github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,971 Commits 1 Branch 0 Tags
46ffe8fe45b5ff14341e0bc976726d8ba69bb46e
Commit Graph

2657 Commits

Author SHA1 Message Date
Jamil
46ffe8fe45 docs(relay): add note on channel map safety (#10194) 
A fair bit of time was spent validating these map accesses are
thread-safe, so just documenting that for the next reader to find.

Related:
https://github.com/firezone/firezone/issues/10138#issuecomment-3186074350
 2025-08-14 17:27:12 -07:00
Jamil
3e3f555c1e fix(relay): swap MACs for relayed traffic (#10193) 
In nearly all environments, we can safely assume that we will always use
the same network gateway for forwarding relayed packets as the one we
received them from.

By leveraging this assumption, we can simply swap the SRC and DST MAC
addresses, removing the need to keep a HaspMap for these, which
eliminates the need to worry about thread-safety for this particular
functionality.

Related: #10138
 2025-08-13 14:40:26 -07:00
Jamil
92137ee76b fix(relay): don't inline hotpath loop calls (#10185) 
When inlining large(ish) functions that are on the hot-path, it creates
a much longer program for the eBPF verifier to validate since the
verifier is working through all packet sizes and types. We're hitting an
issue on GCP (in the 8-core dev VM, XDP-generic) where verification
fails on `main` due to the inlining of some hot-path functions.

This PR is the smallest possible change that gets the program to load,
highlighting the issue.

In practice, I'm not there is a detectable performance difference
between having these inlined vs not (especially in DRV_MODE) so I'm not
sure it's worth the potential debugging headaches later on.
 2025-08-11 22:08:12 +00:00
dependabot[bot]
c5deb7a839 build(deps): bump @eslint/plugin-kit from 0.3.3 to 0.3.4 in /rust/gui-client in the npm_and_yarn group (#10044) 
Bumps the npm_and_yarn group in /rust/gui-client with 1 update:
[@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit).

Updates `@eslint/plugin-kit` from 0.3.3 to 0.3.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/rewrite/releases"><code>@​eslint/plugin-kit</code>'s
releases</a>.</em></p>
<blockquote>
<h2>plugin-kit: v0.3.4</h2>
<h2><a
href="https://github.com/eslint/rewrite/compare/plugin-kit-v0.3.3...plugin-kit-v0.3.4">0.3.4</a>
(2025-07-21)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>potential quadratic runtime in regular expression (<a
href="https://redirect.github.com/eslint/rewrite/issues/240">#240</a>)
(<a
href="b283f64099">b283f64</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md"><code>@​eslint/plugin-kit</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/eslint/rewrite/compare/plugin-kit-v0.3.3...plugin-kit-v0.3.4">0.3.4</a>
(2025-07-21)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>potential quadratic runtime in regular expression (<a
href="https://redirect.github.com/eslint/rewrite/issues/240">#240</a>)
(<a
href="b283f64099">b283f64</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="380c224871"><code>380c224</code></a>
chore: release main (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/242">#242</a>)</li>
<li><a
href="17276ff19c"><code>17276ff</code></a>
docs: Update README sponsors</li>
<li><a
href="b283f64099"><code>b283f64</code></a>
fix: potential quadratic runtime in regular expression (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/240">#240</a>)</li>
<li><a
href="46cd5dab8f"><code>46cd5da</code></a>
docs: Update README sponsors</li>
<li><a
href="9677965292"><code>9677965</code></a>
docs: Update README sponsors</li>
<li><a
href="20799b5802"><code>20799b5</code></a>
docs: Update README sponsors</li>
<li>See full diff in <a
href="https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.4/packages/plugin-kit">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@eslint/plugin-kit&package-manager=npm_and_yarn&previous-version=0.3.3&new-version=0.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-11 11:34:13 +00:00
Firezone Bot
95ee111e62 chore: publish apple-client 1.5.7 (#10159) 2025-08-07 04:38:03 +00:00
Thomas Eizinger
507a8957c2 chore(connlib): only debug-assert non-retransmitted DNS queries (#10136) 
When we receive the same TCP DNS query twice, we currently wrongly hit a
debug assert.
 2025-08-06 11:26:51 +00:00
Thomas Eizinger
2dde3b8573 fix(relay): read from most-recently-ready socket first (#10148) 
The relay uses `mio` to react to readiness events from multiple sockets
at once. Including the control port 3478, the relay needs to also send
and receive traffic from up to 16384 sockets (one for each possible
allocation).

We need to process readiness events from these sockets as fairly as
possible. Under high-load, it may otherwise happen that we don't read
packets from an allocation socket, resulting in ICE timeouts of the
connection being relayed.

To achieve this fairness, we collect all readiness tokens into a set and
store it with the number of packets we have read so far from this
socket. Then, we always read from the socket next that we have so far
read the least amount of packets from.
 2025-08-06 09:13:05 +00:00
Thomas Eizinger
f27683760a fix(relay): check for ANSI support on stdout (#10149) 2025-08-06 07:42:54 +00:00
Thomas Eizinger
2841fd0017 chore(connlib): spawn dedicated tasks for UDP send/recv (#10147) 
At the moment, `connlib`'s UDP thread spawns a single task for reading
and writing to the UDP socket. It will always first try to write data
before reading new data. To avoid scheduling issues, we split this into
two dedicated tasks and insert

```rust
tokio::task::yield_now().await;
```

into each loop. This allows the `tokio` runtime to schedule each of the
tasks fairly even if one of them is very busy.

For example, if we are very busy writing data (because we are receiving
a lot of IP traffic), this ensures that we will occasionally also read
from our socket to receive STUN control messages from our peers.
 2025-08-06 07:38:01 +00:00
Jamil
6ad10c8f39 fix(ci): use etc-resolv-conf as default in headless image (#10126) 
The headless client image we ship doesn't have systemd-resolved. By
default, if you try to run it without setting the `FIREZONE_DNS_CONTROL`
var, it will exit with an unhelpful error message that is difficult to
diagnose / debug for anyone unfamiliar to the inner workings of the
headless client:

```
Error: I/O error: No such file or directory (os error 2)

Caused by:
    No such file or directory (os error 2)

Stack backtrace:
   0: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from
   1: firezone_bin_shared::network_changes::imp::Worker::new_dbus::{{closure}}
   2: firezone_headless_client::main::{{closure}}
   3: tokio::runtime::runtime::Runtime::block_on
   4: firezone_headless_client::main
   5: std::sys::backtrace::__rust_begin_short_backtrace
   6: std::rt::lang_start::{{closure}}
   7: main
```

To fix this, we set `FIREZONE_DNS_CONTROL=etc-resolv-conf` for the user
inside our headless-client image.

