/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.2.5&new-version=6.2.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-11 20:54:45 +00:00
dependabot[bot]
e4f9fd5f29 build(deps-dev): bump vite from 6.2.4 to 6.2.5 in /rust/gui-client in the npm_and_yarn group (#8662) 
Bumps the npm_and_yarn group in /rust/gui-client with 1 update:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).

Updates `vite` from 6.2.4 to 6.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.5</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.2.5/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v6.2.5/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.2.5 (2025-04-03)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>,
fs check with svg and relative paths (<a
href="fdb196e9f8">fdb196e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19782">#19782</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c176acf70a"><code>c176acf</code></a>
release: v6.2.5</li>
<li><a
href="fdb196e9f8"><code>fdb196e</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>,
fs check with svg and relative paths</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v6.2.5/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=6.2.4&new-version=6.2.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-10 17:40:46 +00:00
dependabot[bot]
681c3efeca build(deps): bump crossbeam-channel from 0.5.13 to 0.5.15 in /rust in the cargo group (#8742) 
Bumps the cargo group in /rust with 1 update:
[crossbeam-channel](https://github.com/crossbeam-rs/crossbeam).

Updates `crossbeam-channel` from 0.5.13 to 0.5.15
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crossbeam-rs/crossbeam/releases">crossbeam-channel's
releases</a>.</em></p>
<blockquote>
<h2>crossbeam-channel 0.5.15</h2>
<ul>
<li>Fix regression introduced in 0.5.12 that can lead to a double free
when dropping unbounded channel. (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1187">#1187</a>)</li>
</ul>
<h2>crossbeam-channel 0.5.14</h2>
<ul>
<li>Fix stack overflow when sending large value to unbounded channel.
(<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1146">#1146</a>,
<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1147">#1147</a>)</li>
<li>Add <code>Select::new_biased</code> function. (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1150">#1150</a>)</li>
<li>Remove inefficient spinning. (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1154">#1154</a>)</li>
<li>Suppress buggy <code>clippy::zero_repeat_side_effects</code> lint in
macro generated code. (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1123">#1123</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d35ffde18a"><code>d35ffde</code></a>
Prepare for the next release</li>
<li><a
href="6ec74ecae8"><code>6ec74ec</code></a>
crossbeam-channel: prevent double free on Drop (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1187">#1187</a>)</li>
<li><a
href="ccd83ac410"><code>ccd83ac</code></a>
Prepare for the next release</li>
<li><a
href="54988eb239"><code>54988eb</code></a>
Calculate layout in const context</li>
<li><a
href="761d0b67e2"><code>761d0b6</code></a>
Port <a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1146">#1146</a>
&amp; <a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1147">#1147</a>
to deque::Injector and queue::SegQueue</li>
<li><a
href="8144fbb41e"><code>8144fbb</code></a>
Remove optimistic spinning from Context::wait_until</li>
<li><a
href="a92f6c4fbb"><code>a92f6c4</code></a>
Bump peter-evans/create-pull-request from 5 to 7 (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1153">#1153</a>)</li>
<li><a
href="66d41a904f"><code>66d41a9</code></a>
channel: Add new_biased constructor for biased channel selection (<a
href="https://redirect.github.com/crossbeam-rs/crossbeam/issues/1150">#1150</a>)</li>
<li><a
href="d0d0a80be8"><code>d0d0a80</code></a>
CachePadded: Use 128-byte alignment on arm64ec</li>
<li><a
href="f757eefca2"><code>f757eef</code></a>
Add comment about fixed rustc bug</li>
<li>Additional commits viewable in <a
href="https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-channel-0.5.13...crossbeam-channel-0.5.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=crossbeam-channel&package-manager=cargo&previous-version=0.5.13&new-version=0.5.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-10 17:40:21 +00:00
Thomas Eizinger
25267b18c8 feat(connlib): flush UDP and TUN concurrently (#8737) 
Upon each tick of the event loop `connlib` first attempts to flush
pending UDP packets to the socket, followed by packets queued for
sending out on the TUN device. In case the UDP socket is busy, we
suspend the event loop until we can send more packets there. This isn't
quite as efficient as we can be. Whilst waiting for the UDP socket, we
can still write packets to the TUN device.

With this patch, we attempt to do both. In case either of them couldn't
quite finish their work, we still return `Poll::Pending` to signal the
event loop to suspend, preventing us from accepting more work than we
can handle.
 2025-04-10 04:56:59 +00:00
Thomas Eizinger
0a46fdf7b5 chore(rust): remove dev stage in Dockerfile (#8688) 
We don't ever use the `dev` stage within our Rust Dockerfile that
actually builds the binaries within the container. In CI, we build the
binaries on the host and then copy them in. During local development, I
always do the same because it is much faster to iterate that way.

Long story short: We don't need this stage within our Dockerfile and it
causes confusion when people try to use `docker compose build`. If
somebody really wanted to do that, they need to follow the instructions
in the Dockerfile and build the binary first.

Related: #8687

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2025-04-10 04:00:58 +00:00
Thomas Eizinger
6d6db3346d test(connlib): increase grace period for unit test (#8738) 
This test appears to be sometimes flaky in CI, likely due to noisy
neighbours.
 2025-04-10 03:51:01 +00:00
Thomas Eizinger
6eab29a770 feat(connlib): supply multiple buffers to UDP socket (#8733) 
At present, `connlib` uses `quinn-udp`'s GRO functionality to read
multiple UDP packets within a single syscall. We are however only
passing a single buffer and a single `RecvMeta` to the `recv` function.
As a result, the function is limited to giving us only packets that
originate from one particular IP.

