Why:
* We have seen issues with Google Admin SDK API returning bad
information when requesting directory info, such as Groups and
Identities. The requests seem to return successful HTTP codes, but the
data is missing, which our sync system interprets as all
Groups/Identities have been deleted from the Google Workspace. In order
to prevent this from happening a deletion circuit breaker function has
been added to stop a sync job if a certain percentage of the identities
will be deleted on the current run. This should prevent the possibility
of mass deleting Groups/Identities if an Identity Provider hands back
incorrect info on any sync.
Fixes: #9188
Why:
* We have decided to change the way we will do audit logging. Instead of
soft deleting data and keeping it in the table it was created in, we
will be moving to an audit trail table where various actions will be
recorded in a table/DB specifically for auditing purposes. Due to this
change we need to make sure that we don't have stale/dangling
references. One set of references we keep everywhere is
`created_by_identity_id` and `created_by_actor_id`. Those foreign key
references won't be able to be used after moving to the new audit
system. This commit will allow us to keep that info by pulling the
values and storing the data in a created_by_subject field on the record.
We are currently consuming the WAL on production and it has shown very
little cost in terms of resource usage.
It would be better to get a more real-world test by sending actual
broadcasts with data.
To do this, we simply send a `Domain.PubSub.broadcast` with all of the
data received in the WAL message, which represents an absolute
worst-case scenario.
When deploying, new Elixir nodes are spun up before the old ones are
brought down. This ensures that the state in the cluster is merge into
the new nodes between the old ones go away.
This also means, however, that the existing WAL consumer is still up
when our new one tries to come online.
Normally, this isn't an issue, because we find the old pid and return it
with `{:ok, existing_pid}`. When that VM goes away, the Supervisor(s) of
the new application notice and restart it,
However, if the cluster state diverges or is inconsistent during this
period, we may fail to find the existing pid, and try to start a new
ReplicationConnection. If the old pid is still active, this will fail
because there's a mutex on the connection. The original implementation
was designed to handle this case using the Supervisor with a
`:transient` restart policy.
What the author failed to understand is that the restart policy applies
only to _restarts_ and not initial starts, so if all of the new
application servers fail to find the old pid which is still connected,
and they all fail to come up, we won't consume the WAL.
This is fixed with a `ReplicationConnectionManager` that always comes up
fine, and then simply tries to start a `ReplicationConnection` every
30s, giving up after 5 minutes if it can't start one or find an existing
one. This will crash, causing the Supervisor to restart us, and then
notify us.
Adds a new field to `settings/identity_providers` that allows an Admin
to designate any non-email/otp provider as the `default` for client
authentication. Clients will then navigate directly to the provider's
`/redirect` endpoint when authenticating, which in many cases will
automatically sign them in.
No existing providers are updated in this PR.
https://github.com/user-attachments/assets/7b962a25-76fd-491f-a194-60ed993821fc
Why:
* During the account sign up flow, the email of the first admin was not
being populated in the `email` column on the auth_identities table. This
was due to atoms being passed in the attrs instead of strings to the
`create_identity` function. A migration was also created to backfill the
missing emails in the `auth_identities` table.
Why:
* It was pointed out that the way Postgresql does compound indexes there
is no need to have an individual index on the first column of the
compound index. This commit removes the redundant index on the
`actor_id` for the `actor_group_membership` table.
Why:
* As we move towards hard deleting data one issue we've run into is with
cascading deletes on the actor_group_memberships table. In order to
solve this problem indexes have been created on the `actor_id` and
`group_id` columns of the actor_group_memberships.
These are expected during deploys, so don't log them as errors. If the
Supervisor fails to start us after exhausting all attempts, it will log
an error.
The `background_jobs_enabled` config in an ENV var that needs to be set
for a specific configuration key. It's not set on the top-level
`:domain` config by default.
Instead, it's used to enable / disable specific modules to start by the
application's Supervisor.
The `Domain.Events.ReplicationConnection` module is updated in this PR
to follow this convention.
