mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 02:18:47 +00:00
36923e793495003d6b1195f263d3da62f0781e64
8497 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Thomas Eizinger
|
36923e7934 |
chore: specify more paths in .prettierignore (#10933)
Prettier is a tool with questionable defaults and performance. Not only is it slow to format files, but it also doesn't respect nested `.gitignore` or `.prettierignore` files. This means we need to specify all paths that it should not touch in the top-level .`prettierignore` to get even close to acceptable performance. Even with these optimisations, it still takes around 8 seconds to format our workspace. |
||
|
Thomas Eizinger
|
16a7284bab |
test: assert at least 1 non-standard source port after roam (#10940)
The current assertion is not robust enough as we can see from the test failure in https://github.com/firezone/firezone/actions/runs/19619954030/job/56178969296?pr=10931. Another way of asserting that we have roamed is to check whether or not we are using a non-standard source port. The NAT binding for the old source port is still active after roaming and therefore, the NAT has to assign a new source port to the traffic arriving from the client. |
||
|
Thomas Eizinger
|
6d01fa6c70 |
ci: run more Rust tests on all platforms (#10927)
Running only the unit-tests of select crates on some platforms is problematic. We are unlikely to update this list of crates as we introduce new ones. It is a better default to run the tests of all crates on all platforms and selectively exclude the ones that can't run because they are unsupported. |
||
|
Thomas Eizinger
|
d70d6168e2 |
fix(connlib): use correct host for OpenDNS DoH URL (#10934)
Fixes a small typo in the hard-coded host of the OpenDNS DoH URL. |
||
|
Thomas Eizinger
|
7c2c78f68c | chore(connlib): improve formatting of wire::dns TRACE logs (#10935) | ||
|
Thomas Eizinger
|
4d95b813bd |
ci(apt): import packages one by one (#10938)
When importing packages into the APT repository, we need to do so one-by-one. Moving packages using a glob-pattern confuses the CLI because it wants to overwrite files it just created. Current main: https://github.com/firezone/firezone/actions/runs/19619491316/job/56177170625 This PR: https://github.com/firezone/firezone/actions/runs/19619725967/job/56177805109 |
||
|
dependabot[bot]
|
658eea900e |
build(deps): bump asciinema-player from 3.10.0 to 3.12.1 in /website (#10943)
Bumps [asciinema-player](https://github.com/asciinema/asciinema-player) from 3.10.0 to 3.12.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/asciinema/asciinema-player/releases">asciinema-player's releases</a>.</em></p> <blockquote> <h2>3.12.1</h2> <p>This version includes additional fix for seeking past the end of recording and restarting the playback.</p> <h2>3.12.0</h2> <p>Notable changes:</p> <ul> <li>Live audio stream support for WebSocket sources (see below)</li> <li>Improved adaptive buffer algorithm for WebSocket sources (see below)</li> <li>Fixed keyboard shortcuts issue (stopped working) caused by the new mute/unmute icon</li> <li>Fixed seeking after playback ended (<a href="https://redirect.github.com/asciinema/asciinema-player/issues/282">#282</a>)</li> </ul> <h2>Live audio playback</h2> <p>The <code>audioUrl</code> option, introduced in v3.11, can now also be used with live (WebSocket) sources:</p> <pre lang="javascript"><code>AsciinemaPlayer.create("ws://example.com/ws/stream", document.getElementById("demo"), { audioUrl: "http://example.com/icecast/stream.ogg" }); </code></pre> <p>The URL should be a live audio source - either a direct HTTP audio stream (.mp3, .aac, .ogg, etc) such as Icecast/Shoutcast endpoint, or HLS playlist (.m3u8).</p> <p>Note that it's not recommended to use <code>autoplay: true</code> option together with <code>audioUrl</code> - browsers often require explicit user activity (click, tap) to enable sound, which in the player's case would be starting the playback by clicking on the play button. Without user click the <code>autoplay</code> will start the playback but the sound likely won't be there.</p> <p>Also, for the audio playback to work a server that handles the audio URL (e.g. Icecast) must be configured to allow CORS requests from the page (URL) that hosts the player.</p> <h2>New adaptive buffering</h2> <p>The WebSocket driver uses adaptive buffer (expressed in time) to ensure smooth, stutter free playback of live sessions with minimal latency.</p> <p>The previous algorithm used a moving average over a sliding window of N recent latencies. It did ok-ish job, but given the sparse nature of the event stream (no constant rate) it turned out to be not ideal. Here's how it performed. Red dots are measured latencies, green line is effective buffer time:</p> <!-- raw HTML omitted --> <p>The new algorithm uses time based EMA (exponential moving average), which is much more relevant for sparse events, resulting in more stable and overall lower buffer size when applied to a wide spectrum of terminal activities (here applied to the same input latencies as the one above):</p> <!-- raw HTML omitted --> <h2>3.11.1</h2> <p>This release brings additional fixes for audio loading in Safari.</p> <h2>3.11.0</h2> <p>Notable changes:</p> <ul> <li>Synced audio playback (see below)</li> <li>JS bundle size reduced by 43 KB (202 KB -> 159 KB) - it's now 78% of the previous release (v3.10) size</li> <li>WebSocket driver now uses jitter for exponential backoff calculation when reconnecting</li> <li>WebSocket driver can play live sessions encoded in <a href="https://docs.asciinema.org/manual/server/streaming/#asciicast-v3">asciicast v3 compatible</a> format</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
001cedd844 |
build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#10950)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README.md by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v5.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/734">actions/upload-artifact#734</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v5.0.0">https://github.com/actions/upload-artifact/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
dcad1c5bd7 |
build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 (#10951)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5.0.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README for download-artifact v5 changes by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/417">actions/download-artifact#417</a></li> <li>Update README with artifact extraction details by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/424">actions/download-artifact#424</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v6.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/438">actions/download-artifact#438</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v5...v6.0.0">https://github.com/actions/download-artifact/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
8539f2ff2c |
refactor(gateway): update flow-logs fields in subject (#10939)
Resolves: #10928 |
||
|
dependabot[bot]
|
4b68cdb98a |
build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 in /.github/actions/setup-node (#10952)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5.0.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-node/releases">actions/setup-node's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>Breaking Changes</strong></p> <ul> <li>Limit automatic caching to npm, update workflows and documentation by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1374">actions/setup-node#1374</a></li> </ul> <p><strong>Dependency Upgrades</strong></p> <ul> <li>Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1336">#1336</a></li> <li>Upgrade prettier from 2.8.8 to 3.6.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1334">#1334</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1362">#1362</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-node/compare/v5...v6.0.0">https://github.com/actions/setup-node/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
0c5ca66f57 |
fix(connlib): override query ID of DoH response (#10931)