By supplying multiple buffers (and their according `RecvMeta`s), we can
now read packets from up to 10 different IPs at once within a single
syscall. To obtain multiple buffers, we need to split the provided
buffer into equal chunks. To ensure that each buffer can still hold
several packets, we increase the buffer size to 1MB.

It is expected that is increases throughput especially on Gateways which
receive UDP packets from many different IPs.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-04-09 05:17:46 +00:00
Thomas Eizinger
dc92ee7251 build(rust): bump hostname dependency (#8729) 
This removes yet another duplicate entry of `windows` from our
dependency graph.
 2025-04-09 03:30:18 +00:00
dependabot[bot]
c5751d9bb2 build(deps): bump @tailwindcss/cli from 4.1.1 to 4.1.3 in /rust/gui-client (#8721) 
Bumps
[@tailwindcss/cli](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli)
from 4.1.1 to 4.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases"><code>@​tailwindcss/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v4.1.3</h2>
<h3>Fixed</h3>
<ul>
<li>Show warning when using unsupported bare value data type in
<code>--value(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17464">#17464</a>)</li>
<li>PostCSS: Ensure changes to the input CSS file don't generate stale
output when using Turbopack (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17554">#17554</a>)</li>
<li>Ensure classes are detected in Ruby's <code>%w</code> syntax in Slim
templates (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17557">#17557</a>)</li>
</ul>
<h2>v4.1.2</h2>
<h3>Fixed</h3>
<ul>
<li>Don't rely on the presence of <code>@layer base</code> to polyfill
<code>@property</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17506">#17506</a>)</li>
<li>Support setting multiple inset shadows as arbitrary values (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17523">#17523</a>)</li>
<li>Fix <code>drop-shadow-*</code> utilities that are defined with
multiple shadows (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17515">#17515</a>)</li>
<li>PostCSS: Fix race condition when two changes are queued concurrently
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>PostCSS: Ensure files containing <code>@tailwind utilities</code>
are processed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>Ensure the <code>color-mix(…)</code> polyfill creates fallbacks even
when using colors that cannot be statically analyzed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17513">#17513</a>)</li>
<li>Fix slow incremental builds with <code>@tailwindcss/vite</code> and
<code>@tailwindcss/postscss</code> (especially on Windows) (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17511">#17511</a>)</li>
<li>Vite: Fix missing CSS file in Qwik setups (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17533">#17533</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md"><code>@​tailwindcss/cli</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.3] - 2025-04-04</h2>
<h3>Fixed</h3>
<ul>
<li>Show warning when using unsupported bare value data type in
<code>--value(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17464">#17464</a>)</li>
<li>PostCSS: Ensure changes to the input CSS file don't generate stale
output when using Turbopack (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17554">#17554</a>)</li>
<li>Ensure classes are detected in Ruby's <code>%w</code> syntax in Slim
templates (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17557">#17557</a>)</li>
</ul>
<h2>[4.1.2] - 2025-04-03</h2>
<h3>Fixed</h3>
<ul>
<li>Don't rely on the presence of <code>@layer base</code> to polyfill
<code>@property</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17506">#17506</a>)</li>
<li>Support setting multiple inset shadows as arbitrary values (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17523">#17523</a>)</li>
<li>Fix <code>drop-shadow-*</code> utilities that are defined with
multiple shadows (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17515">#17515</a>)</li>
<li>PostCSS: Fix race condition when two changes are queued concurrently
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>PostCSS: Ensure files containing <code>@tailwind utilities</code>
are processed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>Ensure the <code>color-mix(…)</code> polyfill creates fallbacks even
when using colors that cannot be statically analyzed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17513">#17513</a>)</li>
<li>Fix slow incremental builds with <code>@tailwindcss/vite</code> and
<code>@tailwindcss/postscss</code> (especially on Windows) (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17511">#17511</a>)</li>
<li>Vite: Fix missing CSS file in Qwik setups (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17533">#17533</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5a77c9dfc4"><code>5a77c9d</code></a>
Prepare v4.1.3 release (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli/issues/17563">#17563</a>)</li>
<li><a
href="4c99367b7b"><code>4c99367</code></a>
Prepare release v4.1.2 (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli/issues/17530">#17530</a>)</li>
<li>See full diff in <a
href="https://github.com/tailwindlabs/tailwindcss/commits/v4.1.3/packages/@tailwindcss-cli">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@tailwindcss/cli&package-manager=npm_and_yarn&previous-version=4.1.1&new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-09 02:40:34 +00:00
dependabot[bot]
7cfabe8b50 build(deps-dev): bump tailwindcss from 4.0.17 to 4.1.3 in /rust/gui-client (#8713) 
Bumps
[tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss)
from 4.0.17 to 4.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.3</h2>
<h3>Fixed</h3>
<ul>
<li>Show warning when using unsupported bare value data type in
<code>--value(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17464">#17464</a>)</li>
<li>PostCSS: Ensure changes to the input CSS file don't generate stale
output when using Turbopack (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17554">#17554</a>)</li>
<li>Ensure classes are detected in Ruby's <code>%w</code> syntax in Slim