Bumps [logger_json](https://github.com/Nebo15/logger_json) from 7.0.0 to
7.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Nebo15/logger_json/releases">logger_json's
releases</a>.</em></p>
<blockquote>
<h2>7.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Datadog: report <code>error.kind</code> and <code>error.stack</code>
for non-crash error+ logs by <a
href="https://github.com/aloukissas"><code>@aloukissas</code></a> in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/157">Nebo15/logger_json#157</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/aloukissas"><code>@aloukissas</code></a> made
their first contribution in <a
href="https://redirect.github.com/Nebo15/logger_json/pull/157">Nebo15/logger_json#157</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Nebo15/logger_json/compare/7.0.1...7.0.2">https://github.com/Nebo15/logger_json/compare/7.0.1...7.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e0b5ca332"><code>6e0b5ca</code></a>
Bump version</li>
<li><a
href="7de4c86996"><code>7de4c86</code></a>
pattern match</li>
<li><a
href="42c074a193"><code>42c074a</code></a>
honor existing metadata</li>
<li><a
href="b7a1e1ae5c"><code>b7a1e1a</code></a>
remove else clause</li>
<li><a
href="bd6144a591"><code>bd6144a</code></a>
logger level option</li>
<li><a
href="564f1e14ab"><code>564f1e1</code></a>
no need for stack</li>
<li><a
href="2cf9140036"><code>2cf9140</code></a>
feat: report error.kind and error.stack for non-crash error+ logs</li>
<li><a
href="14aa482efb"><code>14aa482</code></a>
Add kind and top level message to DataDog formatter</li>
<li><a
href="c0bcd290d1"><code>c0bcd29</code></a>
Allow using old tuples in config.exs and promote using new/1 in
runtime.exs</li>
<li>See full diff in <a
href="https://github.com/Nebo15/logger_json/compare/7.0.0...7.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ex_cldr_numbers](https://github.com/elixir-cldr/cldr_numbers)
from 2.35.0 to 2.35.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_numbers/releases">ex_cldr_numbers's
releases</a>.</em></p>
<blockquote>
<h2>Cldr Numbers version 2.35.1</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Fix formatting currency amounts when the currency format does not
have a digit placeholder (<code>0</code> and <code>#</code>) directly
next to the currency placeholder (<code>¤</code>). Thanks to <a
href="https://github.com/benregn"><code>@benregn</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/elixir-cldr/cldr_numbers/blob/main/CHANGELOG.md">ex_cldr_numbers's
changelog</a>.</em></p>
<blockquote>
<h2>Cldr Numbers v2.35.1</h2>
<p>This is the changelog for Cldr v2.35.1 released on April 23rd, 2025.
For older changelogs please consult the release tag on <a
href="https://github.com/elixir-cldr/cldr_numbers/tags">GitHub</a></p>
<h3>Bug Fixes</h3>
<ul>
<li>Fix formatting currency amounts when the currency format does not
have a digit placeholder (<code>0</code> and <code>#</code>) directly
next to the currency placeholder (<code>¤</code>). Thanks to <a
href="https://github.com/benregn"><code>@benregn</code></a> for the
report. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1fb2f82370"><code>1fb2f82</code></a>
Fix currency formatting. Closes <a
href="https://redirect.github.com/elixir-cldr/cldr_numbers/issues/54">#54</a></li>
<li>See full diff in <a
href="https://github.com/elixir-cldr/cldr_numbers/compare/v2.35.0...v2.35.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tzdata](https://github.com/lau/tzdata) from 1.1.2 to 1.1.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/lau/tzdata/blob/master/CHANGELOG.md">tzdata's
changelog</a>.</em></p>
<blockquote>
<h2>[1.1.3] - 2025-03-05</h2>
<h3>Fixed</h3>
<ul>
<li>Fix Elixir compiler warnings for decreasing ranges without explicit
steps (Christoph Grothaus)</li>
<li>Fix various Elixir compiler warnings (Thomas Cioppettini)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Now requires Elixir 1.9 or greater instead of 1.8 or greater.</li>
<li>tzdata release version shipped with this library is now 2025a
instead of 2024b.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="61fb7ecf68"><code>61fb7ec</code></a>
Version 1.1.3 (<a
href="https://redirect.github.com/lau/tzdata/issues/158">#158</a>)</li>
<li><a
href="f760899337"><code>f760899</code></a>
Fix Elixir compiler warnings for decreasing ranges without explicit
steps (<a
href="https://redirect.github.com/lau/tzdata/issues/154">#154</a>)</li>
<li><a
href="7791318499"><code>7791318</code></a>
chore(Elixir): Fix warnings emitted by elixir 1.16 (<a
href="https://redirect.github.com/lau/tzdata/issues/139">#139</a>)</li>
<li>See full diff in <a
href="https://github.com/lau/tzdata/compare/v1.1.2...v1.1.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [observer_cli](https://github.com/zhongwencool/observer_cli) from