---------

Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-08-05 16:24:00 +00:00
Thomas Eizinger
3e46727362 chore(snownet): improve logging of boringtun session index (#10135) 
Previously, boringtun's sender/receiver index of a session would just be
rendered as a full u32. In reality, this u32 contains two pieces of
information: The higher 24 bits identify the peer and the lower 8 bits
identify the session with that peer. With the update to boringtun in
https://github.com/firezone/boringtun/pull/112, we encode this logic in
a dedicated type that has prints this information separately. Here is
what the logs now look like:

```
2025-08-05T07:38:37.742Z DEBUG boringtun::noise: Received handshake_response local_idx=(3428714|1) remote_idx=(1937676|1)
2025-08-05T07:38:37.743Z DEBUG boringtun::noise: New session idx=(3428714|1)
2025-08-05T07:38:37.743Z DEBUG boringtun::noise: Sending keepalive local_idx=(3428714|1)
```
 2025-08-05 13:08:32 +00:00
dependabot[bot]
036cae84f3 build(deps): bump tokio from 1.46.1 to 1.47.1 in /rust (#10119) 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/tokio/releases">tokio's
releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.47.1</h2>
<h1>1.47.1 (August 1st, 2025)</h1>
<h3>Fixed</h3>
<ul>
<li>process: fix panic from spurious pidfd wakeup (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li>
<li>sync: fix broken link of Python <code>asyncio.Event</code> in
<code>SetOnce</code> docs (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7485">tokio-rs/tokio#7485</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7494">tokio-rs/tokio#7494</a></p>
<h2>Tokio v1.47.0</h2>
<h1>1.47.0 (July 25th, 2025)</h1>
<p>This release adds <code>poll_proceed</code> and
<code>cooperative</code> to the <code>coop</code> module for
cooperative scheduling, adds <code>SetOnce</code> to the
<code>sync</code> module which provides
similar functionality to [<code>std::sync::OnceLock</code>], and adds a
new method
<code>sync::Notify::notified_owned()</code> which returns an
<code>OwnedNotified</code> without
a lifetime parameter.</p>
<h2>Added</h2>
<ul>
<li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li>
<li>sync: add <code>SetOnce</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li>
<li>sync: add <code>sync::Notify::notified_owned()</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>deps: upgrade windows-sys 0.52 → 0.59 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li>
<li>deps: update to socket2 v0.6 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li>
<li>sync: improve <code>AtomicWaker::wake</code> performance (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li>
</ul>
<h2>Documented</h2>
<ul>
<li>metrics: fix listed feature requirements for some metrics (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li>
<li>runtime: improve safety comments of <code>Readiness&lt;'_&gt;</code>
(<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li>
</ul>
<p><a
href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a>
<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>:
<a
href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="be8ee45b3f"><code>be8ee45</code></a>
chore: prepare Tokio v1.47.1 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li>
<li><a
href="d9b19166cd"><code>d9b1916</code></a>
Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li>
<li><a
href="db8edc620f"><code>db8edc6</code></a>
chore: prepare Tokio v1.43.2 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li>
<li><a
href="4730984d66"><code>4730984</code></a>
readme: add 1.47 as LTS release (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li>
<li><a
href="1979615cbf"><code>1979615</code></a>
process: fix panic from spurious pidfd wakeup (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li>
<li><a
href="f669a609cf"><code>f669a60</code></a>
ci: add lockfile for LTS branch</li>
<li><a
href="ce41896f8d"><code>ce41896</code></a>
sync: fix broken link of Python <code>asyncio.Event</code> in
<code>SetOnce</code> docs (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li>
<li><a
href="c8ab78a84f"><code>c8ab78a</code></a>
changelog: fix incorrect PR number for 1.47.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7484">#7484</a>)</li>
<li><a
href="3911cb8523"><code>3911cb8</code></a>
chore: prepare Tokio v1.47.0 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li>
<li><a
href="d545aa2601"><code>d545aa2</code></a>
sync: add <code>sync::Notify::notified_owned()</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.46.1&new-version=1.47.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2025-08-05 12:37:26 +00:00
dependabot[bot]
8f35f3a0dc build(deps): bump serde_json from 1.0.141 to 1.0.142 in /rust (#10121) 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.141 to
1.0.142.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.142</h2>
<ul>
<li>impl Default for &amp;Value (<a
href="https://redirect.github.com/serde-rs/json/issues/1265">#1265</a>,
thanks <a
href="https://github.com/aatifsyed"><code>@​aatifsyed</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1731167cd5"><code>1731167</code></a>
Release 1.0.142</li>
<li><a
href="e51c81450a"><code>e51c814</code></a>
Touch up PR 1265</li>
<li><a
href="84abbdb613"><code>84abbdb</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1265">#1265</a>
from aatifsyed/master</li>
<li><a
href="9206cc0150"><code>9206cc0</code></a>
feat: impl Default for &amp;Value</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.141...v1.0.142">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.141&new-version=1.0.142)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:52:18 +00:00
dependabot[bot]
50f2cc3e2c build(deps): bump uniffi from 0.29.3 to 0.29.4 in /rust (#10113) 
Bumps [uniffi](https://github.com/mozilla/uniffi-rs) from 0.29.3 to
0.29.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mozilla/uniffi-rs/blob/main/CHANGELOG.md">uniffi's
changelog</a>.</em></p>
<blockquote>
<h2>v0.29.4 (backend crates: v0.29.4) - (<em>2025-07-24</em>)</h2>
<ul>
<li>Fixed a bug where objects with alignment &gt;= 32 could be freed to
early (<a
href="https://redirect.github.com/mozilla/uniffi-rs/issues/2600">mozilla/uniffi-rs#2600</a>)</li>
</ul>
<p><a
href="https://github.com/mozilla/uniffi-rs/compare/v0.29.3...v0.29.4">All
changes in v0.29.4</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="00cd7e313c"><code>00cd7e3</code></a>
chore: Release</li>
<li><a
href="ceb5c81896"><code>ceb5c81</code></a>
chore: Release</li>
<li><a
href="1edd2216bc"><code>1edd221</code></a>
Updated CHANGELOG and test for <a
href="https://redirect.github.com/mozilla/uniffi-rs/issues/2600">#2600</a></li>
<li><a
href="c8a9fa99dc"><code>c8a9fa9</code></a>
Cast object pointers to the correct type in
<code>clone</code>/<code>free</code></li>
<li>See full diff in <a
href="https://github.com/mozilla/uniffi-rs/compare/v0.29.3...v0.29.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uniffi&package-manager=cargo&previous-version=0.29.3&new-version=0.29.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:50:35 +00:00
dependabot[bot]
f4e69a2743 build(deps): bump rangemap from 1.5.1 to 1.6.0 in /rust (#10116) 
Bumps [rangemap](https://github.com/jeffparsons/rangemap) from 1.5.1 to
1.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jeffparsons/rangemap/blob/main/CHANGELOG.md">rangemap's
changelog</a>.</em></p>
<blockquote>
<h3>v1.6.0 (2025-07-26)</h3>
<ul>
<li><strong>Features</strong>:
<ul>
<li>Add quickcheck support, gated behind the <code>quickcheck</code>
feature.</li>
<li>Improve performance of <code>RangeMap::gaps</code> by efficiently
seeking to the start of the query range.</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/jeffparsons/rangemap/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rangemap&package-manager=cargo&previous-version=1.5.1&new-version=1.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:48:14 +00:00
dependabot[bot]
4f29d13b14 build(deps): bump clap from 4.5.41 to 4.5.42 in /rust (#10122) 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.41 to 4.5.42.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.42</h2>
<h2>[4.5.42] - 2025-07-30</h2>
<h3>Fixes</h3>
<ul>
<li>Include subcommand visible long aliases in <code>--help</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.5.42] - 2025-07-30</h2>
<h3>Fixes</h3>
<ul>
<li>Include subcommand visible long aliases in <code>--help</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="27cc4b7f59"><code>27cc4b7</code></a>
chore: Release</li>
<li><a
href="16a4fc7190"><code>16a4fc7</code></a>
docs: Update changelog</li>
<li><a
href="07f9f15eda"><code>07f9f15</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5874">#5874</a>
from tetzng/fix-fish-completions</li>
<li><a
href="721deab943"><code>721deab</code></a>
chore: Release</li>
<li><a
href="a4be55bf64"><code>a4be55b</code></a>
docs: Update changelog</li>
<li><a
href="fd5e6915f0"><code>fd5e691</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5877">#5877</a>
from therealprof/features/use-btreemap-instead-of-so...</li>
<li><a
href="6604e79ee7"><code>6604e79</code></a>
Use BTreeMap instead of a sorted Vec</li>
<li><a
href="28e163a8e7"><code>28e163a</code></a>
fix(complete): Remove {} and replace commas with newlines</li>
<li><a
href="b5a47c46ac"><code>b5a47c4</code></a>
chore: Release</li>
<li><a
href="b154a7a114"><code>b154a7a</code></a>
docs: Update changelog</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.41...clap_complete-v4.5.42">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.5.41&new-version=4.5.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:47:32 +00:00
dependabot[bot]
d30b5e66ae build(deps): bump rustls from 0.23.29 to 0.23.31 in /rust (#10120) 
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.29 to
0.23.31.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="647ece1346"><code>647ece1</code></a>
Prepare 0.23.31</li>
<li><a
href="b2831e7490"><code>b2831e7</code></a>
rustls-bench: short circuit single threaded tests</li>
<li><a
href="668231f573"><code>668231f</code></a>
Improve testing of non-blocking <code>complete_io()</code></li>
<li><a
href="5e5d629611"><code>5e5d629</code></a>
<code>complete_io</code>: make non-blocking error return reachable</li>
<li><a
href="2a852c0244"><code>2a852c0</code></a>
Exit <code>complete_io</code> loop as soon as no progress is made</li>
<li><a
href="2f487cfc5a"><code>2f487cf</code></a>
rustls-test: withdraw <code>FailsReads</code> helper</li>
<li><a
href="41bfb22d5b"><code>41bfb22</code></a>
rustls-test: add helper for non-blocking IO tests</li>
<li><a
href="0ccbc63df3"><code>0ccbc63</code></a>
Cargo: rustls version 0.23.29 -&gt; 0.23.30</li>
<li><a
href="4c16f03443"><code>4c16f03</code></a>
Fix: Do not try to call deframer on junk data</li>
<li><a
href="6b9df65bb9"><code>6b9df65</code></a>
sign: make public_key_to_spki() public</li>
<li>Additional commits viewable in <a
href="https://github.com/rustls/rustls/compare/v/0.23.29...v/0.23.31">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls&package-manager=cargo&previous-version=0.23.29&new-version=0.23.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:47:12 +00:00
dependabot[bot]
b5566f19f2 build(deps): bump the tauri group in /rust with 4 updates (#10118) 
Bumps the tauri group in /rust with 4 updates:
[tauri-build](https://github.com/tauri-apps/tauri),
[tauri-plugin-dialog](https://github.com/tauri-apps/plugins-workspace),
[tauri-runtime](https://github.com/tauri-apps/tauri) and
[tauri-utils](https://github.com/tauri-apps/tauri).