templates (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17557">#17557</a>)</li>
</ul>
<h2>v4.1.2</h2>
<h3>Fixed</h3>
<ul>
<li>Don't rely on the presence of <code>@layer base</code> to polyfill
<code>@property</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17506">#17506</a>)</li>
<li>Support setting multiple inset shadows as arbitrary values (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17523">#17523</a>)</li>
<li>Fix <code>drop-shadow-*</code> utilities that are defined with
multiple shadows (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17515">#17515</a>)</li>
<li>PostCSS: Fix race condition when two changes are queued concurrently
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>PostCSS: Ensure files containing <code>@tailwind utilities</code>
are processed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>Ensure the <code>color-mix(…)</code> polyfill creates fallbacks even
when using colors that cannot be statically analyzed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17513">#17513</a>)</li>
<li>Fix slow incremental builds with <code>@tailwindcss/vite</code> and
<code>@tailwindcss/postscss</code> (especially on Windows) (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17511">#17511</a>)</li>
<li>Vite: Fix missing CSS file in Qwik setups (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17533">#17533</a>)</li>
</ul>
<h2>v4.1.1</h2>
<h3>Fixed</h3>
<ul>
<li>Disable padding in <code>@source inline(…)</code> brace expansion
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17491">#17491</a>)</li>
<li>Inject polyfills after <code>@import</code> and body-less
<code>@layer</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17493">#17493</a>)</li>
<li>Ensure <code>@tailwindcss/cli</code> does not contain an import for
<code>jiti</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17502">#17502</a>)</li>
</ul>
<h2>v4.1.0</h2>
<h3>Added</h3>
<ul>
<li>Add <code>details-content</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/15319">#15319</a>)</li>
<li>Add <code>inverted-colors</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/11693">#11693</a>)</li>
<li>Add <code>noscript</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/11929">#11929</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17431">#17431</a>)</li>
<li>Add <code>items-baseline-last</code> and
<code>self-baseline-last</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/13888">#13888</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17476">#17476</a>)</li>
<li>Add <code>pointer-none</code>, <code>pointer-coarse</code>, and
<code>pointer-fine</code> variants (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/16946">#16946</a>)</li>
<li>Add <code>any-pointer-none</code>, <code>any-pointer-coarse</code>,
and <code>any-pointer-fine</code> variants (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/16941">#16941</a>)</li>
<li>Add safe alignment utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14607">#14607</a>)</li>
<li>Add <code>user-valid</code> and <code>user-invalid</code> variants
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12370">#12370</a>)</li>
<li>Add <code>wrap-anywhere</code>, <code>wrap-break-word</code>, and
<code>wrap-normal</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12128">#12128</a>)</li>
<li>Add <code>@source inline(…)</code> and <code>@source not
inline(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17147">#17147</a>)</li>
<li>Add <code>@source not &quot;…&quot;</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17255">#17255</a>)</li>
<li>Add <code>text-shadow-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17389">#17389</a>)</li>
<li>Add <code>mask-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17134">#17134</a>)</li>
<li>Add <code>bg-{position,size}-*</code> utilities for arbitrary values
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17432">#17432</a>)</li>
<li>Add <code>shadow-*/&lt;alpha&gt;</code>,
<code>inset-shadow-*/&lt;alpha&gt;</code>,
<code>drop-shadow-*/&lt;alpha&gt;</code>, and
<code>text-shadow-*/&lt;alpha&gt;</code> utilities to control shadow
opacity (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17398">#17398</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17434">#17434</a>)</li>
<li>Add <code>drop-shadow-&lt;color&gt;</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17434">#17434</a>)</li>
<li>Improve compatibility with older versions of Safari and Firefox (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17435">#17435</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Follow symlinks when resolving <code>@source</code> directives (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17391">#17391</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">tailwindcss's
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.3] - 2025-04-04</h2>
<h3>Fixed</h3>
<ul>
<li>Show warning when using unsupported bare value data type in
<code>--value(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17464">#17464</a>)</li>
<li>PostCSS: Ensure changes to the input CSS file don't generate stale
output when using Turbopack (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17554">#17554</a>)</li>
<li>Ensure classes are detected in Ruby's <code>%w</code> syntax in Slim
templates (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17557">#17557</a>)</li>
</ul>
<h2>[4.1.2] - 2025-04-03</h2>
<h3>Fixed</h3>
<ul>
<li>Don't rely on the presence of <code>@layer base</code> to polyfill
<code>@property</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17506">#17506</a>)</li>
<li>Support setting multiple inset shadows as arbitrary values (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17523">#17523</a>)</li>
<li>Fix <code>drop-shadow-*</code> utilities that are defined with
multiple shadows (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17515">#17515</a>)</li>
<li>PostCSS: Fix race condition when two changes are queued concurrently
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>PostCSS: Ensure files containing <code>@tailwind utilities</code>