1.8.2 to 1.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zhongwencool/observer_cli/releases">observer_cli's
releases</a>.</em></p>
<blockquote>
<h2>1.8.3</h2>
<h2>What's Changed</h2>
<ul>
<li>process_info(Pid, monitors) can also return {port, _} tuples by <a
href="https://github.com/gomoripeti"><code>@gomoripeti</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/110">zhongwencool/observer_cli#110</a></li>
<li>correct the units shown for memory data by <a
href="https://github.com/gonzalobf"><code>@gonzalobf</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/111">zhongwencool/observer_cli#111</a></li>
<li>Fix compile warning on OTP 27 by <a
href="https://github.com/zmstone"><code>@zmstone</code></a> in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/114">zhongwencool/observer_cli#114</a></li>
<li>Fix mnesia crash by handling unknown storage types by <a
href="https://github.com/zhongwencool"><code>@zhongwencool</code></a>
in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/115">zhongwencool/observer_cli#115</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gonzalobf"><code>@gonzalobf</code></a>
made their first contribution in <a
href="https://redirect.github.com/zhongwencool/observer_cli/pull/111">zhongwencool/observer_cli#111</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3">https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ef0a2cec2"><code>5ef0a2c</code></a>
chore: include docs dir</li>
<li><a
href="de56d61c8c"><code>de56d61</code></a>
Merge pull request <a
href="https://redirect.github.com/zhongwencool/observer_cli/issues/115">#115</a>
from zhongwencool/mnesia-crash</li>
<li><a
href="49440d8134"><code>49440d8</code></a>
Migrate documentation from doc to docs directory and switch to
ex_doc</li>
<li><a
href="cbfcf75ecc"><code>cbfcf75</code></a>
bump to 1.8.3</li>
<li><a
href="93453bd876"><code>93453bd</code></a>
Fix mnesia crash by handling unknown storage types</li>
<li><a
href="54f152d717"><code>54f152d</code></a>
Fix compile warning on OTP 27</li>
<li><a
href="c4eba84200"><code>c4eba84</code></a>
correct the units shown for memory data</li>
<li><a
href="12ef05329c"><code>12ef053</code></a>
process_info(Pid, monitors) can also return {port, _} tuples</li>
<li>See full diff in <a
href="https://github.com/zhongwencool/observer_cli/compare/v1.8.2...1.8.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [argon2_elixir](https://github.com/riverrun/argon2_elixir) from
4.1.2 to 4.1.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c77ab6660b"><code>c77ab66</code></a>
update version to v4.1.3</li>
<li><a
href="2bc37dcc9f"><code>2bc37dc</code></a>
Merge pull request <a
href="https://redirect.github.com/riverrun/argon2_elixir/issues/68">#68</a>
from meeq/patch-1</li>
<li><a
href="af29b73a65"><code>af29b73</code></a>
Fix Clang compile warning</li>
<li>See full diff in <a
href="https://github.com/riverrun/argon2_elixir/compare/v4.1.2...v4.1.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The `web` and `api` application use `domain` as a dependency in their
`mix.exs`. This means by default their Supervisor will start the
Domain's supervision tree as well.
The author did not realize this at the time of implementation, and so we
now leverage the convention in place for restricting tasks to `domain`
nodes, the `background_jobs_enabled` application configuration
parameter.
We also add an info log when the replication slot is being started so we
can verify the node it's starting on.
When deploying, the cluster state diverges temporarily, which allows
more than one `ReplicationConnection` process to start on the new nodes.
(One of) the old nodes still has an active slot, and we get an "object
in use" error `(Postgrex.Error) ERROR 55006 (object_in_use) replication
slot "events_slot" is active for PID 603037`.
Rather than use ReplicationConnection's restart behavior (which logs
tons of errors with Logger.error), we can use the Supervisor here
instead, and continue to try and start the ReplicationConnection until
successful.
Note that if the process name is registered (globally) and running,
ReplicationConnection.start_link/1 simply returns `{:ok, pid}` instead
of erroring out with `:already_running`, so eventually one of the nodes
will succeed and the remaining ones will return the globally-registered
pid.
We need the `replication` attribute set on the db user. This is
trivially done in a migration, and with the `CURRENT_USER` specifier, we
don't need to fetch the Application configuration.
Turns out we are making replication overly complex by creating a
dedicated user for it. The `web` user is already privileged and we can
reuse it since the replication system operates in the same security
context as the remaining app.