Updates `tauri-build` from 2.3.0 to 2.3.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-build's
releases</a>.</em></p>
<blockquote>
<h2>tauri-build v2.3.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1034 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding cargo_metadata v0.19.2 (available: v0.21.0)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.2)
      Adding elf v0.7.4 (available: v0.8.0)
      Adding goblin v0.9.3 (available: v0.10.0)
      Adding html5ever v0.29.1 (available: v0.35.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding jsonrpsee v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-client-transport v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-core v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-ws-client v0.24.9 (available: v0.25.1)
      Adding matchit v0.8.4 (available: v0.8.6)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding object v0.36.7 (available: v0.37.1)
      Adding oxc_allocator v0.36.0 (available: v0.77.3)
      Adding oxc_ast v0.36.0 (available: v0.77.3)
      Adding oxc_parser v0.36.0 (available: v0.77.3)
      Adding oxc_span v0.36.0 (available: v0.77.3)
      Adding phf v0.11.3 (available: v0.12.1)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding schemars v0.8.22 (available: v1.0.4)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding toml v0.8.23 (available: v0.9.2)
      Adding toml_edit v0.22.27 (available: v0.23.2)
      Adding which v7.0.3 (available: v8.0.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 792 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1059 crate dependencies)
Crate:     atk
Version:   0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96439c2c42"><code>96439c2</code></a>
chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm
audit</li>
<li><a
href="ab97f36b64"><code>ab97f36</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li>
<li><a
href="6a4451bcd9"><code>6a4451b</code></a>
fix(windows): isolation pattern create iframe loop (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li>
<li><a
href="56277e4722"><code>56277e4</code></a>
chore(deps): update napi to v3 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b</code></a>
fix(bundler): Move AppRun to mirror (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li>
<li><a
href="7f3c989111"><code>7f3c989</code></a>
feat(tauri): add <code>plugin_boxed</code> methods (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13837">#13837</a>)</li>
<li><a
href="bda8304107"><code>bda8304</code></a>
fix(cli): error out when migrating from v2 alpha (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13833">#13833</a>)</li>
<li><a
href="fb9d9c7fd1"><code>fb9d9c7</code></a>
chore(readme): Update discord invite (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13836">#13836</a>)</li>
<li><a
href="8263b412c6"><code>8263b41</code></a>
chore(deps): update dependency rollup to v4.45.1 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13831">#13831</a>)</li>
<li><a
href="3025d90951"><code>3025d90</code></a>
feat: expose some window props from runtime-wry (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13822">#13822</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-build-v2.3.0...tauri-build-v2.3.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-plugin-dialog` from 2.3.0 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/plugins-workspace/releases">tauri-plugin-dialog's
releases</a>.</em></p>
<blockquote>
<h2>single-instance v2.3.2</h2>
<h2>[2.3.2]</h2>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>deep-link@2.4.1</code></li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri-plugin-single-instance v2.3.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/single-instance)
    Updating crates.io index
    Packaged 16 files, 204.0KiB (89.1KiB compressed)
Uploading tauri-plugin-single-instance v2.3.2
(/home/runner/work/plugins-workspace/plugins-workspace/plugins/single-instance)
    Uploaded tauri-plugin-single-instance v2.3.2 to registry `crates-io`
note: waiting for `tauri-plugin-single-instance v2.3.2` to be available
at registry `crates-io`.
You may press ctrl-c to skip waiting; the crate should be available
shortly.
   Published tauri-plugin-single-instance v2.3.2 at registry `crates-io`
</code></pre>
<!-- raw HTML omitted -->
<h2>dialog-js v2.3.2</h2>
<h2>[2.3.2]</h2>
<ul>
<li><a
href="af08c66faa"><code>af08c66f</code></a>
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/pull/2871">#2871</a>
by <a
href="https://github.com/tauri-apps/plugins-workspace/../../FabianLars"><code>@​FabianLars</code></a>)
Fixed an issue that caused the file picker not to open on Android when
extension filters were set.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>npm warn publish npm auto-corrected some errors in your
package.json when publishing. Please run &quot;npm pkg fix&quot; to
address these errors.
npm warn publish errors corrected:
npm warn publish &quot;repository&quot; was changed from a string to an
object
npm warn publish &quot;repository.url&quot; was normalized to
&quot;git+https://github.com/tauri-apps/plugins-workspace.git&quot;
npm notice
npm notice 📦  @tauri-apps/plugin-dialog@2.3.2
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 2.9kB README.md
npm notice 5.8kB dist-js/index.cjs
npm notice 7.8kB dist-js/index.d.ts
npm notice 5.6kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 656B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.3.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9b43f48856"><code>9b43f48</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2880">#2880</a>)</li>
<li><a
href="af08c66faa"><code>af08c66</code></a>
fix(dialog): remove use of ACTION_PICK (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2871">#2871</a>)</li>
<li><a
href="7974acae22"><code>7974aca</code></a>
chore(deps): update dependency rollup to v4.46.1 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2878">#2878</a>)</li>
<li><a
href="a985359e69"><code>a985359</code></a>
chore(deps): update dependency rollup to v4.46.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2876">#2876</a>)</li>
<li><a
href="97bebcf6e8"><code>97bebcf</code></a>
chore(deps): update eslint monorepo to v9.32.0 (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2873">#2873</a>)</li>
<li><a
href="27ddcd0abe"><code>27ddcd0</code></a>
publish new versions (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2869">#2869</a>)</li>
<li><a
href="d7fb5623d6"><code>d7fb562</code></a>
docs(deep-link): update platform support wording</li>
<li><a
href="d4f8299b12"><code>d4f8299</code></a>
fix(deep-link): handler not set as default on linux (<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2844">#2844</a>)</li>
<li><a
href="341919ed57"><code>341919e</code></a>
docs(shell): Remove left over tauri.conf.json &gt; scope mentino</li>
<li><a
href="124f2191aa"><code>124f219</code></a>
chore(deps): update dependency <code>@​tauri-apps/cli</code> to v2.7.1
(<a
href="https://redirect.github.com/tauri-apps/plugins-workspace/issues/2867">#2867</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/plugins-workspace/compare/os-v2.3.0...dialog-v2.3.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-runtime` from 2.7.0 to 2.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-runtime's
releases</a>.</em></p>
<blockquote>
<h2>tauri-runtime-wry v2.7.1</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1020 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding cargo_metadata v0.19.2 (available: v0.20.0)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.2)
      Adding elf v0.7.4 (available: v0.8.0)
      Adding html5ever v0.29.1 (available: v0.33.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding jsonrpsee v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-client-transport v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-core v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-ws-client v0.24.9 (available: v0.25.1)