are processed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17514">#17514</a>)</li>
<li>Ensure the <code>color-mix(…)</code> polyfill creates fallbacks even
when using colors that cannot be statically analyzed (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17513">#17513</a>)</li>
<li>Fix slow incremental builds with <code>@tailwindcss/vite</code> and
<code>@tailwindcss/postscss</code> (especially on Windows) (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17511">#17511</a>)</li>
<li>Vite: Fix missing CSS file in Qwik setups (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17533">#17533</a>)</li>
</ul>
<h2>[4.1.1] - 2025-04-02</h2>
<h3>Fixed</h3>
<ul>
<li>Disable padding in <code>@source inline(…)</code> brace expansion
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17491">#17491</a>)</li>
<li>Inject polyfills after <code>@import</code> and body-less
<code>@layer</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17493">#17493</a>)</li>
<li>Ensure <code>@tailwindcss/cli</code> does not contain an import for
<code>jiti</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17502">#17502</a>)</li>
</ul>
<h2>[4.1.0] - 2025-04-01</h2>
<h3>Added</h3>
<ul>
<li>Add <code>details-content</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/15319">#15319</a>)</li>
<li>Add <code>inverted-colors</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/11693">#11693</a>)</li>
<li>Add <code>noscript</code> variant (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/11929">#11929</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17431">#17431</a>)</li>
<li>Add <code>items-baseline-last</code> and
<code>self-baseline-last</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/13888">#13888</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17476">#17476</a>)</li>
<li>Add <code>pointer-none</code>, <code>pointer-coarse</code>, and
<code>pointer-fine</code> variants (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/16946">#16946</a>)</li>
<li>Add <code>any-pointer-none</code>, <code>any-pointer-coarse</code>,
and <code>any-pointer-fine</code> variants (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/16941">#16941</a>)</li>
<li>Add safe alignment utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14607">#14607</a>)</li>
<li>Add <code>user-valid</code> and <code>user-invalid</code> variants
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12370">#12370</a>)</li>
<li>Add <code>wrap-anywhere</code>, <code>wrap-break-word</code>, and
<code>wrap-normal</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/12128">#12128</a>)</li>
<li>Add <code>@source inline(…)</code> and <code>@source not
inline(…)</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17147">#17147</a>)</li>
<li>Add <code>@source not &quot;…&quot;</code> (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17255">#17255</a>)</li>
<li>Add <code>text-shadow-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17389">#17389</a>)</li>
<li>Add <code>mask-*</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17134">#17134</a>)</li>
<li>Add <code>bg-{position,size}-*</code> utilities for arbitrary values
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17432">#17432</a>)</li>
<li>Add <code>shadow-*/&lt;alpha&gt;</code>,
<code>inset-shadow-*/&lt;alpha&gt;</code>,
<code>drop-shadow-*/&lt;alpha&gt;</code>, and
<code>text-shadow-*/&lt;alpha&gt;</code> utilities to control shadow
opacity (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17398">#17398</a>,
<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17434">#17434</a>)</li>
<li>Add <code>drop-shadow-&lt;color&gt;</code> utilities (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17434">#17434</a>)</li>
<li>Improve compatibility with older versions of Safari and Firefox (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/17435">#17435</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5a77c9dfc4"><code>5a77c9d</code></a>
Prepare v4.1.3 release (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17563">#17563</a>)</li>
<li><a
href="2fd7c8d967"><code>2fd7c8d</code></a>
Show warning when using unsupported bare value data type (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17464">#17464</a>)</li>
<li><a
href="4c99367b7b"><code>4c99367</code></a>
Prepare release v4.1.2 (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17530">#17530</a>)</li>
<li><a
href="60b0da90ce"><code>60b0da9</code></a>
Polyfill: Fall back to first color value when <code>color-mix(…)</code>
contains unresol...</li>
<li><a
href="e45302b910"><code>e45302b</code></a>
Fix drop shadow filters with multiple shadows (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17515">#17515</a>)</li>
<li><a
href="3e41e9ffe6"><code>3e41e9f</code></a>
Replace currentColor with currentcolor (lowercase) (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17510">#17510</a>)</li>
<li><a
href="80f9578bfa"><code>80f9578</code></a>
Fix multi-value arbitrary inset shadow (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17523">#17523</a>)</li>
<li><a
href="4484192ca3"><code>4484192</code></a>
Use <code>@layer properties</code> for <code>@property</code> polyfills
(<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17506">#17506</a>)</li>
<li><a
href="6a0a3ec0fa"><code>6a0a3ec</code></a>
Prepare release v4.1.1 (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17503">#17503</a>)</li>
<li><a
href="3c937ecee7"><code>3c937ec</code></a>
Inject polyfills after <code>@import</code> and body-less
<code>@layer</code> (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/17493">#17493</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tailwindlabs/tailwindcss/commits/v4.1.3/packages/tailwindcss">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwindcss&package-manager=npm_and_yarn&previous-version=4.0.17&new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-09 01:09:29 +00:00
dependabot[bot]
ceca664d59 build(deps): bump the tauri group in /rust/gui-client with 2 updates (#8708) 
Bumps the tauri group in /rust/gui-client with 2 updates:
[@tauri-apps/api](https://github.com/tauri-apps/tauri) and
[@tauri-apps/cli](https://github.com/tauri-apps/tauri).