The LoggerJSON Redactor only redacts top-level keys, so we need to
redact the entire `connection_opts` param to redact its contained
password.
We also don't need to pass around `connection_opts` across the entire
ReplicationConnection process state, only for the initial connection, so
we refactor that out of the `state`.
Firezone's control plane is a realtime, distributed system that relies
on a broadcast/subscribe system to function. In many cases, these events
are broadcasted whenever relevant data in the DB changes, such as an
actor losing access to a policy, a membership being deleted, and so
forth.
Today, this is handled in the application layer, typically happening at
the place where the relevant DB call is made (i.e. in an
`after_commit`). While this approach has worked thus far, it has several
issues:
1. We have no guarantee that the DB change will issue a broadcast. If
the application is deployed or the process crashes after the DB changes
are made but before the broadcast happens, we will have potentially
failed to update any connected clients or gateways with the changes.
2. We have no guarantee that the order of DB updates will be maintained
in order for broadcasts. In other words, app server A could win its DB
operation against app server B, but then proceed to lose being the first
to broadcast.
3. If the cluster is in a bad state where broadcasts may return an error
(i.e. https://github.com/firezone/firezone/issues/8660), we will never
retry the broadcast.
To fix the above issues, we introduce a WAL logical decoder that process
the event stream one message at a time and performs any needed work.
Serializability is guaranteed since we only process the WAL in a single,
cluster-global process, `ReplicationConnection`. Durability is also
guaranteed since we only ACK WAL segments after we've successfully
ingested the event.
This means we will only advance the position of our WAL stream after
successfully broadcasting the event.
This PR only introduces the WAL stream processing system but does not
introduce any changes to our current broadcasting behavior - that's
saved for another PR.
Turns out that the standard `pgoutput` plugin shipped with Postgres will
do everything we need it to, and there are good examples of prior art
decoding its binary output in Elixir (in production).
So to avoid adding a dependency on `wal2json` here, we'll go with that.
Why:
* The copy to clipboard button was not working at all on the API new
token page due to the fact that the FlowbiteJS library expects the
presence of the elements in the DOM on first render. This was not true
of the API Token code block. Along with that issue the existing code
blocks copy to clipboard buttons did not give any visual indication that
the copy had been completed. It was also somewhat difficult to see the
copy to clipboard button on those code blocks as well. This commit
updates the buttons to be more visible, as well as adds a phx-hook to
make sure the FlowbiteJS init functions are run on every code block even
if it's inserted after the initial load of the page and adds functions
that are run as a callback to toggle the button text and icon to show
the text has been copied.
In order to develop and test WAL replication, we need the wal2json
module installed in our dev postgres image. The module itself builds
very quickly, but I thought it would be better to have this
automatically built and pushed as part of a nightly job so that CI and
developers can make use of it.
API clients don't belong to any actor_groups and attempting to deep link
into the `groups` section when viewing an actor raises a 500 error.
This PR fixes that by removing the deep link into `actor_groups` from
the actors index view.
Prevents more than one sync-enabled adapter per account in order to
prepare for eventually adding a unique constraint on
`provider_identifier` for identities and groups per account.
Related: #6294
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Brian Manifold <bmanifold@users.noreply.github.com>
This was left behind in a large refactor as part of #3642 and was never
cleaned up.
I verified on prod this table in fact has no meaningful data in it and
has not changed since that PR was merged.