      Adding matchit v0.8.4 (available: v0.8.6)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding object v0.36.7 (available: v0.37.1)
      Adding oxc_allocator v0.36.0 (available: v0.75.0)
      Adding oxc_ast v0.36.0 (available: v0.75.0)
      Adding oxc_parser v0.36.0 (available: v0.75.0)
      Adding oxc_span v0.36.0 (available: v0.75.0)
      Adding phf v0.11.3 (available: v0.12.1)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding schemars v0.8.22 (available: v1.0.2)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding which v7.0.3 (available: v8.0.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 787 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1045 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96439c2c42"><code>96439c2</code></a>
chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm
audit</li>
<li><a
href="ab97f36b64"><code>ab97f36</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li>
<li><a
href="6a4451bcd9"><code>6a4451b</code></a>
fix(windows): isolation pattern create iframe loop (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li>
<li><a
href="56277e4722"><code>56277e4</code></a>
chore(deps): update napi to v3 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b</code></a>
fix(bundler): Move AppRun to mirror (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li>
<li><a
href="7f3c989111"><code>7f3c989</code></a>
feat(tauri): add <code>plugin_boxed</code> methods (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13837">#13837</a>)</li>
<li><a
href="bda8304107"><code>bda8304</code></a>
fix(cli): error out when migrating from v2 alpha (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13833">#13833</a>)</li>
<li><a
href="fb9d9c7fd1"><code>fb9d9c7</code></a>
chore(readme): Update discord invite (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13836">#13836</a>)</li>
<li><a
href="8263b412c6"><code>8263b41</code></a>
chore(deps): update dependency rollup to v4.45.1 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13831">#13831</a>)</li>
<li><a
href="3025d90951"><code>3025d90</code></a>
feat: expose some window props from runtime-wry (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13822">#13822</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-runtime-v2.7.0...tauri-runtime-v2.7.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `tauri-utils` from 2.5.0 to 2.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri-utils's
releases</a>.</em></p>
<blockquote>
<h2>tauri-utils v2.6.0</h2>
<!-- raw HTML omitted -->
<pre><code>Updating git repository
`https://github.com/tauri-apps/schemars.git`
    Updating crates.io index
warning: Patch `schemars_derive v0.8.21
(https://github.com/tauri-apps/schemars.git?branch=feat%2Fpreserve-description-newlines#c30f9848)`
was not used in the crate graph.
Check that the patched package version and available features are
compatible
with the dependency requirements. If the patch has a different version
from
what is locked in the Cargo.lock file, run `cargo update` to use the new
version. This may also occur with an optional dependency that is not
enabled.
     Locking 1034 packages to latest compatible versions
      Adding apple-codesign v0.27.0 (available: v0.29.0)
      Adding cargo_metadata v0.19.2 (available: v0.21.0)
      Adding colored v2.2.0 (available: v3.0.0)
      Adding ctor v0.2.9 (available: v0.4.2)
      Adding elf v0.7.4 (available: v0.8.0)
      Adding goblin v0.9.3 (available: v0.10.0)
      Adding html5ever v0.29.1 (available: v0.35.0)
      Adding itertools v0.13.0 (available: v0.14.0)
      Adding json-patch v3.0.1 (available: v4.0.0)
      Adding jsonrpsee v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-client-transport v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-core v0.24.9 (available: v0.25.1)
      Adding jsonrpsee-ws-client v0.24.9 (available: v0.25.1)
      Adding matchit v0.8.4 (available: v0.8.6)
      Adding minisign v0.7.3 (available: v0.7.9)
      Adding object v0.36.7 (available: v0.37.1)
      Adding oxc_allocator v0.36.0 (available: v0.77.3)
      Adding oxc_ast v0.36.0 (available: v0.77.3)
      Adding oxc_parser v0.36.0 (available: v0.77.3)
      Adding oxc_span v0.36.0 (available: v0.77.3)
      Adding phf v0.11.3 (available: v0.12.1)
      Adding proc-macro-crate v2.0.0 (available: v2.0.2)
      Adding rpm v0.16.0 (available: v0.17.0)
      Adding schemars v0.8.22 (available: v1.0.4)
      Adding serialize-to-javascript v0.1.1 (available: v0.1.2)
      Adding serialize-to-javascript-impl v0.1.1 (available: v0.1.2)
      Adding tiny_http v0.11.0 (available: v0.12.0)
      Adding toml v0.8.23 (available: v0.9.2)
      Adding toml_edit v0.22.27 (available: v0.23.2)
      Adding which v7.0.3 (available: v8.0.0)
      Adding x509-certificate v0.23.1 (available: v0.24.0)
Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 792 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1059 crate dependencies)
Crate:     atk
Version:   0.18.2
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96439c2c42"><code>96439c2</code></a>
chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm
audit</li>
<li><a
href="ab97f36b64"><code>ab97f36</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li>
<li><a
href="6a4451bcd9"><code>6a4451b</code></a>
fix(windows): isolation pattern create iframe loop (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li>
<li><a
href="56277e4722"><code>56277e4</code></a>
chore(deps): update napi to v3 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b</code></a>
fix(bundler): Move AppRun to mirror (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li>
<li><a
href="7f3c989111"><code>7f3c989</code></a>
feat(tauri): add <code>plugin_boxed</code> methods (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13837">#13837</a>)</li>
<li><a
href="bda8304107"><code>bda8304</code></a>
fix(cli): error out when migrating from v2 alpha (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13833">#13833</a>)</li>
<li><a
href="fb9d9c7fd1"><code>fb9d9c7</code></a>
chore(readme): Update discord invite (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13836">#13836</a>)</li>
<li><a
href="8263b412c6"><code>8263b41</code></a>
chore(deps): update dependency rollup to v4.45.1 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13831">#13831</a>)</li>
<li><a
href="3025d90951"><code>3025d90</code></a>
feat: expose some window props from runtime-wry (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13822">#13822</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-utils-v2.5.0...tauri-utils-v2.6.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:46:44 +00:00
dependabot[bot]
2816ced0a7 build(deps): bump strum from 0.27.1 to 0.27.2 in /rust (#10117) 
Bumps [strum](https://github.com/Peternator7/strum) from 0.27.1 to
0.27.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Peternator7/strum/releases">strum's
releases</a>.</em></p>
<blockquote>
<h2>v0.27.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Adding support for doc comments on <code>EnumDiscriminants</code>
generated type… by <a
href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li>
<li>Drop needless <code>rustversion</code> dependency by <a
href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li>
<li>Upgrade <code>phf</code> to v0.12 by <a
href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li>
<li>allow discriminants on empty enum by <a
href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a
href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li>
<li>Remove broken link to EnumTable docs by <a
href="https://github.com/schneems"><code>@​schneems</code></a> in <a
href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li>