Updates `@tauri-apps/api` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v2.4.1</h2>
<!-- raw HTML omitted -->
<pre><code>No known vulnerabilities found
</code></pre>
<!-- raw HTML omitted -->
<h2>[2.4.1]</h2>
<h3>Enhancements</h3>
<ul>
<li><a
href="dd13728334"><code>dd1372833</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13066">#13066</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../ahaoboy"><code>@​ahaoboy</code></a>)
Add a generic to <code>emit</code> and <code>emitTo</code> functions for
the <code>payload</code> instead of the previously used type
(<code>unknown</code>).</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&gt; @tauri-apps/api@2.4.1 npm-publish
/home/runner/work/tauri/tauri/packages/api
&gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access
public --loglevel silly --no-git-checks
<p>&gt; <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.4.1 build
/home/runner/work/tauri/tauri/packages/api
&gt; rollup -c --configPlugin typescript</p>
<p>
./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts,
./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts,
./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts,
./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.6s

src/index.ts →
../../crates/tauri/scripts/bundle.global.js...
created ../../crates/tauri/scripts/bundle.global.js in
1.9s
npm verbose cli /opt/hostedtoolcache/node/20.19.0/x64/bin/node
/opt/hostedtoolcache/node/20.19.0/x64/bin/npm
npm info using npm@10.8.2
npm info using node@v20.19.0
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.0/x64/lib/node_modules/npm/npmrc
npm silly config load:file:/tmp/d1c2b5f0fc4957921faca86df134d25f/.npmrc
npm silly config load:file:/home/runner/work/_temp/.npmrc
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.0/x64/etc/npmrc
npm verbose title npm publish tauri-apps-api-2.4.1.tgz
npm verbose argv &quot;publish&quot; &quot;--ignore-scripts&quot;
&quot;tauri-apps-api-2.4.1.tgz&quot; &quot;--access&quot;
&quot;public&quot; &quot;--loglevel&quot; &quot;silly&quot;
&quot;--no-git-checks&quot;
npm verbose logfile logs-max:10
dir:/home/runner/.npm/_logs/2025-04-01T17_21_18_329Z-
npm verbose logfile
/home/runner/.npm/_logs/2025-04-01T17_21_18_329Z-debug-0.log
npm verbose publish [ 'tauri-apps-api-2.4.1.tgz' ]
npm silly logfile done cleaning log files
npm notice
npm notice 📦 <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.4.1
npm notice Tarball Contents
npm notice 89.3kB CHANGELOG.md
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.4.0...@tauri-apps/api-v2.4.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `@tauri-apps/cli` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v2.4.1</h2>
<h2>[2.4.1]</h2>
<h3>Enhancements</h3>
<ul>
<li><a
href="f805061d11"><code>f805061d1</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13079">#13079</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Pietagorh"><code>@​Pietagorh</code></a>)
Add support for passing TOML and JSON5 config files to
<code>--config</code> arg</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="794af778e4"><code>794af778e</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13117">#13117</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Fix setting merge config value to null with <code>--config</code> arg no
longer works</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.4.1</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.4.0...@tauri-apps/cli-v2.4.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-09 01:08:48 +00:00
dependabot[bot]
5b8c8eba01 build(deps): bump tauri-winrt-notification from 0.7.0 to 0.7.1 in /rust in the tauri group (#8719) 
Bumps the tauri group in /rust with 1 update:
[tauri-winrt-notification](https://github.com/tauri-apps/winrt-notification).