Bumps [credo](https://github.com/rrrene/credo) from 1.7.11 to 1.7.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/releases">credo's
releases</a>.</em></p>
<blockquote>
<h2>v1.7.12</h2>
<p>Check it out on Hex: <a
href="https://hex.pm/packages/credo/1.7.12">https://hex.pm/packages/credo/1.7.12</a></p>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.19
(dev)</li>
<li>Provide <code>:column</code> on all checks</li>
<li>Fix check docs in other project's documentation</li>
<li><code>Credo.Check.Refactor.DoubleBooleanNegation</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.NestedFunctionCalls</code> fixed false
positive</li>
<li><code>Credo.Check.Consistency.UnusedVariableNames</code> fixed
duplicate issues</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rrrene/credo/blob/master/CHANGELOG.md">credo's
changelog</a>.</em></p>
<blockquote>
<h2>1.7.12</h2>
<ul>
<li>Fix compatibility & compiler warnings with Elixir 1.19
(dev)</li>
<li>Provide <code>:column</code> on all checks</li>
<li>Fix check docs in other project's documentation</li>
<li><code>Credo.Check.Refactor.DoubleBooleanNegation</code> fixed false
positive</li>
<li><code>Credo.Check.Readability.NestedFunctionCalls</code> fixed false
positive</li>
<li><code>Credo.Check.Consistency.UnusedVariableNames</code> fixed
duplicate issues</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f731459d4f"><code>f731459</code></a>
Bump version to 1.7.12</li>
<li><a
href="953c7433b4"><code>953c743</code></a>
Update GitHub actions</li>
<li><a
href="25d9231ad5"><code>25d9231</code></a>
Update CHANGELOG</li>
<li><a
href="6eded9ffbd"><code>6eded9f</code></a>
Update deps for Elixir 1.19</li>
<li><a
href="3764e9df3b"><code>3764e9d</code></a>
Improve Assertitions by adding source line</li>
<li><a
href="7acc3aba19"><code>7acc3ab</code></a>
Add :test_ignore_filters for Elixir 1.19 compat</li>
<li><a
href="0dff386042"><code>0dff386</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1190">#1190</a>
from danschultzer/credo-docs-uri</li>
<li><a
href="e9b9e31b8f"><code>e9b9e31</code></a>
Merge pull request <a
href="https://redirect.github.com/rrrene/credo/issues/1191">#1191</a>
from danschultzer/update-ci-elixir-otp-versions</li>
<li><a
href="06fa242304"><code>06fa242</code></a>
Use latest Elixir and OTP versions in CI</li>
<li><a
href="9ba02a636f"><code>9ba02a6</code></a>
Link to the credo docs when app is not credo</li>
<li>Additional commits viewable in <a
href="https://github.com/rrrene/credo/compare/v1.7.11...v1.7.12">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [libcluster](https://github.com/bitwalker/libcluster) from 3.3.3
to 3.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bitwalker/libcluster/blob/main/CHANGELOG.md">libcluster's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>Unreleased</h2>
<ul>
<li>Add <code>kubernetes_use_cached_resources</code> option to
Kubernetes strategy</li>
</ul>
<h2>3.4.1</h2>
<ul>
<li>Use new cypher names</li>
<li>Allow Epmd strategy to reconnect after connection failures</li>
<li>Detect Self Signed Certificate Authority for Kubernetes
Strategy</li>
<li>Remove calls to deprecated <code>Logger.warn/2</code></li>
<li>Correct misspell of 'Empd' -> 'Epmd' in
<code>Cluster.Strategy.LocalEpmd</code> moduledoc</li>
</ul>
<h2>3.4.0</h2>
<h3>Added</h3>
<ul>
<li>Telemetry events added for tracking node connects and
disconnects</li>
</ul>
<h3>3.3.0</h3>
<h3>Changed</h3>
<ul>
<li>Default multicast address is now 233.252.1.32, was 230.1.1.251, <a
href="449a65e14f">commit</a></li>
</ul>
<h3>2.3.0</h3>
<h3>Added</h3>
<ul>
<li>Clustering strategy for the Rancher container platform (see: <a
href="https://github.com/rancher/rancher">https://github.com/rancher/rancher</a>)</li>
<li>LocalEpmd strategy that uses epmd to discover nodes on the local
host</li>
<li>Gossip strategy multicast interface is used for adding multicast
membership</li>
</ul>
<h2>2.0.0</h2>
<h3>Added</h3>
<ul>
<li>Configurable <code>connect</code> and <code>disconnect</code>
options for implementing strategies
on top of custom topologies</li>
<li>The ability to start libcluster for more than a single topology</li>
<li>Added <code>polling_interval</code> option to Kubernetes
strategy</li>
<li>Added ability to specify a list of hosts for the Epmd strategy to
connect to on start</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Cluster.Events module, as it was redundant and unused</li>
</ul>
<h3>Changed</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bitwalker/libcluster/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[phoenix_live_reload](https://github.com/phoenixframework/phoenix_live_reload)
from 1.5.3 to 1.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_live_reload/blob/main/CHANGELOG.md">phoenix_live_reload's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.0 (2025-04-10)</h2>
<ul>
<li>
<p>Enhancements</p>
<ul>
<li>Add support for <code>__RELATIVEFILE__</code> when invoking
editors</li>
<li>Change the default target window to <code>:parent</code> to not
reload the whole page if a Phoenix app is shown inside an iframe. You
can get the old behavior back by setting the <code>:target_window</code>
option to <code>:top</code>:
<pre lang="elixir"><code>config :phoenix_live_reload, MyAppWeb.Endpoint,
target_window: :top,
...