As per the RFC, queries to DoH servers should always set their query ID to 0. This is more cache-friendly because two queries for the same domain end up being byte-for-byte equivalent in the HTTP request. When transported over HTTP, the query ID is obsolete because the response can be unambiguously mapped back to the request already. Connlib's DoH feature zeros out the query ID in the IO layer. To correctly test this functionality, we therefore extend the test-suite to do the same and restore the original query ID before sending back the response on the original transport. This fixes a bug where all DNS queries that were forwarded to a DoH server incorrectly had their query ID set to 0. |
||
|
Thomas Eizinger
|
8b16aaa546 |
ci: install dotnet v10 (#10937)
A new version of the `AzureSignTool` appears to require a dotnet version that is not yet installed on the GitHub runners. Ideally we would be managing this via `.tool-versions` but that needs a bit more work, see the CI failures in #10936. |
||
|
Thomas Eizinger
|
5b8343c766 |
fix(website): remove unnecessary newlines from devlog post (#10932)
This fixes CI failures introduced in #10930. |
||
|
Jamil
|
7a81287245 |
feat(website): oct 2025 devlog (#10930)
Adds the October 2025 devlog entry to the blog. |
||
|
Jamil
|
5fe6680256 |
chore(website): add nodejs to .tool-versions (#10929)
Need this for website. Also bumps pnpm to latest. |
||
|
Thomas Eizinger
|
fb418e51b3 |
chore: track pnpm and prettier in .tool-versions (#10926)
|
||
|
Thomas Eizinger
|
bce2aa30b5 |
feat(portal): extend DNS settings to allow for DoH providers (#10882)
In order to allow customers to make use of connlib's DoH functionality, we need a configuration UI for it. We take inspiration from the "New Resource" page and implement a 3-choice UI component for configuring how Clients should resolve DNS queries: - System - Secure DNS - Custom The secure and custom DNS options show an additional form when selected for either picking a DoH provider or the addresses of the custom DNS servers. Right now, the "Secure DNS" part is disabled if the `DISABLE_DOH_PROVIDER` env variable is set. We render a "Coming soon" tooltip on hover: <img width="1534" height="1100" alt="image" src="https://github.com/user-attachments/assets/a12a6ba4-806f-4d19-8aea-5c1cd981d609" /> This allows us to test this in staging and still ship to production if needed prior to enabling it. Resolves: #10792 Resolves: #10786 --------- Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
aab779e68b |
fix(connlib): signal all local candidates on upsert (#10920)
Firezone's UDP connections are designed to be idempotent. If a Client discards its "half" of the connection but the Gateway still keeps the state around, a subsequent connection setup by the Client will reuse connection state on the Gateway. To fully support this, `snownet` re-sends all its local candidates to the remote peer whenever a connection gets upserted. The current `seed_agent_with_local_candidates` function attempts to do this job but its design overlooked a crucial detail: Re-adding a candidate that the `IceAgent` already knows about is considered to be redundant. As such, the candidate is not re-signalled to the remote! The real-world consequences for this are subtle. `str0m`'s support for peer-reflexive candidate means that incoming STUN binding requests are still answered, even if they come from an address that the agent doesn't know anything about, i.e. it has never been told about that candidate. Thus, what happens right now is that when a Client re-creates a connection that is still present on the Gateway, it will start receiving STUN binding requests for candidates it doesn't know about and create peer-reflexive candidates for them. Where this does show up is in our test-suite which has fairly strict timing constraints. When we simulate the re-deploy of relays, we expect connections to be migrated to a new relay immediately. To support this, the current relay candidates are invalidated on both sides. This however only works if the current candidate is correctly recognised by the local ICE agent. Peer-reflexive candidates are created on-demand and typically only serve a placeholder-like role until we learn about the real candidate that is being used. Due to the above described behaviour of `seed_agent_with_local_candidates`, this however may not happen at all. As a result, attempting to invalidate a relay candidate fails because we don't recognise the relay candidate as we only have a peer-reflexive one. Putting all of this together, whilst not re-sending all candidates doesn't cause immediate issues for a connection, it may cause problems at a later point when we are trying to invalidate a currently active candidate to achieve a speedy failover to a new one. |
||
|
Thomas Eizinger
|
ef24617e2c | docs: add changelog entry for #10914 (#10925) | ||
|
Thomas Eizinger
|
62a39a81d0 |
fix(connlib): index tunnelled DNS queries by source socket (#10914)
It appears that several systems (at least MacOS) may send DNS queries to the same server with the same query ID but from different source sockets. Within connlib, we operate multiple DNS servers (one for each upstream) and use the tuple of server address and query ID to remember the necessary state we need to map the response back once we have the response from the upstream server. Given the discovery that this tuple is not necessarily unique, we now need to also track the source socket that _we_ are using to send our queries in order to correctly remember, which socket we need to send the response back to. For that, we extend the layer 3 UDP and TCP clients to return us the socket they are using for each query that we queue. In very specific circumstances, this can still fail. In particular, when connlib receives an SRV or TXT query for a resource, it resolves that query in the context of the resource's site by sending it to port 53535 of the Gateway's TUN device. The Gateway listens to DNS queries on this port and resolves them using its configured system resolvers. It however only listens on a single address, meaning we may be forwarding queries from several of connlib's "servers" to a single query which again may break the uniqueness constraint if two queries with the same ID are received at the same time because we would reuse the TCP connection to the resolver running in the Gateway and thus send them from the same source port. We consider this case to be sufficiently rare and handle it by just failing the 2nd DNS query. There may be ways of resolving it but it requires a bigger refactoring of how we establish TCP connections to upstream resolvers. |
||
|
Thomas Eizinger
|
199766ccf9 |
ci(rust): improve proptest coverage checks (#10918)
The current coverage checks for paths that we hit during our proptests fail as soon as one of them is not satisfied. When iterating on the proptests, it is useful to see in one go, which paths are currently not hit to generate the missing regression seeds. Hence, we refactor the script to perform all checks and fail if any of them are not hit, outputting all missing ones. |
||
|
Thomas Eizinger
|
32df4b399a |
chore: modularize .tool-versions (#10919)
Not all tools are needed for all parts of the codebase. In order to avoid installing all tools, we create nested `.tool-versions` files that list the specific dev-tools needed for a certain part of the product. |
||
|
Mariusz Klochowicz
|
528db7d9c5 |
fix(apple): Prevent Swift6 crash on iPadOS (#10916)
UserDefaults change notifications should always be handled on the main thread. This wasn't the case when PencilKit posted UserDefaults notifications from a background thread during its initialization on iPadOS, causing a Swift 6 MainActor violation crash. Ultimately, the root cause of this issue was not abiding to strict Swift6 concurrency checks by using unsafe code: even when the UserDefaults themselves were `nonisolated(unsafe)` and bypassed the checks, it was not the case for Apple PencilKit framework ultimately initialised in wrong context. Note: There are a few ways to fix, we're settling on Combine pattern as it's used elsewhere in the codebase (e.g. in Store). For other solutions, see: https://stackoverflow.com/questions/74729010/swift-concurrency-notification-callbacks-on-mainactor-objects |
||
|
Thomas Eizinger
|
ffce55376f |
chore(connlib): add time-related tests to l3-udp-dns-client (#10913)
This module didn't have any tests yet so I generated some with Claude and trimmed them down to a meaningful set. |
||
|
Thomas Eizinger
|
aa4a08889b |