Updates `tauri-winrt-notification` from 0.7.0 to 0.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/winrt-notification/releases">tauri-winrt-notification's
releases</a>.</em></p>
<blockquote>
<h2>tauri-winrt-notification v0.7.1</h2>
<p>Updating crates.io index
Locking 19 packages to latest compatible versions</p>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 734 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (20 crate dependencies)
</code></pre>
<!-- raw HTML omitted -->
<h2>[0.7.1]</h2>
<ul>
<li><a
href="3ab4d1867b"><code>3ab4d18</code></a>
(<a
href="https://redirect.github.com/tauri-apps/winrt-notification/pull/43">#43</a>
by <a
href="https://github.com/tauri-apps/winrt-notification/../../FabianLars"><code>@​FabianLars</code></a>)
Update <code>windows</code> crate to 0.60. This bumps the MSRV to
1.74.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri-winrt-notification v0.7.1
(/home/runner/work/winrt-notification/winrt-notification)
    Updating crates.io index
    Packaged 31 files, 97.7KiB (44.2KiB compressed)
Uploading tauri-winrt-notification v0.7.1
(/home/runner/work/winrt-notification/winrt-notification)
    Uploaded tauri-winrt-notification v0.7.1 to registry `crates-io`
note: waiting for `tauri-winrt-notification v0.7.1` to be available at
registry `crates-io`.
You may press ctrl-c to skip waiting; the crate should be available
shortly.
   Published tauri-winrt-notification v0.7.1 at registry `crates-io`
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/winrt-notification/blob/dev/CHANGELOG.md">tauri-winrt-notification's
changelog</a>.</em></p>
<blockquote>
<h2>[0.7.1]</h2>
<ul>
<li><a
href="3ab4d1867b"><code>3ab4d18</code></a>
(<a
href="https://redirect.github.com/tauri-apps/winrt-notification/pull/43">#43</a>
by <a
href="https://github.com/tauri-apps/winrt-notification/../../FabianLars"><code>@​FabianLars</code></a>)
Update <code>windows</code> crate to 0.60. This bumps the MSRV to
1.74.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c0b9b2fc14"><code>c0b9b2f</code></a>
feat: add button support (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/25">#25</a>)</li>
<li><a
href="b7bea80883"><code>b7bea80</code></a>
Publish New Versions (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/23">#23</a>)</li>
<li><a
href="3d49abcb88"><code>3d49abc</code></a>
fix(deps): update rust crate quick-xml to 0.31 (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/21">#21</a>)</li>
<li><a
href="657a812db8"><code>657a812</code></a>
chore(deps): update to windows-rs 0.56 (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/22">#22</a>)</li>
<li><a
href="e43754023c"><code>e437540</code></a>
Publish New Versions (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/19">#19</a>)</li>
<li><a
href="1427bbfadc"><code>1427bbf</code></a>
chore(deps): update <code>windows</code> crate to 0.54 (<a
href="https://redirect.github.com/tauri-apps/winrt-notification/issues/18">#18</a>)</li>
<li>See full diff in <a
href="https://github.com/tauri-apps/winrt-notification/compare/tauri-winrt-notification-v0.7...tauri-winrt-notification-v0.7.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri-winrt-notification&package-manager=cargo&previous-version=0.7.0&new-version=0.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-09 01:08:05 +00:00
dependabot[bot]
bca500045b build(deps): bump humantime from 2.1.0 to 2.2.0 in /rust (#8722) 
Bumps [humantime](https://github.com/chronotope/humantime) from 2.1.0 to
2.2.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/chronotope/humantime/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=humantime&package-manager=cargo&previous-version=2.1.0&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-09 01:07:21 +00:00
Thomas Eizinger
69e9d23560 build(rust): bump notify-rust (#8728) 
This removes several duplicated versions of `windows` from our
dependency tree.
 2025-04-08 23:11:22 +00:00
Thomas Eizinger
e0b834d68b chore(rust): remove Cross.toml (#8689) 
We no longer use `cross` to build any binaries so this configuration
file is now dead code.
 2025-04-08 19:58:53 +00:00
dependabot[bot]
909fa6e812 build(deps): bump tauri-plugin-dialog from 2.2.0 to 2.2.1 in /rust (#8683) 
Bumps
[tauri-plugin-dialog](https://github.com/tauri-apps/plugins-workspace)
from 2.2.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases">tauri-plugin-dialog's
releases</a>.</em></p>
<blockquote>
<h2>opener-js v2.2.1</h2>
<h2>[2.2.1]</h2>
<ul>
<li><a
href="18dffc9dfe"><code>18dffc9d</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/2189">#2189</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fix usage on iOS.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn publish npm auto-corrected some errors in your
package.json when publishing. Please run &quot;npm pkg fix&quot; to
address these errors.
npm warn publish errors corrected:
npm warn publish &quot;repository&quot; was changed from a string to an
object
npm warn publish &quot;repository.url&quot; was normalized to
&quot;git+https://github.com/tauri-apps/plugins-workspace.git&quot;
npm notice
npm notice 📦  @tauri-apps/plugin-opener@2.2.1
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.9kB README.md
npm notice 2.8kB dist-js/index.cjs
npm notice 1.8kB dist-js/index.d.ts
npm notice 2.7kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 729B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-opener
npm notice version: 2.2.1
npm notice filename: tauri-apps-plugin-opener-2.2.1.tgz
npm notice package size: 3.3 kB
npm notice unpacked size: 12.8 kB
npm notice shasum: cf0d74f683171d0cb31657baa417ad7b75cef4c0
npm notice integrity: sha512-zloo4xzBqeh36[...]S65GLVkeXTHPg==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and
public access
npm notice publish Signed provenance statement with source and build
information from GitHub Actions
npm notice publish Provenance statement published to transparency log:
https://search.sigstore.dev/?logIndex=154516065
+ @tauri-apps/plugin-opener@2.2.1
</code></pre>
<!-- raw HTML omitted -->
<h2>opener v2.2.1</h2>
<h2>[2.2.1]</h2>
<ul>
<li><a
href="18dffc9dfe"><code>18dffc9d</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/2189">#2189</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fix usage on iOS.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b40a02c525"><code>b40a02c</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2477">#2477</a>)</li>
<li><a
href="a1b3fa27f1"><code>a1b3fa2</code></a>
fix: Re-export api structs (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2515">#2515</a>)</li>
<li><a
href="e54cfcb261"><code>e54cfcb</code></a>
fix(updater): should be <code>log::debug</code> not <code>println</code>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2514">#2514</a>)</li>
<li><a
href="22ba197b80"><code>22ba197</code></a>
chore(deps): update eslint monorepo to v9.22.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2508">#2508</a>)</li>
<li><a
href="77520a3587"><code>77520a3</code></a>
chore(deps): update dependency rollup to v4.35.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2511">#2511</a>)</li>
<li><a
href="dbc5fe120a"><code>dbc5fe1</code></a>
chore(deps): update dependency eslint-config-prettier to v10.1.1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2503">#2503</a>)</li>
<li><a
href="faefcc9fd8"><code>faefcc9</code></a>
feat(updater): add <code>configure_client</code> to
<code>UpdaterBuilder</code> (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2430">#2430</a>)</li>
<li><a
href="ac60d589ec"><code>ac60d58</code></a>
feat(updater): improve tracing and error logging (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2513">#2513</a>)</li>
<li><a
href="cb38f54f4a"><code>cb38f54</code></a>
HTTP add stream support (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2479">#2479</a>)</li>
<li><a
href="d37bbdef8d"><code>d37bbde</code></a>
fix(clipboard-manager): Wayland support (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2507">#2507</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/os-v2.2.0...os-v2.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tauri-plugin-dialog&package-manager=cargo&previous-version=2.2.0&new-version=2.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-08 05:41:45 +00:00
dependabot[bot]
8d0843befd build(deps): bump the tauri group in /rust with 4 updates (#8684) 
Bumps the tauri group in /rust with 4 updates:
[tauri](https://github.com/tauri-apps/tauri),
[tauri-build](https://github.com/tauri-apps/tauri),
[tauri-runtime](https://github.com/tauri-apps/tauri) and
[tauri-utils](https://github.com/tauri-apps/tauri).