<li>Change enum table callbacks to FnMut. by <a
href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li>
<li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s
by <a
href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in
<a
href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li>
<li>Implement a <code>suffix</code> attribute for serialization of enum
variants by <a
href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li>
<li>Expound upon use_phf docs by <a
href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in
<a
href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li>
<li><a href="https://github.com/crop2000"><code>@​crop2000</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li>
<li><a href="https://github.com/schneems"><code>@​schneems</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li>
<li><a
href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li>
<li><a
href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li>
<li><a
href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a>
made their first contribution in <a
href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's
changelog</a>.</em></p>
<blockquote>
<h2>0.27.2</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>:
Adding support for doc comments on <code>EnumDiscriminants</code>
generated type.</p>
<ul>
<li>The doc comment will be copied from the variant on the type
itself.</li>
</ul>
</li>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow
discriminants on empty enum.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>:
Change enum table callbacks to FnMut.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>:
Add <code>#[automatically_derived]</code> to the <code>impl</code>s by
<a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a>
in <a
href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p>
<ul>
<li>This should make the linter less noisy with warnings in generated
code.</li>
</ul>
</li>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>:
Implement a <code>suffix</code> attribute for serialization of enum
variants.</p>
<pre lang="rust"><code>#[derive(strum::Display)]
#[strum(suffix=&quot;.json&quot;)]
#[strum(serialize_all=&quot;snake_case&quot;)]
enum StorageConfiguration {
  PostgresProvider,
  S3StorageProvider,
  AzureStorageProvider,
}
<p>fn main() {
let response = SurveyResponse::Other(&quot;It was good&quot;.into());
println!(&quot;Loading configuration from: {}&quot;,
StorageConfiguration::PostgresProvider);
// prints: Loaded Configuration from: postgres_provider.json
}
</code></pre></p>
</li>
<li>
<p><a
href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>:
Drop needless <code>rustversion</code> dependency.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="38f66210e7"><code>38f6621</code></a>
Expound upon use_phf docs (<a
href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li>
<li><a
href="bb1339026b"><code>bb13390</code></a>
Implement a <code>suffix</code> attribute for serialization of enum
variants (<a
href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li>
<li><a
href="c9e52bfd28"><code>c9e52bf</code></a>
Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a
href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li>
<li><a
href="1b00f899e5"><code>1b00f89</code></a>
Change enum table callbacks to FnMut. (<a
href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li>
<li><a
href="6e2ca25fba"><code>6e2ca25</code></a>
Remove broken link to EnumTable docs (<a
href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li>
<li><a
href="9503781141"><code>9503781</code></a>
allow discriminants on empty enum (<a
href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li>
<li><a
href="8553ba2845"><code>8553ba2</code></a>
Upgrade <code>phf</code> to v0.12 (<a
href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li>
<li><a
href="2eba5c2a5c"><code>2eba5c2</code></a>
Drop needless <code>rustversion</code> dependency (<a
href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li>
<li><a
href="f301b67d91"><code>f301b67</code></a>
Merge branch 'linclelinkpart5-master-2'</li>
<li><a
href="455b2bf859"><code>455b2bf</code></a>
Merge branch 'master' of <a
href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a>
into lincle...</li>
<li>See full diff in <a
href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:45:44 +00:00
dependabot[bot]
46373d3020 build(deps): bump tokio-util from 0.7.15 to 0.7.16 in /rust (#10115) 
Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.15 to
0.7.16.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cf6b50a3fd"><code>cf6b50a</code></a>
chore: prepare tokio-util v0.7.16 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7507">#7507</a>)</li>
<li><a
href="416e36b0df"><code>416e36b</code></a>
task: stabilise <code>JoinMap</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7075">#7075</a>)</li>
<li><a
href="9741c90f9f"><code>9741c90</code></a>
sync: document cancel safety on <code>SetOnce::wait</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7506">#7506</a>)</li>
<li><a
href="4e3f17bce3"><code>4e3f17b</code></a>
codec: also apply capacity to read buffer in
<code>Framed::with_capacity</code> (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7500">#7500</a>)</li>
<li><a
href="86cbf81e15"><code>86cbf81</code></a>
Merge 'tokio-1.47.1' into 'master'</li>
<li><a
href="be8ee45b3f"><code>be8ee45</code></a>
chore: prepare Tokio v1.47.1 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li>
<li><a
href="d9b19166cd"><code>d9b1916</code></a>
Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li>
<li><a
href="db8edc620f"><code>db8edc6</code></a>
chore: prepare Tokio v1.43.2 (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li>
<li><a
href="e47565b086"><code>e47565b</code></a>
blocking: clarify that spawn_blocking is aborted if not yet started (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7501">#7501</a>)</li>
<li><a
href="4730984d66"><code>4730984</code></a>
readme: add 1.47 as LTS release (<a
href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tokio-rs/tokio/compare/tokio-util-0.7.15...tokio-util-0.7.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio-util&package-manager=cargo&previous-version=0.7.15&new-version=0.7.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 07:43:53 +00:00
Firezone Bot
3e529ed36c chore: publish gateway 1.4.15 (#10134) 2025-08-05 17:17:25 +10:00
Thomas Eizinger
0e32f1c4f2 fix(relay): increase nonce usage to 10000 (#10128) 
On a Gateway with a busy connections, only being able to use a nonce 100
times causes unnecessary churn. We increase this to 10000 to be able to
handle bursts of messages such as channel bindings better.
 2025-08-05 02:00:57 +00:00
Thomas Eizinger
96579483d8 fix(phoenix-channel): timeout room join after 5s (#10130) 
If we fail to join a given room for longer than 5s, we fail the
WebSocket connection and reconnect.
 2025-08-05 02:00:26 +00:00
Thomas Eizinger
d1cbf4f76d chore(snownet): fix relay sampling spam (#10127) 
When we disconnect from a relay, we currently spam `Failed to sample new
relay for connection` until we connect to a new one.
 2025-08-05 00:16:28 +00:00
Thomas Eizinger
27de29fee7 test(connlib): downgrade error (#10123) 
We can run into this when multiple DNS queries all need to be sent to
the same Gateway and we don't have a connection yet. Hence, downgrade
this error to a debug log.
 2025-08-04 13:30:24 +00:00
Thomas Eizinger
1222be8fc9 fix(snownet): de-multiplex packets based on WG session index (#10109) 
Right now, `snownet` de-multiplexes WireGuard packets based on their
source tuple (IP + port) to the _first_ connection that would like to
handle this traffic. What appears to be happening based on observation
from customer logs is that we sometimes dispatch the traffic to the
wrong connection.