test(connlib): set TCP connections as connected after roaming (#10910)
TCP connections have a keep-alive mechanism and therefore will automatically trigger a new connection to a resource after roaming. We need to model this in our tests by setting the resource as connected whenever we reset the network state. |
||
|
Thomas Eizinger
|
ea5e734254 |
test(connlib): fix off-by-1 second error in NAT table test (#10912)
A CI failure uncovered that we have an off-by-1 second error in our NAT table test. The mapping only expires after the last packet seen + the protocol TTL, not after the first sent one + protocol TTL. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Thomas Eizinger
|
01e16e87d6 |
feat(connlib): support DoH (#10876)
Building on top of a series of refactors and smaller features, this PR enables connlib to send DNS queries over HTTPS to one or more configured DoH providers. A DoH server itself is addressed via a domain which first needs to be resolved before it can be contacted. The RFC recommends to perform this bootstrapping using the system DNS resolvers. For connlib, this is a bit tricky because the system resolvers may already be set to connlib's sentinel servers by the time we need to bootstrap the DoH clients. Therefore, we maintain a dedicated UDP DNS client inside connlib's `Io` component which is always configured with the latest system DNS resolvers known to connlib. The actual bootstrapping of a DoH client happens in the following cases: 1. Our TUN device configuration changes and the configured DNS servers mapping contains DoH upstreams. 2. We need to make a DNS query to a DoH server but don't have a client yet. The first case ensures we bootstrap the DoH clients as early as possible. The latter case ensures we have a self-healing behaviour in case the TCP connection to the DoH server breaks (in which case the DoH client will be de-allocated). Once the DoH client is initialized, making queries with it is a trivial act of sending an HTTP request and parsing the HTTP response. Within connlib, this now requires almost no special handling apart from a new `dns::Upstream` type that differentiates between Do53 servers (addressed by a `SocketAddr`) and DoH servers (addressed by a `Url`). Related: #10764 Related: #10788 Related: #10850 Related: #10851 Related: #10856 Related: #10857 Related: #10871 Related: #10872 Related: #10875 Related: #10881 Resolves: #10790 |
||
|
Thomas Eizinger
|
9b0ae92b29 |
feat(gateway): extend ICE timeout (#10887)
Currently, a `snownet` Client and Server always have the same ICE timeout configuration. This doesn't necessarily have to be the case. A Gateway cannot establish connections to a Client anyway and thus, we can have much laxer requirements on when we detect that a Client has disappeared (without saying "goodbye"). Extending the idle and default ICE timeout values should hopefully reduce the number of false-positive disconnects that users may experience where a Gateway cuts a connection because it believes the Client is gone when in reality, perhaps a few STUN packets just got lost or backed up. Changing the ICE timeout exposes a few corner-cases in how we track and use time within `snownet`. In particular, it is now obviously possible for a Gateway to still retain the connection state of a Client whilst the Client has long disconnected but now reconnects using the same ICE credentials and private key. Our proptests uncovered some state misalignment in that scenario due to some remaining time impurity within `boringtun` (see https://github.com/firezone/boringtun/pull/126 for details). In addition, our idle state transitions needed to be updated to also take into account candidate changes on both sides in order to achieve a deterministic outcome. |
||
|
Thomas Eizinger
|
ccee476daa |
fix(snownet): allow direct connections on port 3478 (#10907)
When a NAT between the Client and Gateway remaps the source port to 3478, it is tricky to de-multiplex that p2p traffic from the packets we receive from a relay. Currently, we handle this edge-case by dropping these packets which effectively forces a fallback to a relayed connection. Remapping onto exactly this port is likely to be quite rare in practice which is why this behaviour was implemented in the first place. We can however do better than that by remembering, which relays we have previously been connected to. That is because the problem with traffic on port 3478 isn't so much the correct handling in case it _is_ p2p traffic: We can simply check whether the IP is one of the relays we are connected to. The problem is the mis-classification as p2p traffic in case they are packets from a relay that we have disconnected from, causing a log-spam of "unknown packet". To gracefully handle this, we now remember up to 64 relay IPs that we have been connected to in the past. This ensures we can correctly classify traffic from previous relays as such and drop the packet whilst at the same time continuing processing of packets from unknown origins which likely then is p2p traffic. The effect of this is that we can now establish direct connections to peers, even if a NAT inbetween remaps their source port to 3478. To make this fix easier, we precede it with a refactoring of introducing an `Allocations` container for the map of `Allocations`. This allows us to easily track, when we remove a value from the map and then remember the relay's IPs. This came up as part of test failures in #10887. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Thomas Eizinger
|
35b28692de |
feat(gateway): improve state tracking of DNS resource NAT (#10868)
Right now, the state tracking within the DNS resource NAT table is pretty simple: - We map from inside to outside and back - When we see a TCP RST, we remove it immediately To improve our logs a bit and make the NAT table more robust, we extend it by: - Tracking last inbound and outbound packet - Tracking FIN and RST flags This allows us to fully observe e.g. a TCP shutdown where both parties send TCP FIN. It also allows us to remove entries that have never been confirmed after a shorter amount of time. Resolves: #10795 --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Mariusz Klochowicz
|
f735855344 |
fix(apple): Restore favorites UI updates on iOS (#10908)
Recent refactors uncovered a latent bug where we never properly subscribed to favorites updates. The underlying data was being saved correctly to UserDefaults, but the view wouldn't redraw to reflect the change. The fix forwards Favourites.objectWillChange to Store.objectWillChange, matching the existing pattern for configuration changes and the pattern used by MenuBar on macOS. Relevant information: - Favourites is a nested ObservableObject inside Store - SwiftUI views observe Store via @EnvironmentObject - Nested ObservableObject changes don't automatically propagate through @Published properties Fixes #10906 |
||
|
dependabot[bot]
|
28f0dac50a |
build(deps): bump the react group in /rust/gui-client with 5 updates (#10833)
Bumps the react group in /rust/gui-client with 5 updates: | Package | From | To | | --- | --- | --- | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.1.1` | `19.2.0` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.1.15` | `19.2.2` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.1.1` | `19.2.0` | | [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `19.1.9` | `19.2.1` | | [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.9.3` | `7.9.4` | Updates `react` from 19.1.1 to 19.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>19.2.0 (Oct 1, 2025)</h2> <p>Below is a list of all new features, APIs, and bug fixes.</p> <p>Read the <a href="https://react.dev/blog/2025/10/01/react-19-2">React 19.2 release post</a> for more information.</p> <h2>New React Features</h2> <ul> <li><a href="https://react.dev/reference/react/Activity"><code><Activity></code></a>: A new API to hide and restore the UI and internal state of its children.</li> <li><a href="https://react.dev/reference/react/useEffectEvent"><code>useEffectEvent</code></a> is a React Hook that lets you extract non-reactive logic into an <a href="https://react.dev/learn/separating-events-from-effects#declaring-an-effect-event">Effect Event</a>.</li> <li><a href="https://react.dev/reference/react/cacheSignal"><code>cacheSignal</code></a> (for RSCs) lets your know when the <code>cache()</code> lifetime is over.