Updates `tauri` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime-wry v2.4.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1015 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.1)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.0)
      Adding getrandom v0.2.15 (available: v0.3.1)
      Adding html5ever v0.26.0 (available: v0.29.1)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.53.0)
      Adding oxc_ast v0.36.0 (available: v0.53.0)
      Adding oxc_parser v0.36.0 (available: v0.53.0)
      Adding oxc_span v0.36.0 (available: v0.53.0)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 734 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1040 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.50.1
    │   └── tauri-runtime-wry 2.4.1
    │       └── tauri 2.3.1
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v2.4.0...tauri-v2.4.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-build` from 2.1.0 to 2.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-build's
releases</a>.</em></p>
<blockquote>
<h2>tauri-build v2.1.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.30.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.61.2)
      Adding oxc_ast v0.36.0 (available: v0.61.2)
      Adding oxc_parser v0.36.0 (available: v0.61.2)
      Adding oxc_span v0.36.0 (available: v0.61.2)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding webview2-com v0.36.0 (available: v0.37.0)
      Adding windows v0.60.0 (available: v0.61.1)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 748 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-build-v2.1.0...tauri-build-v2.1.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-runtime` from 2.5.0 to 2.5.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-runtime's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime v2.5.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.30.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.61.2)
      Adding oxc_ast v0.36.0 (available: v0.61.2)
      Adding oxc_parser v0.36.0 (available: v0.61.2)
      Adding oxc_span v0.36.0 (available: v0.61.2)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding webview2-com v0.36.0 (available: v0.37.0)
      Adding windows v0.60.0 (available: v0.61.1)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 748 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-runtime-v2.5.0...tauri-runtime-v2.5.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-utils` from 2.3.0 to 2.3.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-utils's
releases</a>.</em></p>
<blockquote>
<h2>tauri-utils v2.3.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1021 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding axum v0.7.9 (available: v0.8.3)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.1)
      Adding getrandom v0.2.15 (available: v0.3.2)
      Adding html5ever v0.26.0 (available: v0.30.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding oxc_allocator v0.36.0 (available: v0.61.2)
      Adding oxc_ast v0.36.0 (available: v0.61.2)
      Adding oxc_parser v0.36.0 (available: v0.61.2)
      Adding oxc_span v0.36.0 (available: v0.61.2)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rand v0.8.5 (available: v0.9.0)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tauri-utils v1.6.0 (available: v1.6.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding webview2-com v0.36.0 (available: v0.37.0)
      Adding windows v0.60.0 (available: v0.61.1)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 748 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1046 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b154826881"><code>b154826</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13060">#13060</a>)</li>
<li><a
href="dade232592"><code>dade232</code></a>
chore: change bumps to patches</li>
<li><a
href="aa6b4d4edf"><code>aa6b4d4</code></a>
fix(cli): preserve null when merging patches (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13120">#13120</a>)</li>
<li><a
href="794af778e4"><code>794af77</code></a>
fix(cli): merge config based on the first one (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13117">#13117</a>)</li>
<li><a
href="4e22ae29d3"><code>4e22ae2</code></a>
chore(deps-dev): bump vite from 6.2.3 to 6.2.4 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13111">#13111</a>)</li>
<li><a
href="4ae14bf2f2"><code>4ae14bf</code></a>
fix: suppress deprecated warning in tray icon codegen (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13093">#13093</a>)</li>
<li><a
href="f805061d11"><code>f805061</code></a>
feat(cli): allow for toml and json5 files in --config arg (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13079">#13079</a>)</li>
<li><a
href="30beb6fee7"><code>30beb6f</code></a>
fix(cli): <code>tauri info</code> can't find the latest version for rust
crates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13096">#13096</a>)</li>
<li><a
href="22c7a877e3"><code>22c7a87</code></a>
chore(deps): update dependency rollup to v4.38.0 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13094">#13094</a>)</li>
<li><a
href="2138bbc212"><code>2138bbc</code></a>
fix(nsis): in wrong language if <code>SpanishInternational</code> is
included (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13087">#13087</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-utils-v2.3.0...tauri-utils-v2.3.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-08 05:04:13 +00:00
dependabot[bot]
73419e614c build(deps): bump ring from 0.17.13 to 0.17.14 in /rust (#8685) 
Bumps [ring](https://github.com/briansmith/ring) from 0.17.13 to
0.17.14.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/briansmith/ring/blob/main/RELEASES.md">ring's
changelog</a>.</em></p>
<blockquote>
<h1>Version 0.17.14 (2025-03-11)</h1>
<p>Fixed a performance bug in the AVX2-based AES-GCM implementation
added in
<em>ring</em> 0.17.13. This will be another notable performance
improvement for most
newish x86-64 systems. The performance issue impacted not just
AES-GCM.</p>
<p>Compatibility with GNU binutils 2.29 (used on Amazon Linux 2), and
probably
even earlier versions, was restored. It is expected that <em>ring</em>
0.17.14 will
build on all the systems that 0.17.12 would build on.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/briansmith/ring/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ring&package-manager=cargo&previous-version=0.17.13&new-version=0.17.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-08 05:02:46 +00:00
dependabot[bot]
fece33ed38 build(deps): bump tokio from 1.43.0 to 1.44.2 in /rust in the cargo group (#8692) 
Bumps the cargo group in /rust with 1 update:
[tokio](https://github.com/tokio-rs/tokio).