</code></pre>
</li>
</ul>
</li>
<li>
<p>Bug fixes</p>
<ul>
<li>Inject iframe if web console logger is enabled but there are no
patterns</li>
<li>Allow web console to shutdown cleanly</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f1297101e8"><code>f129710</code></a>
Release v1.6.0</li>
<li><a
href="95c956e163"><code>95c956e</code></a>
show code example in 1.6 changelog</li>
<li><a
href="bd16ec6680"><code>bd16ec6</code></a>
Update CHANGELOG</li>
<li><a
href="e1b5d4ad98"><code>e1b5d4a</code></a>
Default window to parent</li>
<li><a
href="a685ccf99f"><code>a685ccf</code></a>
Add README.md and CHANGELOG.md to the docs (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/168">#168</a>)</li>
<li><a
href="e9160bde42"><code>e9160bd</code></a>
Add support for <strong>RELATIVEFILE</strong> (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/166">#166</a>)</li>
<li><a
href="bbc62626d2"><code>bbc6262</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/165">#165</a>
from phoenixframework/sd-gitlab-ci</li>
<li><a
href="9c6b6a4b9b"><code>9c6b6a4</code></a>
fix test for Elixir < 1.15, format</li>
<li><a
href="86a7194f8c"><code>86a7194</code></a>
add gitlab ci</li>
<li><a
href="f2fdba5b01"><code>f2fdba5</code></a>
Fix typo again, appplication -> application (<a
href="https://redirect.github.com/phoenixframework/phoenix_live_reload/issues/163">#163</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/phoenix_live_reload/compare/v1.5.3...v1.6.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Our current bespoke job system, while it's worked out well so far, has
the following shortcomings:
- No retry logic
- No robust to guarantee job isolation / uniqueness without resorting to
row-level locking
- No support for cron-based scheduling
This PR adds the boilerplate required to get started with
[Oban](https://hexdocs.pm/oban/Oban.html), the job management system for
Elixir.
There was slight API change in the way LoggerJSON's configuration is
generation, so I took the time to do a little fixing and cleanup here.
Specifically, we should be using the `new/1` callback to create the
Logger config which fixes the below exception due to missing config
keys:
```
FORMATTER CRASH: {report,[{formatter_crashed,'Elixir.LoggerJSON.Formatters.GoogleCloud'},{config,[{metadata,{all_except,[socket,conn]}},{redactors,[{'Elixir.LoggerJSON.Redactors.RedactKeys',[<<"password">>,<<"secret">>,<<"nonce">>,<<"fragment">>,<<"state">>,<<"token">>,<<"public_key">>,<<"private_key">>,<<"preshared_key">>,<<"session">>,<<"sessions">>]}]}]},{log_event,#{meta => #{line => 15,pid => <0.308.0>,time => 1744145139650804,file => "lib/logger.ex",gl => <0.281.0>,domain => [elixir],application => libcluster,mfa => {'Elixir.Cluster.Logger',info,2}},msg => {string,<<"[libcluster:default] connected to :\"web@web.cluster.local\"">>},level => info}},{reason,{error,{badmatch,[{metadata,{all_except,[socket,conn]}},{redactors,[{'Elixir.LoggerJSON.Redactors.RedactKeys',[<<"password">>,<<"secret">>,<<"nonce">>,<<"fragment">>,<<"state">>,<<"token">>,<<"public_key">>,<<"private_key">>,<<"preshared_key">>,<<"session">>,<<"sessions">>]}]}]},[{'Elixir.LoggerJSON.Formatters.GoogleCloud',format,2,[{file,"lib/logger_json/formatters/google_cloud.ex"},{line,148}]}]}}]}
```
Supersedes #8714
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Why:
* The Okta IdP sync job needs to make sure it is always using the latest
access token available. If not, there is the possibility for the job to
take too long to complete and the access token that the job started with
might time out. This commit updates the Okta API client to always check
and make sure it is using the latest access token for each request to
the Okta API.
- Attaches the Sentry Logging hook in each of [api, web, domain]
- Removes errant Sentry logging configuration in config/config.exs
- Fixes the exception logger to default to logging exceptions, use
`skip_sentry: true` to skip
Tested successfully in dev. Hopefully the cluster behaves the same way.