</li> <li><a href="https://react.dev/reference/developer-tooling/react-performance-tracks">React Performance tracks</a> appear on the Performance panel’s timeline in your browser developer tools</li> </ul> <h2>New React DOM Features</h2> <ul> <li>Added resume APIs for partial pre-rendering with Web Streams: <ul> <li><a href="https://react.dev/reference/react-dom/server/resume"><code>resume</code></a>: to resume a prerender to a stream.</li> <li><a href="https://react.dev/reference/react-dom/static/resumeAndPrerender"><code>resumeAndPrerender</code></a>: to resume a prerender to HTML.</li> </ul> </li> <li>Added resume APIs for partial pre-rendering with Node Streams: <ul> <li><a href="https://react.dev/reference/react-dom/server/resumeToPipeableStream"><code>resumeToPipeableStream</code></a>: to resume a prerender to a stream.</li> <li><a href="https://react.dev/reference/react-dom/static/resumeAndPrerenderToNodeStream"><code>resumeAndPrerenderToNodeStream</code></a>: to resume a prerender to HTML.</li> </ul> </li> <li>Updated <a href="https://react.dev/reference/react-dom/static/prerender"><code>prerender</code></a> APIs to return a <code>postponed</code> state that can be passed to the <code>resume</code> APIs.</li> </ul> <h2>Notable changes</h2> <ul> <li>React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <code><ViewTransition></code> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.</li> <li>Add Node Web Streams (<code>prerender</code>, <code>renderToReadableStream</code>) to server-side-rendering APIs for Node.js</li> <li>Use underscore instead of <code>:</code> IDs generated by useId</li> </ul> <h2>All Changes</h2> <h3>React</h3> <ul> <li><code><Activity /></code> was developed over many years, starting before <code>ClassComponent.setState</code> (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> and many others)</li> <li>Stringify context as "SomeContext" instead of "SomeContext.Provider" (<a href="https://github.com/kassens"><code>@kassens</code></a> <a href="https://redirect.github.com/facebook/react/pull/33507">#33507</a>)</li> <li>Include stack of cause of React instrumentation errors with <code>%o</code> placeholder (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a> <a href="https://redirect.github.com/facebook/react/pull/34198">#34198</a>)</li> <li>Fix infinite <code>useDeferredValue</code> loop in popstate event (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://redirect.github.com/facebook/react/pull/32821">#32821</a>)</li> <li>Fix a bug when an initial value was passed to <code>useDeferredValue</code> (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://redirect.github.com/facebook/react/pull/34376">#34376</a>)</li> <li>Fix a crash when submitting forms with Client Actions (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33055">#33055</a>)</li> <li>Hide/unhide the content of dehydrated suspense boundaries if they resuspend (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/32900">#32900</a>)</li> <li>Avoid stack overflow on wide trees during Hot Reload (<a href="https://github.com/sophiebits"><code>@sophiebits</code></a> <a href="https://redirect.github.com/facebook/react/pull/34145">#34145</a>)</li> <li>Improve Owner and Component stacks in various places (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a>, <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>: <a href="https://redirect.github.com/facebook/react/pull/33629">#33629</a>, <a href="https://redirect.github.com/facebook/react/pull/33724">#33724</a>, <a href="https://redirect.github.com/facebook/react/pull/32735">#32735</a>, <a href="https://redirect.github.com/facebook/react/pull/33723">#33723</a>)</li> <li>Add <code>cacheSignal</code> (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33557">#33557</a>)</li> </ul> <h3>React DOM</h3> <ul> <li>Block on Suspensey Fonts during reveal of server-side-rendered content (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33342">#33342</a>)</li> <li>Use underscore instead of <code>:</code> for IDs generated by <code>useId</code> (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a>, <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>: <a href="https://redirect.github.com/facebook/react/pull/32001">#32001</a>, <a href="https://redirect.github.com/facebook/react/pull/33342">facebook/react#33342</a><a href="https://redirect.github.com/facebook/react/pull/33099">#33099</a>, <a href="https://redirect.github.com/facebook/react/pull/33422">#33422</a>)</li> <li>Stop warning when ARIA 1.3 attributes are used (<a href="https://github.com/Abdul-Omira"><code>@Abdul-Omira</code></a> <a href="https://redirect.github.com/facebook/react/pull/34264">#34264</a>)</li> <li>Allow <code>nonce</code> to be used on hoistable styles (<a href="https://github.com/Andarist"><code>@Andarist</code></a> <a href="https://redirect.github.com/facebook/react/pull/32461">#32461</a>)</li> <li>Warn for using a React owned node as a Container if it also has text content (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/32774">#32774</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react's changelog</a>.</em></p> <blockquote> <h2>19.2.0 (October 1st, 2025)</h2> <p>Below is a list of all new features, APIs, and bug fixes.</p> <p>Read the <a href="https://react.dev/blog/2025/10/01/react-19-2">React 19.2 release post</a> for more information.</p> <h3>New React Features</h3> <ul> <li><a href="https://react.dev/reference/react/Activity"><code><Activity></code></a>: A new API to hide and restore the UI and internal state of its children.</li> <li><a href="https://react.dev/reference/react/useEffectEvent"><code>useEffectEvent</code></a> is a React Hook that lets you extract non-reactive logic into an <a href="https://react.dev/learn/separating-events-from-effects#declaring-an-effect-event">Effect Event</a>.</li> <li><a href="https://react.dev/reference/react/cacheSignal"><code>cacheSignal</code></a> (for RSCs) lets your know when the <code>cache()</code> lifetime is over.</li> <li><a href="https://react.dev/reference/dev-tools/react-performance-tracks">React Performance tracks</a> appear on the Performance panel’s timeline in your browser developer tools</li> </ul> <h3>New React DOM Features</h3> <ul> <li>Added resume APIs for partial pre-rendering with Web Streams: <ul> <li><a href="https://react.dev/reference/react-dom/server/resume"><code>resume</code></a>: to resume a prerender to a stream.</li> <li><a href="https://react.dev/reference/react-dom/static/resumeAndPrerender"><code>resumeAndPrerender</code></a>: to resume a prerender to HTML.</li> </ul> </li> <li>Added resume APIs for partial pre-rendering with Node Streams: <ul> <li><a href="https://react.dev/reference/react-dom/server/resumeToPipeableStream"><code>resumeToPipeableStream</code></a>: to resume a prerender to a stream.</li> <li><a href="https://react.dev/reference/react-dom/static/resumeAndPrerenderToNodeStream"><code>resumeAndPrerenderToNodeStream</code></a>: to resume a prerender to HTML.</li> </ul> </li> <li>Updated <a href="https://react.dev/reference/react-dom/static/prerender"><code>prerender</code></a> APIs to return a <code>postponed</code> state that can be passed to the <code>resume</code> APIs.</li> </ul> <h3>Notable changes</h3> <ul> <li>React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <code><ViewTransition></code> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.