The WireGuard packet format uses session indices to declare, which
session a packet is for. The local session index is selected during the
handshake for a particular session.

By associating the different session indices (we can have up to 8 in
parallel per peer) with our Firezone-specific connection ID, we can
change our de-multiplexing scheme to uses these indices instead of the
source tuple. This is especially important for Gateways as those talk to
multiple different clients.

The session index is a 32-bit integer where the top 24 bits identify the
connection and the bottom 8 bits are used in a round-robin fashion to
identify individual sessions within the connection. Thus, to find the
correct connection, we right-shift the session index of an incoming
packet to arrive back at the 24-bit connection identifier.

In environments with a limited number of ports outside the NAT, a
connection from a new Client may come from a source tuple of a previous
Client. In such a case, we'd dispatch the packets to the wrong
connection, causing the Client to not be able to handshake a tunnel.
 2025-08-04 23:35:48 +10:00
Thomas Eizinger
324edce754 feat(connlib): roll-over WireGuard session on connection upsert (#10102) 
When a Client upserts a connection to a Gateway, we currently assume
that the connection is still intact. After all, it hasn't hit an ICE
timeout, otherwise the connection would not be present in memory. If
however the Gateway restarted or somehow lost its connection state and
the Client hasn't noticed yet, then the upsert will be an _insert_ for
the Gateway and ICE will create a new connection for us.

In order to ensure that the WireGuard tunnel state and ICE are
synchronized at all times, we also need to handshake a new session.

`boringtun` maintains up to 8 concurrent sessions for us. This allows
for a smooth roll-over where packets encrypted with the keys from
previous sessions can still be decrypted. Thus, we can easily roll-over
the session on every connection upsert without any trouble.

To ensure that this doesn't happen _very_ rapidly, we debounce these
proactive session roll-overs to happen at most every 20s.

This follows the idea of MADR-0017.