Fixes#8639
Bumps [sentry](https://github.com/getsentry/sentry-elixir) from 10.8.1
to 10.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/releases">sentry's
releases</a>.</em></p>
<blockquote>
<h2>10.9.0</h2>
<p>This release adds a bunch of new features and fixes a few papercut
bugs.</p>
<h3>New features</h3>
<ul>
<li>Add <code>:tags_from_metadata</code> option to
<code>Sentry.LoggerHandler</code>. Use this to better structure reports
that come from logs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/840">#840</a>
by <a
href="https://github.com/icehaunter"><code>@icehaunter</code></a>).</li>
<li>Add <code>:discard_threshold</code> option to
<code>Sentry.LoggerHandler</code> to implement load shedding when the
logger gets overloaded.</li>
<li>If you want to use Elixir 1.18's new <code>JSON</code> module, now
you can (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/845">#845</a>).</li>
<li>Add <code>:in_app_otp_apps</code> configuration option. This should
replace <code>:in_app_module_allow_list</code> for most use cases,
making configuration simpler (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/854">#854</a>
by <a href="https://github.com/solnic"><code>@solnic</code></a>).</li>
<li>Add support for per-module custom options for check ins. This means
you can now configure single Oban (or Quantum) jobs with per-worker
options such as timezones and more (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/833">#833</a>
by <a
href="https://github.com/savhappy"><code>@savhappy</code></a>).</li>
<li>Add a global <code>:extra</code> config that can be set at the
<code>:sentry</code> application level (akin to <code>:tags</code>
today).</li>
<li>Improve Oban error reporting.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>We now deduplicate identical events significantly less, reducing the
risk of not reporting events that are not duplicates.</li>
<li>When dropping breadcrumbs (because of the limit being reached), we
now retain <em>newest</em> breadcrumbs instead of older ones (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/858">#858</a>
by <a
href="https://github.com/dajinchu"><code>@dajinchu</code></a>).</li>
<li>Ensure log messages are not captured with
<code>:capture_log_messages</code> is <code>false</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>
by <a
href="https://github.com/joladev"><code>@joladev</code></a>).</li>
<li>Normalize Oban exception reasons for better reports.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md">sentry's
changelog</a>.</em></p>
<blockquote>
<h2>10.9.0</h2>
<p>This release adds a bunch of new features and fixes a few papercut
bugs.</p>
<h3>New features</h3>
<ul>
<li>Add <code>:tags_from_metadata</code> option to
<code>Sentry.LoggerHandler</code>. Use this to better structure reports
that come from logs (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/840">#840</a>
by <a
href="https://github.com/icehaunter"><code>@icehaunter</code></a>).</li>
<li>Add <code>:discard_threshold</code> option to
<code>Sentry.LoggerHandler</code> to implement load shedding when the
logger gets overloaded.</li>
<li>If you want to use Elixir 1.18's new <code>JSON</code> module, now
you can (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/845">#845</a>).</li>
<li>Add <code>:in_app_otp_apps</code> configuration option. This should
replace <code>:in_app_module_allow_list</code> for most use cases,
making configuration simpler (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/854">#854</a>
by <a href="https://github.com/solnic"><code>@solnic</code></a>).</li>
<li>Add support for per-module custom options for check ins. This means
you can now configure single Oban (or Quantum) jobs with per-worker
options such as timezones and more (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/833">#833</a>
by <a
href="https://github.com/savhappy"><code>@savhappy</code></a>).</li>
<li>Add a global <code>:extra</code> config that can be set at the
<code>:sentry</code> application level (akin to <code>:tags</code>
today).</li>
<li>Improve Oban error reporting.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>We now deduplicate identical events significantly less, reducing the
risk of not reporting events that are not duplicates.</li>
<li>When dropping breadcrumbs (because of the limit being reached), we
now retain <em>newest</em> breadcrumbs instead of older ones (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/858">#858</a>
by <a
href="https://github.com/dajinchu"><code>@dajinchu</code></a>).</li>
<li>Ensure log messages are not captured with
<code>:capture_log_messages</code> is <code>false</code> (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>