</li> <li>Add Node Web Streams (<code>prerender</code>, <code>renderToReadableStream</code>) to server-side-rendering APIs for Node.js</li> <li>Use underscore instead of <code>:</code> IDs generated by useId</li> </ul> <h3>All Changes</h3> <h4>React</h4> <ul> <li><code><Activity /></code> was developed over many years, starting before <code>ClassComponent.setState</code> (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> and many others)</li> <li>Stringify context as "SomeContext" instead of "SomeContext.Provider" (<a href="https://github.com/kassens"><code>@kassens</code></a> <a href="https://redirect.github.com/facebook/react/pull/33507">#33507</a>)</li> <li>Include stack of cause of React instrumentation errors with <code>%o</code> placeholder (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a> <a href="https://redirect.github.com/facebook/react/pull/34198">#34198</a>)</li> <li>Fix infinite <code>useDeferredValue</code> loop in popstate event (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://redirect.github.com/facebook/react/pull/32821">#32821</a>)</li> <li>Fix a bug when an initial value was passed to <code>useDeferredValue</code> (<a href="https://github.com/acdlite"><code>@acdlite</code></a> <a href="https://redirect.github.com/facebook/react/pull/34376">#34376</a>)</li> <li>Fix a crash when submitting forms with Client Actions (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33055">#33055</a>)</li> <li>Hide/unhide the content of dehydrated suspense boundaries if they resuspend (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/32900">#32900</a>)</li> <li>Avoid stack overflow on wide trees during Hot Reload (<a href="https://github.com/sophiebits"><code>@sophiebits</code></a> <a href="https://redirect.github.com/facebook/react/pull/34145">#34145</a>)</li> <li>Improve Owner and Component stacks in various places (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a>, <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>: <a href="https://redirect.github.com/facebook/react/pull/33629">#33629</a>, <a href="https://redirect.github.com/facebook/react/pull/33724">#33724</a>, <a href="https://redirect.github.com/facebook/react/pull/32735">#32735</a>, <a href="https://redirect.github.com/facebook/react/pull/33723">#33723</a>)</li> <li>Add <code>cacheSignal</code> (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33557">#33557</a>)</li> </ul> <h4>React DOM</h4> <ul> <li>Block on Suspensey Fonts during reveal of server-side-rendered content (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a> <a href="https://redirect.github.com/facebook/react/pull/33342">#33342</a>)</li> <li>Use underscore instead of <code>:</code> for IDs generated by <code>useId</code> (<a href="https://github.com/sebmarkbage"><code>@sebmarkbage</code></a>, <a href="https://github.com/eps1lon"><code>@eps1lon</code></a>: <a href="https://redirect.github.com/facebook/react/pull/32001">#32001</a>, <a href="https://redirect.github.com/facebook/react/pull/33342">facebook/react#33342</a><a href="https://redirect.github.com/facebook/react/pull/33099">#33099</a>, <a href="https://redirect.github.com/facebook/react/pull/33422">#33422</a>)</li> <li>Stop warning when ARIA 1.3 attributes are used (<a href="https://github.com/Abdul-Omira"><code>@Abdul-Omira</code></a> <a href="https://redirect.github.com/facebook/react/pull/34264">#34264</a>)</li> <li>Allow <code>nonce</code> to be used on hoistable styles (<a href="https://github.com/Andarist"><code>@Andarist</code></a> <a href="https://redirect.github.com/facebook/react/pull/32461">#32461</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f25195f6cf |
build(deps): bump roxmltree from 0.20.0 to 0.21.1 in /rust (#10827)
Bumps [roxmltree](https://github.com/RazrFalcon/roxmltree) from 0.20.0 to 0.21.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/RazrFalcon/roxmltree/blob/master/CHANGELOG.md">roxmltree's changelog</a>.</em></p> <blockquote> <h2>[0.21.1] - 2025-10-09</h2> <h3>Fixed</h3> <ul> <li>Remove implict <code>'static</code> lifetime bound on <code>EntityResolver</code> dyn trait type alias.</li> <li>Upgrade <code>EntityResolver</code> dyn trait type alias from <code>FnMut</code> to <code>Fn</code> to resolve lifetime issues.</li> </ul> <h2>[0.21.0] - 2025-10-04</h2> <h3>Added</h3> <ul> <li><code>ParsingOptions::entity_resolver</code> can be used to resolve external entities referenced via public ID and URI.</li> </ul> <h3>Changed</h3> <ul> <li><code>Node::has_attribute</code>, <code>Node::attribute</code> and <code>Node::attribute_node</code> match local names similar to how <code>Node::has_tag_name</code> works.</li> <li>Various internal performance improvements, e.g. devirtualization of token dispatch and usage of <code>memchr</code> for finding delimiters.</li> </ul> <h3>Fixed</h3> <ul> <li>Possible panic when entity resolution yields unbalanced tags.</li> <li>Quadratic runtime when merging consecutive text nodes.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
934477d1f5 |
build(deps): bump the sentry group in /rust with 2 updates (#10825)
Bumps the sentry group in /rust with 2 updates: [sentry](https://github.com/getsentry/sentry-rust) and [sentry-tracing](https://github.com/getsentry/sentry-rust). Updates `sentry` from 0.43.0 to 0.45.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR => LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec<sentry::integrations::log::RecordMapping></code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR => LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec<sentry::integrations::log::RecordMapping></code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f24c18d6f1 |
build(deps): bump the navigation group in /kotlin/android with 4 updates (#10839)
Bumps the navigation group in /kotlin/android with 4 updates: androidx.navigation:navigation-safe-args-gradle-plugin, androidx.navigation:navigation-fragment-ktx, androidx.navigation:navigation-ui-ktx and androidx.navigation:navigation-testing. Updates `androidx.navigation:navigation-safe-args-gradle-plugin` from 2.9.5 to 2.9.6 Updates `androidx.navigation:navigation-fragment-ktx` from 2.9.5 to 2.9.6 Updates `androidx.navigation:navigation-ui-ktx` from 2.9.5 to 2.9.6 Updates `androidx.navigation:navigation-testing` from 2.9.5 to 2.9.6 Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
d850185309 |
build(deps): bump the tailwind group in /rust/gui-client with 3 updates (#10832)
Bumps the tailwind group in /rust/gui-client with 3 updates: [@tailwindcss/cli](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-cli), [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) and [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss). Updates `@tailwindcss/cli` from 4.1.13 to 4.1.14 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases"><code>@tailwindcss/cli</code>'s releases</a>.</em></p> <blockquote> <h2>v4.1.14</h2> <h3>Fixed</h3> <ul> <li>Handle <code>'</code> syntax in ClojureScript when extracting classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18888">#18888</a>)</li> <li>Handle <code>@variant</code> inside <code>@custom-variant</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18885">#18885</a>)</li> <li>Merge suggestions when using <code>@utility</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18900">#18900</a>)</li> <li>Ensure that file system watchers created when using the CLI are always cleaned up (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18905">#18905</a>)</li> <li>Do not generate <code>grid-column</code> utilities when configuring <code>grid-column-start</code> or <code>grid-column-end</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18907">#18907</a>)</li> <li>Do not generate <code>grid-row</code> utilities when configuring <code>grid-row-start</code> or <code>grid-row-end</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18907">#18907</a>)</li> <li>Prevent duplicate CSS when overwriting a static utility with a theme key (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18056">#18056</a>)</li> <li>Show Lightning CSS warnings (if any) when optimizing/minifying (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18918">#18918</a>)</li> <li>Use <code>default</code> export condition for <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18948">#18948</a>)</li> <li>Re-throw errors from PostCSS nodes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18373">#18373</a>)</li> <li>Detect classes in markdown inline directives (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18967">#18967</a>)</li> <li>Ensure files with only <code>@theme</code> produce no output when built (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18979">#18979</a>)</li> <li>Support Maud templates when extracting classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18988">#18988</a>)</li> <li>Upgrade: Do not migrate <code>variant = 'outline'</code> during upgrades (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18922">#18922</a>)</li> <li>Upgrade: Show version mismatch (if any) when running upgrade tool (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19028">#19028</a>)</li> <li>Upgrade: Ensure first class inside <code>className</code> is migrated (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19031">#19031</a>)</li> <li>Upgrade: Migrate classes inside <code>*ClassName</code> and <code>*Class</code> attributes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19031">#19031</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md"><code>@tailwindcss/cli</code>'s changelog</a>.