Updates `tokio` from 1.43.0 to 1.44.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/tokio/releases">tokio's
releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.44.2</h2>
<p>This release fixes a soundness issue in the broadcast channel. The
channel
accepts values that are <code>Send</code> but <code>!Sync</code>.
Previously, the channel called
<code>clone()</code> on these values without synchronizing. This release
fixes the channel
by synchronizing calls to <code>.clone()</code> (Thanks Austin Bonander
for finding and
reporting the issue).</p>
<h3>Fixed</h3>
<ul>
<li>sync: synchronize <code>clone()</code> call in broadcast channel (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7232">#7232</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7232">#7232</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7232">tokio-rs/tokio#7232</a></p>
<h2>Tokio v1.44.1</h2>
<h1>1.44.1 (March 13th, 2025)</h1>
<h3>Fixed</h3>
<ul>
<li>rt: skip defer queue in <code>block_in_place</code> context (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7216">#7216</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7216">#7216</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7216">tokio-rs/tokio#7216</a></p>
<h2>Tokio v1.44.0</h2>
<h1>1.44.0 (March 7th, 2025)</h1>
<p>This release changes the <code>from_std</code> method on sockets to
panic if a blocking socket is provided. We determined this change is not
a breaking change as Tokio is not intended to operate using blocking
sockets. Doing so results in runtime hangs and should be considered a
bug. Accidentally passing a blocking socket to Tokio is one of the most
common user mistakes. If this change causes an issue for you, please
comment on <a
href="https://redirect.github.com/tokio-rs/tokio/issues/7172">#7172</a>.</p>
<h3>Added</h3>
<ul>
<li>coop: add <code>task::coop</code> module (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7116">#7116</a>)</li>
<li>process: add <code>Command::get_kill_on_drop()</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7086">#7086</a>)</li>
<li>sync: add <code>broadcast::Sender::closed</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/6685">#6685</a>,
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7090">#7090</a>)</li>
<li>sync: add <code>broadcast::WeakSender</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7100">#7100</a>)</li>
<li>sync: add <code>oneshot::Receiver::is_empty()</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7153">#7153</a>)</li>
<li>sync: add <code>oneshot::Receiver::is_terminated()</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7152">#7152</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>fs: empty reads on <code>File</code> should not start a background
read (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7139">#7139</a>)</li>
<li>process: calling <code>start_kill</code> on exited child should not
fail (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7160">#7160</a>)</li>
<li>signal: fix <code>CTRL_CLOSE</code>, <code>CTRL_LOGOFF</code>,
<code>CTRL_SHUTDOWN</code> on windows (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7122">#7122</a>)</li>
<li>sync: properly handle panic during mpsc drop (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7094">#7094</a>)</li>
</ul>
<h3>Changes</h3>
<ul>
<li>runtime: clean up magic number in registration set (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7112">#7112</a>)</li>
<li>coop: make coop yield using waker defer strategy (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7185">#7185</a>)</li>
<li>macros: make <code>select!</code> budget-aware (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7164">#7164</a>)</li>
<li>net: panic when passing a blocking socket to <code>from_std</code>
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7166">#7166</a>)</li>
<li>io: clean up buffer casts (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7142">#7142</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec4b1d7215"><code>ec4b1d7</code></a>
chore: forward port 1.43.x</li>
<li><a
href="e3c3a56718"><code>e3c3a56</code></a>
Merge branch 'tokio-1.43.x' into forward-port-1.43.x</li>
<li><a
href="a7b658c35b"><code>a7b658c</code></a>
chore: prepare Tokio v1.43.1 release</li>
<li><a
href="c1c8d1033d"><code>c1c8d10</code></a>
Merge remote-tracking branch 'origin/tokio-1.38.x' into
forward-port-1.38.x</li>
<li><a
href="aa303bc205"><code>aa303bc</code></a>
chore: prepare Tokio v1.38.2 release</li>
<li><a
href="7b6ccb515f"><code>7b6ccb5</code></a>
chore: backport CI fixes</li>
<li><a
href="4b174ce2c9"><code>4b174ce</code></a>
sync: fix cloning value when receiving from broadcast channel</li>
<li><a
href="d413c9c02a"><code>d413c9c</code></a>
chore: prepare Tokio v1.44.1 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7217">#7217</a>)</li>
<li><a
href="addbfb9204"><code>addbfb9</code></a>
rt: skip defer queue in <code>block_in_place</code> context (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7216">#7216</a>)</li>
<li><a
href="8182ecf262"><code>8182ecf</code></a>
chore: prepare Tokio v1.44.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7202">#7202</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-1.43.0...tokio-1.44.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.43.0&new-version=1.44.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-08 03:37:47 +00:00
Thomas Eizinger
07a82d2254 chore(relay): remove feature flag for eBPF TURN router (#8681) 
The original idea of this feature flag was that we can easily disable
the eBPF router in case it causes issues in production. However,
something seems to be not working in reliably turning this on / off.
Without an explicit toggle of the feature-flag, the eBPF program doesn't
seem to be loaded correctly. The uncertainty in this makes me not the
trust the metrics that we are seeing because we don't know, whether
really all relays are using the eBPF router to relay TURN traffic.

In order to draw truthful conclusions as too how much traffic we are
relaying via eBPF, this patch removes the feature flag again. As of
#8656, we can disable the eBPF program by not setting the
`EBPF_OFFLOADING` env variable. This requires a re-deploy / restart of
relays to take effect which isn't quite as fast as toggling a feature
flag but much reliable and easier to maintain.
 2025-04-07 03:31:22 +00:00
Thomas Eizinger
391e94ebed fix(relay): set a Firezone ID to enable feature-flags (#8657) 
Our feature-flags are currently coupled to our Firezone ID. Without a
Firezone ID, we cannot evaluate feature flags. In order to be able to
use the feature flags to enable / disable the eBPF TURN router, we see a
random UUID as the Firezone ID upon startup of the relay.

Not setting this causes the eBPF router to currently be instantly
disabled as soon as we start up because the default of the feature flag
is false and we don't reevaluate it later due to the missing ID.
 2025-04-04 07:13:56 +00:00
Thomas Eizinger
6fe7e77f76 refactor(relay): fail if eBPF offloading is requested but fails (#8656) 
It happens a bunch of times to me during testing that I'd forget to set
the right interface onto which the eBPF kernel should be loaded and was
wondering why it didn't work. Defaulting to `eth0` wasn't a very smart
decision because it means users cannot disable the eBPF kernel at all
(other than via the feature-flag).

It makes more sense to default to not loading the program at all AND
hard-fail if we are requested to load it but cannot. This allows us to
catch configuration errors early.
 2025-04-04 07:00:29 +00:00