---------

Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2025-08-04 00:20:28 +00:00
Firezone Bot
acf52ccf1e chore: publish apple-client 1.5.6 (#10106) 2025-08-02 19:43:35 +00:00
Thomas Eizinger
ea6f1ce145 chore(telemetry): allow to dynamically change the log filter (#10065) 
In addition to sending true/false for a feature-flag, PostHog also
allows us to send a payload with them. We can use this to carry the
log-filter we'd like to stream logs for. With this, we can dynamically
change which logs we are getting forwarded to Sentry.

Unfortunately, this cannot be done on a per-user basis, meaning we will
always have the same log filter for all users where the feature-flag is
enabled.
 2025-08-02 10:23:35 +00:00
Thomas Eizinger
cd177a6448 fix(gateway): don't remove peer state on disconnect (#10040) 
When the connection to a Client disappears, the Gateway currently clears
all state related to this peer. Whilst eagerly cleaning up memory can be
good, in this case, it may lead to the Client thinking it has access to
a resource when in reality it doesn't.

Just because the connection to a Client failed doesn't mean their access
authorizations are invalid. In case the Client reconnects, it should be
able to just continue sending traffic.

At the moment, this only works if the connection also failed on the
Client and therefore, its view of the world in regards to "which
resources do I have access to" was also reset.

What we are seeing in Sentry reports though is that Clients are
attempting to access these resources, thinking they have access but the
Gateway denies it because it has lost the access authorization state.
 2025-08-02 08:27:49 +00:00
Thomas Eizinger
a4eb6509c6 chore(snownet): fix buffering log message (#10060) 
What we are actually buffering here are unencrypted IP packets that are
waiting for the tunnel to be established.
 2025-08-01 22:51:49 +00:00
dependabot[bot]
f0a8eee164 build(deps): bump the react group in /rust/gui-client with 5 updates (#10089) 
Bumps the react group in /rust/gui-client with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) |
`19.1.0` | `19.1.1` |
|
[@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)
| `19.1.8` | `19.1.9` |
|
[react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom)
| `19.1.0` | `19.1.1` |
|
[@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom)
| `19.1.6` | `19.1.7` |
|
[react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router)
| `7.7.0` | `7.7.1` |

Updates `react` from 19.1.0 to 19.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">react's
releases</a>.</em></p>
<blockquote>
<h2>19.1.1 (July 28, 2025)</h2>
<h3>React</h3>
<ul>
<li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a
href="https://redirect.github.com/facebook/react/pull/33680">#33680</a>
by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react's
changelog</a>.</em></p>
<blockquote>
<h2>19.1.1 (July 28, 2025)</h2>
<h3>React</h3>
<ul>
<li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a
href="https://redirect.github.com/facebook/react/pull/33680">#33680</a>
by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="87e33ca2b7"><code>87e33ca</code></a>
Set release versions to 19.1.1</li>
<li><a
href="5a1eb6f61a"><code>5a1eb6f</code></a>
fix: rename bottom stack frame (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/33680">#33680</a>)</li>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/v19.1.1/packages/react">compare
view</a></li>
</ul>
</details>
<br />

Updates `@types/react` from 19.1.8 to 19.1.9
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />

Updates `react-dom` from 19.1.0 to 19.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">react-dom's
releases</a>.</em></p>
<blockquote>
<h2>19.1.1 (July 28, 2025)</h2>
<h3>React</h3>
<ul>
<li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a
href="https://redirect.github.com/facebook/react/pull/33680">#33680</a>
by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react-dom's
changelog</a>.</em></p>
<blockquote>
<h2>19.1.1 (July 28, 2025)</h2>
<h3>React</h3>
<ul>
<li>Fixed Owner Stacks to work with ES2015 function.name semantics (<a
href="https://redirect.github.com/facebook/react/pull/33680">#33680</a>
by <a href="https://github.com/hoxyq"><code>@​hoxyq</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="87e33ca2b7"><code>87e33ca</code></a>
Set release versions to 19.1.1</li>
<li><a
href="b793948e15"><code>b793948</code></a>
Bump next prerelease version numbers (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/32782">#32782</a>)</li>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/v19.1.1/packages/react-dom">compare
view</a></li>
</ul>
</details>
<br />

Updates `@types/react-dom` from 19.1.6 to 19.1.7
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare
view</a></li>
</ul>
</details>
<br />

Updates `react-router` from 7.7.0 to 7.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/remix-run/react-router/releases">react-router's
releases</a>.</em></p>
<blockquote>
<h2>v7.7.1</h2>
<p>See the changelog for release notes: <a
href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v771">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v771</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md">react-router's
changelog</a>.</em></p>
<blockquote>
<h2>7.7.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>In RSC Data Mode, fix bug where routes with errors weren't forced to
revalidate when <code>shouldRevalidate</code> returned false (<a
href="https://redirect.github.com/remix-run/react-router/pull/14026">#14026</a>)</li>
<li>In RSC Data Mode, fix <code>Matched leaf route at location
&quot;/...&quot; does not have an element or Component</code> warnings
when error boundaries are rendered. (<a
href="https://redirect.github.com/remix-run/react-router/pull/14021">#14021</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4eb1fd1d3f"><code>4eb1fd1</code></a>
chore: Update version for release (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14068">#14068</a>)</li>
<li><a
href="929f77311a"><code>929f773</code></a>
chore: Update version for release (pre) (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14051">#14051</a>)</li>
<li><a
href="d2f6396e43"><code>d2f6396</code></a>
Add jsdocs for useOutletContext from main</li>
<li><a
href="ea1cd40dca"><code>ea1cd40</code></a>
docs: minor updates (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14038">#14038</a>)</li>
<li><a
href="433872f6ab"><code>433872f</code></a>
Force revalidation of RSC routes with errors (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14026">#14026</a>)</li>
<li><a
href="3fdce65c72"><code>3fdce65</code></a>
Fix RSC outlet fallback warnings on error (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14021">#14021</a>)</li>
<li><a
href="15e9a9eca9"><code>15e9a9e</code></a>
chore: format</li>
<li><a
href="5bbbc9db06"><code>5bbbc9d</code></a>
docs(api): add some extra reference links (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13985">#13985</a>)</li>
<li><a
href="b95cf3ff1b"><code>b95cf3f</code></a>
Add JSDocs for RSC apis (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14019">#14019</a>)</li>
<li><a
href="3acd610339"><code>3acd610</code></a>
docs(api): Fix doc examples that are missing async (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14017">#14017</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/remix-run/react-router/commits/react-router@7.7.1/packages/react-router">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-01 12:03:51 +00:00
dependabot[bot]
960df4242c build(deps): bump the tauri group in /rust/gui-client with 2 updates (#10087) 
Bumps the tauri group in /rust/gui-client with 2 updates:
[@tauri-apps/api](https://github.com/tauri-apps/tauri) and
[@tauri-apps/cli](https://github.com/tauri-apps/tauri).