</em></p> <blockquote> <h2>[4.1.14] - 2025-10-01</h2> <h3>Fixed</h3> <ul> <li>Handle <code>'</code> syntax in ClojureScript when extracting classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18888">#18888</a>)</li> <li>Handle <code>@variant</code> inside <code>@custom-variant</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18885">#18885</a>)</li> <li>Merge suggestions when using <code>@utility</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18900">#18900</a>)</li> <li>Ensure that file system watchers created when using the CLI are always cleaned up (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18905">#18905</a>)</li> <li>Do not generate <code>grid-column</code> utilities when configuring <code>grid-column-start</code> or <code>grid-column-end</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18907">#18907</a>)</li> <li>Do not generate <code>grid-row</code> utilities when configuring <code>grid-row-start</code> or <code>grid-row-end</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18907">#18907</a>)</li> <li>Prevent duplicate CSS when overwriting a static utility with a theme key (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18056">#18056</a>)</li> <li>Show Lightning CSS warnings (if any) when optimizing/minifying (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18918">#18918</a>)</li> <li>Use <code>default</code> export condition for <code>@tailwindcss/vite</code> (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18948">#18948</a>)</li> <li>Re-throw errors from PostCSS nodes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18373">#18373</a>)</li> <li>Detect classes in markdown inline directives (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18967">#18967</a>)</li> <li>Ensure files with only <code>@theme</code> produce no output when built (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18979">#18979</a>)</li> <li>Support Maud templates when extracting classes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18988">#18988</a>)</li> <li>Upgrade: Do not migrate <code>variant = 'outline'</code> during upgrades (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/18922">#18922</a>)</li> <li>Upgrade: Show version mismatch (if any) when running upgrade tool (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19028">#19028</a>)</li> <li>Upgrade: Ensure first class inside <code>className</code> is migrated (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19031">#19031</a>)</li> <li>Upgrade: Migrate classes inside <code>*ClassName</code> and <code>*Class</code> attributes (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19031">#19031</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f90debb9fd |
build(deps): bump socket2 from 0.6.0 to 0.6.1 in /rust (#10826)
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9dc68e5844 |
build(deps): bump peter-evans/create-issue-from-file from 5.0.1 to 6.0.0 (#10842)
Bumps [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) from 5.0.1 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-issue-from-file/releases">peter-evans/create-issue-from-file's releases</a>.</em></p> <blockquote> <h2>Create Issue From File v6.0.0</h2> <p>⚙️ Requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later if you are using a self-hosted runner for Node 24 support.</p> <h2>What's Changed</h2> <ul> <li>Bump <code>@types/node</code> from 18.19.50 to 18.19.53 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1717">peter-evans/create-issue-from-file#1717</a></li> <li>Bump <code>@vercel/ncc</code> from 0.38.1 to 0.38.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1718">peter-evans/create-issue-from-file#1718</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1727">peter-evans/create-issue-from-file#1727</a></li> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1733">peter-evans/create-issue-from-file#1733</a></li> <li>Bump <code>@types/node</code> from 18.19.53 to 18.19.54 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1732">peter-evans/create-issue-from-file#1732</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1742">peter-evans/create-issue-from-file#1742</a></li> <li>Bump <code>@types/node</code> from 18.19.54 to 18.19.55 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1749">peter-evans/create-issue-from-file#1749</a></li> <li>Bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1750">peter-evans/create-issue-from-file#1750</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1759">peter-evans/create-issue-from-file#1759</a></li> <li>Bump <code>@types/node</code> from 18.19.55 to 18.19.56 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1764">peter-evans/create-issue-from-file#1764</a></li> <li>Bump <code>@types/node</code> from 18.19.56 to 18.19.59 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1769">peter-evans/create-issue-from-file#1769</a></li> <li>Bump <code>@types/node</code> from 18.19.59 to 18.19.63 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1774">peter-evans/create-issue-from-file#1774</a></li> <li>Bump <code>@types/node</code> from 18.19.63 to 18.19.64 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1779">peter-evans/create-issue-from-file#1779</a></li> <li>Bump <code>@vercel/ncc</code> from 0.38.2 to 0.38.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1784">peter-evans/create-issue-from-file#1784</a></li> <li>Bump prettier from 3.3.3 to 3.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1789">peter-evans/create-issue-from-file#1789</a></li> <li>Bump <code>@types/node</code> from 18.19.64 to 18.19.67 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1790">peter-evans/create-issue-from-file#1790</a></li> <li>Bump prettier from 3.4.1 to 3.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1799">peter-evans/create-issue-from-file#1799</a></li> <li>Bump <code>@types/node</code> from 18.19.67 to 18.19.68 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1804">peter-evans/create-issue-from-file#1804</a></li> <li>Bump <code>@types/node</code> from 18.19.68 to 18.19.69 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1809">peter-evans/create-issue-from-file#1809</a></li> <li>Bump <code>@types/node</code> from 18.19.69 to 18.19.70 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1814">peter-evans/create-issue-from-file#1814</a></li> <li>Bump <code>@types/node</code> from 18.19.70 to 18.19.71 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1820">peter-evans/create-issue-from-file#1820</a></li> <li>Bump eslint-plugin-prettier from 5.2.1 to 5.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1821">peter-evans/create-issue-from-file#1821</a></li> <li>Bump eslint-plugin-prettier from 5.2.2 to 5.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1830">peter-evans/create-issue-from-file#1830</a></li> <li>Bump <code>@types/node</code> from 18.19.71 to 18.19.74 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1831">peter-evans/create-issue-from-file#1831</a></li> <li>Bump <code>@types/node</code> from 18.19.74 to 18.19.75 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1840">peter-evans/create-issue-from-file#1840</a></li> <li>Bump prettier from 3.4.2 to 3.5.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1846">peter-evans/create-issue-from-file#1846</a></li> <li>Bump <code>@types/node</code> from 18.19.75 to 18.19.76 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1845">peter-evans/create-issue-from-file#1845</a></li> <li>Bump <code>@octokit/request-error</code> and <code>@actions/github</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1855">peter-evans/create-issue-from-file#1855</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1860">peter-evans/create-issue-from-file#1860</a></li> <li>Bump <code>@octokit/plugin-paginate-rest</code> from 9.2.1 to 9.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1865">peter-evans/create-issue-from-file#1865</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1870">peter-evans/create-issue-from-file#1870</a></li> <li>Bump prettier from 3.5.1 to 3.5.