by <a
href="https://github.com/joladev"><code>@joladev</code></a>).</li>
<li>Normalize Oban exception reasons for better reports.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0711b48533"><code>0711b48</code></a>
release: 10.9.0</li>
<li><a
href="b770388e72"><code>b770388</code></a>
Normalize Oban exception reasons for better reports (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/878">#878</a>)</li>
<li><a
href="5f6a0c9986"><code>5f6a0c9</code></a>
Strengthen a flaky test (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/873">#873</a>)</li>
<li><a
href="759ed98259"><code>759ed98</code></a>
Improve Oban error reporting (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/872">#872</a>)</li>
<li><a
href="df0079f1b5"><code>df0079f</code></a>
Remove extra inspect/1 for Oban errors fingerprints (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/869">#869</a>)</li>
<li><a
href="1b20581634"><code>1b20581</code></a>
Fix invalid JSON in :message (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/867">#867</a>)</li>
<li><a
href="16229ef912"><code>16229ef</code></a>
Add global :extra config (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/866">#866</a>)</li>
<li><a
href="07d0d19752"><code>07d0d19</code></a>
Ensure log messages are not captured with capture_log_messages false (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/865">#865</a>)</li>
<li><a
href="48271100e4"><code>4827110</code></a>
Add timezone to Oban Integration (<a
href="https://redirect.github.com/getsentry/sentry-elixir/issues/862">#862</a>)</li>
<li><a
href="3b3ff64280"><code>3b3ff64</code></a>
Retain newest breadcrumbs (instead of oldest)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-elixir/compare/10.8.1...10.9.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tailwind](https://github.com/phoenixframework/tailwind) from
0.2.4 to 0.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/tailwind/blob/main/CHANGELOG.md">tailwind's
changelog</a>.</em></p>
<blockquote>
<h2>v0.3.1 (2025-02-28)</h2>
<ul>
<li>Support correct target for Linux MUSL with Tailwind v3.</li>
</ul>
<h2>v0.3.0 (2025-02-26)</h2>
<ul>
<li>Support Tailwind v4+. This release assumes Tailwind v4 for new
projects.</li>
</ul>
<p>Note: v0.3.0 dropped target code for handling Linux MUSL with
Tailwind v3. Use v0.3.1+ instead.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dec852e08d"><code>dec852e</code></a>
release v0.3.1</li>
<li><a
href="2bc2fdff38"><code>2bc2fdf</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/115">#115</a>
from phoenixframework/sd-musl-target-v3v4</li>
<li><a
href="c0006e254b"><code>c0006e2</code></a>
Support Linux MUSL v3 and v4</li>
<li><a
href="08629c84b8"><code>08629c8</code></a>
release v0.3.0</li>
<li><a
href="8b3247daad"><code>8b3247d</code></a>
Merge branch 'next'</li>
<li><a
href="7e1f93b284"><code>7e1f93b</code></a>
use Tailwind 4.0.9 as latest</li>
<li><a
href="44ac9014f0"><code>44ac901</code></a>
don't mention 0.3 or Tailwind v4 in README yet</li>
<li><a
href="8ad425c2da"><code>8ad425c</code></a>
Pass url as a string into fetch_body! as URI.parse would not succeed
with a c...</li>
<li><a
href="6f45cae55d"><code>6f45cae</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/97">#97</a>
from arcanemachine/main</li>
<li><a
href="22788850d2"><code>2278885</code></a>
Merge pull request <a
href="https://redirect.github.com/phoenixframework/tailwind/issues/110">#110</a>
from phoenixframework/sd-tailwind3to4</li>
<li>Additional commits viewable in <a
href="https://github.com/phoenixframework/tailwind/compare/v0.2.4...v0.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [bandit](https://github.com/mtrudel/bandit) from 1.6.10 to 1.6.11.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md">bandit's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.11 (31 Mar 2025)</h2>
<h3>Changes</h3>
<ul>
<li>Ensure that HTTP/1 request headers are sent to the Plug in the order
they're
sent (<a
href="https://redirect.github.com/mtrudel/bandit/issues/482">#482</a>)</li>
<li>Do not populate the <code>cookies</code> header with an empty string
if no cookies were
sent in HTTP/2 (<a
href="https://redirect.github.com/mtrudel/bandit/issues/483">#483</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3b8b1a40fb"><code>3b8b1a4</code></a>
Version bump to 1.6.11</li>
<li><a
href="5b5839234a"><code>5b58392</code></a>
Order headers (<a
href="https://redirect.github.com/mtrudel/bandit/issues/483">#483</a>)</li>
<li>See full diff in <a
href="https://github.com/mtrudel/bandit/compare/1.6.10...1.6.11">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