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1875">peter-evans/create-issue-from-file#1875</a></li> <li>Bump <code>@octokit/request</code> from 8.4.0 to 8.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1880">peter-evans/create-issue-from-file#1880</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1885">peter-evans/create-issue-from-file#1885</a></li> <li>Bump <code>@types/node</code> from 18.19.76 to 18.19.79 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1893">peter-evans/create-issue-from-file#1893</a></li> <li>Bump prettier from 3.5.2 to 3.5.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1894">peter-evans/create-issue-from-file#1894</a></li> <li>Bump <code>@types/node</code> from 18.19.79 to 18.19.80 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1903">peter-evans/create-issue-from-file#1903</a></li> <li>Bump <code>@types/node</code> from 18.19.80 to 18.19.81 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1908">peter-evans/create-issue-from-file#1908</a></li> <li>Bump <code>@types/node</code> from 18.19.81 to 18.19.84 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1913">peter-evans/create-issue-from-file#1913</a></li> <li>Bump eslint-plugin-prettier from 5.2.3 to 5.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1914">peter-evans/create-issue-from-file#1914</a></li> <li>Bump eslint-plugin-prettier from 5.2.5 to 5.2.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1924">peter-evans/create-issue-from-file#1924</a></li> <li>Bump <code>@types/node</code> from 18.19.84 to 18.19.86 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1923">peter-evans/create-issue-from-file#1923</a></li> <li>Bump <code>@types/node</code> from 18.19.86 to 18.19.87 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1933">peter-evans/create-issue-from-file#1933</a></li> <li>Bump eslint-plugin-prettier from 5.2.6 to 5.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1938">peter-evans/create-issue-from-file#1938</a></li> <li>Bump <code>@types/node</code> from 18.19.87 to 18.19.100 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1939">peter-evans/create-issue-from-file#1939</a></li> <li>Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/create-issue-from-file/pull/1940">peter-evans/create-issue-from-file#1940</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
6e2be658b0 |
chore(gateway): log unroutable packets only on DEBUG (#10897)
Currently, the Gateway logs all kinds of errors during packet processing on WARN. Whilst it is generally good to be aware of warnings / errors, some of these scenarios are particularly noisy. For various reasons, we may not be able to route a packet arriving from the TUN device. In such cases, we now return an `UnroutablePacket` error to the event-loop which is special-cased to only log on DEBUG. It also includes the 5 tuple as variables, which should make log analysis a bit easier if we want to filter on specific parts of the 5 tuple. |
||
|
dependabot[bot]
|
a742e0a10d |
build(deps): bump @next/mdx from 15.5.4 to 15.5.6 in /website (#10902)
Bumps [@next/mdx](https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx) from 15.5.4 to 15.5.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases"><code>@next/mdx</code>'s releases</a>.</em></p> <blockquote> <h2>v15.5.6</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Turbopack: don't define process.cwd() in node_modules <a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/83452">#83452</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/mischnic"><code>@mischnic</code></a> for helping!</p> <h2>v15.5.5</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Split code-frame into separate compiled package (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84238">#84238</a>)</li> <li>Add deprecation warning to Runtime config (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84650">#84650</a>)</li> <li>fix: unstable_cache should perform blocking revalidation during ISR revalidation (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84716">#84716</a>)</li> <li>feat: <code>experimental.middlewareClientMaxBodySize</code> body cloning limit (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84722">#84722</a>)</li> <li>fix: missing next/link types with typedRoutes (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84779">#84779</a>)</li> </ul> <h3>Misc Changes</h3> <ul> <li>docs: early October improvements and fixes (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx/issues/84334">#84334</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/devjiwonchoi"><code>@devjiwonchoi</code></a>, <a href="https://github.com/ztanner"><code>@ztanner</code></a>, and <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2cb3b326fb |
build(deps): bump mixpanel-browser from 2.70.0 to 2.71.0 in /website (#10901)
Bumps [mixpanel-browser](https://github.com/mixpanel/mixpanel-js) from 2.70.0 to 2.71.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mixpanel/mixpanel-js/releases">mixpanel-browser's releases</a>.</em></p> <blockquote> <h2>Autocapture Updates</h2> <p>New autocapture events are now available:</p> <ul> <li>Dead Click (<code>$mp_dead_click</code>): when a click occurs but there is no DOM mutation afterwards</li> <li>Page Leave (<code>$mp_page_leave</code>): when a page is "left" either by navigation or leaving the tab</li> </ul> <p>Dead Click event tracking is ON in the default autotrack configuration, but Page Leave tracking must be turned on explicitly (with the config option <code>{autocapture: {page_leave: true}}</code>.</p> <p>This release also includes several other updates:</p> <ul> <li>adding additional properties to experiment exposure events for feature flags</li> <li>upgrade rrweb fork to fix a hidden input masking issue</li> <li>getting rid of package.json <code>exports</code> feature to be less restrictive of what can be imported</li> <li>adding type definitions for each build option</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mixpanel/mixpanel-js/blob/master/CHANGELOG.md">mixpanel-browser's changelog</a>.</em></p> <blockquote> <p><strong>2.72.0</strong> (14 Nov 2025)</p> <ul> <li>Adds Autocapture rage-click configuration option <code>interactive_elements_only</code>, to ignore clicks on non-interactive page elements such as text. Configure with: <code>mixpanel.init('<TOKEN>', {autocapture: {rage_click: {interactive_elements_only: true}}})</code></li> <li>Adds TypeScript types for Feature Flags subsystem (<code>mixpanel.flags</code>)</li> <li>Adds JS console data to Session Recordings, enabled by default but configurable via the <code>record_console</code> initialization option.</li> <li>Fixes an issue in session recording where closing and opening a page would upload a replay shorter than the configured minimum duration (<code>record_min_ms</code>)</li> <li>Fixes an issue in session recording where payloads get truncated on old Safari versions due to a bug in their CompressionStream implementation</li> </ul> <p><strong>2.71.1</strong> (30 Oct 2025)</p> <ul> <li>fixes issue with $mp_page_leave events getting tracked when <code>record_heatmap_data</code> is on and there was no session recording taking place.</li> </ul> <p><strong>2.71.0</strong> (2 Oct 2025)</p> <ul> <li>adds Dead Click ($mp_dead_click) autocapture event: when a click occurs but there is no DOM mutation afterwards</li> <li>adds Page Leave ($mp_page_leave) autocapture event: when a page is "left" either by navigation or leaving the tab</li> <li>adds additional properties to experiment exposure events for feature flags</li> <li>upgrades rrweb fork to fix a hidden input masking issue</li> <li>gets rid of package.json exports feature to be less restrictive of what can be imported</li> <li>adds type definitions for each build option</li> </ul> <p><strong>2.70.0</strong> (4 Sep 2025)</p> <ul> <li>Feature flags requests now send params on query string with GET instead of POST for easier caching</li> </ul> <p><strong>2.68.0</strong> (11 Aug 2025)</p> <ul> <li>Initial rage-click detection support</li> <li>Block <code><audio></code> tags by default in Session Recording</li> <li>Add <code>flags.update_context()</code> method for updating context variables and refetching variants</li> </ul> <p><strong>2.67.0</strong> (17 Jul 2025)</p> <ul> <li>Use <code>get_api_host()</code> consistently across the SDK</li> <li>Include <code>device_id</code> in default Feature Flag context</li> <li>Track latency props in <code>$experiment_started</code> event</li> <li>Fix async behavior in <code>mixpanel.reset()</code> when a session recording is active</li> <li>Fix recorder integration test race conditions</li> </ul> <p><strong>2.66.0</strong> (8 Jul 2025)</p> <ul> <li>Add <code>api_host</code> configuration option to support different hosts/proxies for different endpoints (thanks <a href="https://github.com/chrisknu"><code>@chrisknu</code></a>)</li> <li>Add types.d.ts from existing public repo</li> <li>Fix race condition when calling <code>mixpanel.reset()</code> while a session recording is active</li> </ul> <p><strong>2.65.0</strong> (20 May 2025)</p> <ul> <li><code>mixpanel.people.track_charge()</code> (deprecated) no longer sets profile property</li> <li>Adds page height and width tracking to autocapture click tracking</li> <li>Session recording now stops when mixpanel.reset() is called</li> <li>Support for adding arbitrary query string params to tracking requests (thanks <a href="https://github.com/dylan-asos"><code>@dylan-asos</code></a>)</li> <li>Feature flagging API revisions</li> <li>Whale Browser detection</li> </ul> <p><strong>2.64.0</strong> (15 Apr 2025)</p> <ul> <li>Add <code>record_heatmap_data</code> init option for Session Recording to ensure click events are captured for Heat Maps</li> <li>Initial support for feature flagging</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/mixpanel/mixpanel-js/compare/v2.70.0...v2.71.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
39d5f97c77 |
build(deps): bump @next/third-parties from 15.5.3 to 15.5.6 in /website (#10900)
Bumps [@next/third-parties](https://github.com/vercel/next.js/tree/HEAD/packages/third-parties) from 15.5.3 to 15.5.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases"><code>@next/third-parties</code>'s releases</a>.</em></p> <blockquote> <h2>v15.5.6</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Turbopack: don't define process.cwd() in node_modules <a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83452">#83452</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/mischnic"><code>@mischnic</code></a> for helping!</p> <h2>v15.5.5</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>Split code-frame into separate compiled package (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84238">#84238</a>)</li> <li>Add deprecation warning to Runtime config (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84650">#84650</a>)</li> <li>fix: unstable_cache should perform blocking revalidation during ISR revalidation (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84716">#84716</a>)</li> <li>feat: <code>experimental.middlewareClientMaxBodySize</code> body cloning limit (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84722">#84722</a>)</li> <li>fix: missing next/link types with typedRoutes (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84779">#84779</a>)</li> </ul> <h3>Misc Changes</h3> <ul> <li>docs: early October improvements and fixes (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84334">#84334</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/devjiwonchoi"><code>@devjiwonchoi</code></a>, <a href="https://github.com/ztanner"><code>@ztanner</code></a>, and <a href="https://github.com/icyJoseph"><code>@icyJoseph</code></a> for helping!</p> <h2>v15.5.4</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix: ensure onRequestError is invoked when otel enabled (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83343">#83343</a>)</li> <li>fix: devtools initial position should be from next config (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83571">#83571</a>)</li> <li>[devtool] fix overlay styles are missing (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83721">#83721</a>)</li> <li>Turbopack: don't match dynamic pattern for node_modules packages (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83176">#83176</a>)</li> <li>Turbopack: don't treat metadata routes as RSC (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/82911">#82911</a>)</li> <li>[turbopack] Improve handling of symlink resolution errors in track_glob and read_glob (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83357">#83357</a>)</li> <li>Turbopack: throw large static metadata error earlier (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/82939">#82939</a>)</li> <li>fix: error overlay not closing when backdrop clicked (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83981">#83981</a>)</li> <li>Turbopack: flush Node.js worker IPC on error (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/84077">#84077</a>)</li> </ul> <h3>Misc Changes</h3> <ul> <li>[CNA] use linter preference (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83194">#83194</a>)</li> <li>CI: use KV for test timing data (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/third-parties/issues/83745">#83745</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
eee0572972 |
build(deps): bump @docsearch/react from 4.1.0 to 4.2.0 in /website (#10903)
Bumps [@docsearch/react](https://github.com/algolia/docsearch/tree/HEAD/packages/docsearch-react) from 4.1.0 to 4.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/algolia/docsearch/releases"><code>@docsearch/react</code>'s releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h1><a href="https://github.com/algolia/docsearch/compare/v4.1.0...v4.2.0">4.2.0</a> (2025-10-06)</h1> <h3>Bug Fixes</h3> <ul> <li><strong>askai:</strong> Fixes issue with askai state being outside DocSearchModal (<a href="https://redirect.github.com/algolia/docsearch/issues/2778">#2778</a>) (<a href=" |
||
|
Jamil
|
164f1976c7 |
fix(apple): queue path updates onto workQueue (#10896)
Path updates are received on a queue which can be (and is typically) on a different thread from the one the workQueue runs on. Since we are sharing instance properties across these two threads, we need to make sure reads and writes to all properties ideally happen on the same queue. Moving `Adapter` to an actor class could solve these issues, but that is a much larger refactor to be done in #10895 and we'd like to ship this fix in the next release to verify it fixes our issue. |
||
|
Jamil
|
91962acb83 |
chore(apple): ignore benign keychain errors (#10899)
* macOS 13 and below has a known bug that prevents us from saving the token on the system keychain. To avoid Sentry noise, we ignore this specific error and continue to log other errors that aren't an exact match. * Relatedly, if we try to start the tunnel and a token is not found, it's not necessarily an error. This happens when the user signs out and then tries to activate the VPN from system settings, for example. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Brian Manifold
|
c8900c2a94 |
fix(portal): update deletion circuit breaker (#10898)
Why: * The directory sync circuit breaker was put in place to prevent errors in IdP API responses from deleting identities and groups incorrectly and thus also deleting policies. This was especially an issue with Google Workspace sync. The circuit breaker has done a good job of catching some erroneous API responses, however, it is now preventing legitimate syncs where large numbers of groups are needing to be deleted. While a few options have been quickly talked about, no final solution has been decided on. In the mean time, this commit will update the threshold of what is considered a "mass deletion" to 75% from 25%. This should give some time to figure out what a more permanent solution will look like. Fixes #10892 |
||
|
Jamil
|
2643492534 |
fix(website): update link to pwc study (#10894)
fixes #10812 --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Thomas Eizinger
|
663f23e9fb |
fix(connlib): classify WireGuard first (#10890)
WireGuard packets can have all kinds of byte-patterns at the very front of the packet. Thus, we need to first check if a payload is a WireGuard packet before attempting to classify it as anything else. This function is currently only used for logging purposes. `snownet` has its own logic for de-multiplexing and classifying packets. |
||
|
Thomas Eizinger
|
7e5994b3c6 |
chore: bump to upstream proptest (#10888)
The changes from our fork have been upstreamed successfully. We can therefore switch our dependency back to that. |