Updates `@tauri-apps/api` from 2.6.0 to 2.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/api</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/api</code> v2.7.0</h2>
<!-- raw HTML omitted -->
<pre><code>No known vulnerabilities found
</code></pre>
<!-- raw HTML omitted -->
<h2>[2.7.0]</h2>
<h3>New Features</h3>
<ul>
<li><a
href="232265c70e"><code>232265c70</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13209">#13209</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../kandrelczyk"><code>@​kandrelczyk</code></a>)
Added <code>getBundleType</code> to the app module.</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li><a
href="96391467e9"><code>96391467e</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13783">#13783</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../JosephBrooksbank"><code>@​JosephBrooksbank</code></a>)
Allow events emitted with <code>emit</code> to be handled correctly by
<code>listen</code> callbacks when in a mocked environment</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="152d971bcd"><code>152d971bc</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13744">#13744</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Expose <code>unregisterCallback</code>, <code>runCallback</code>,
<code>callbacks</code> in <code>mockIPC</code></li>
<li><a
href="b821796add"><code>b821796ad</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13810">#13810</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../asdolo"><code>@​asdolo</code></a>)
Add missing <code>trafficLightPosition</code> TypeScript type
definition</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>&gt; @tauri-apps/api@2.7.0 npm-publish
/home/runner/work/tauri/tauri/packages/api
&gt; pnpm build &amp;&amp; cd ./dist &amp;&amp; pnpm publish --access
public --loglevel silly --no-git-checks
<p>&gt; <code>@​tauri-apps/api</code><a
href="https://github.com/2"><code>@​2</code></a>.7.0 build
/home/runner/work/tauri/tauri/packages/api
&gt; rollup -c --configPlugin typescript</p>
<p>
./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts,
./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts,
./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts,
./src/window.ts → ./dist, ./dist...
created ./dist, ./dist in 1.5s

src/index.ts →
../../crates/tauri/scripts/bundle.global.js...
created ../../crates/tauri/scripts/bundle.global.js in
1.8s
npm verbose cli /opt/hostedtoolcache/node/20.19.3/x64/bin/node
/opt/hostedtoolcache/node/20.19.3/x64/bin/npm
npm info using npm@10.8.2
npm info using node@v20.19.3
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.3/x64/lib/node_modules/npm/npmrc
npm silly config load:file:/tmp/2aa98b41aabaf31df3a84589911580aa/.npmrc
npm silly config load:file:/home/runner/work/_temp/.npmrc
npm silly config
load:file:/opt/hostedtoolcache/node/20.19.3/x64/etc/npmrc
npm verbose title npm publish tauri-apps-api-2.7.0.tgz
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96439c2c42"><code>96439c2</code></a>
chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm
audit</li>
<li><a
href="ab97f36b64"><code>ab97f36</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li>
<li><a
href="6a4451bcd9"><code>6a4451b</code></a>
fix(windows): isolation pattern create iframe loop (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li>
<li><a
href="56277e4722"><code>56277e4</code></a>
chore(deps): update napi to v3 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b</code></a>
fix(bundler): Move AppRun to mirror (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li>
<li><a
href="7f3c989111"><code>7f3c989</code></a>
feat(tauri): add <code>plugin_boxed</code> methods (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13837">#13837</a>)</li>
<li><a
href="bda8304107"><code>bda8304</code></a>
fix(cli): error out when migrating from v2 alpha (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13833">#13833</a>)</li>
<li><a
href="fb9d9c7fd1"><code>fb9d9c7</code></a>
chore(readme): Update discord invite (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13836">#13836</a>)</li>
<li><a
href="8263b412c6"><code>8263b41</code></a>
chore(deps): update dependency rollup to v4.45.1 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13831">#13831</a>)</li>
<li><a
href="3025d90951"><code>3025d90</code></a>
feat: expose some window props from runtime-wry (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13822">#13822</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.6.0...@tauri-apps/api-v2.7.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `@tauri-apps/cli` from 2.6.2 to 2.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases"><code>@​tauri-apps/cli</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​tauri-apps/cli</code> v2.7.1</h2>
<h2>[2.7.1]</h2>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.7.1</code></li>
</ul>
<h2><code>@​tauri-apps/cli</code> v2.7.0</h2>
<h2>[2.7.0]</h2>
<h3>New Features</h3>
<ul>
<li><a
href="33d079392a"><code>33d079392</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13811">#13811</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../mhbagheri-99"><code>@​mhbagheri-99</code></a>)
Allow runner configuration to be an object with cmd, cwd, and args
properties. The runner can now be configured as <code>{ &quot;cmd&quot;:
&quot;my_runner&quot;, &quot;cwd&quot;: &quot;/path&quot;,
&quot;args&quot;: [&quot;--quiet&quot;] }</code> while maintaining
backwards compatibility with the existing string format.</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li><a
href="232265c70e"><code>232265c70</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13209">#13209</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../kandrelczyk"><code>@​kandrelczyk</code></a>)
Binaries are patched before bundling to add the type of a bundle they
will placed in. This information will be used during update process to
select the correct target.</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="916aeaa486"><code>916aeaa48</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13781">#13781</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fixes Android dev and build commands reading
<code>tauri.ios.conf.json</code> instead of
<code>tauri.android.conf.json</code> to merge platform-specific
configuration.</li>
<li><a
href="0f248b111f"><code>0f248b111</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13799">#13799</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Install iOS dependencies when needed.</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b75</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13863">#13863</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../FabianLars"><code>@​FabianLars</code></a>)
The AppImage bundler now pulls the AppRun binaries from our GitHub
mirror, fixing 404 errors.</li>
<li><a
href="bda8304107"><code>bda830410</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Fail with an error when trying to migrate from v2 alpha</li>
<li><a
href="bda8304107"><code>bda830410</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Use v2 stable instead of v2-rc when migrating from v2-beta</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.7.0</code></li>
</ul>
<h2><code>@​tauri-apps/cli</code> v2.6.3</h2>
<h2>[2.6.3]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="916aeaa486"><code>916aeaa48</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13781">#13781</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Fixes Android dev and build commands reading
<code>tauri.ios.conf.json</code> instead of
<code>tauri.android.conf.json</code> to merge platform-specific
configuration.</li>
<li><a
href="0f248b111f"><code>0f248b111</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13799">#13799</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../lucasfernog"><code>@​lucasfernog</code></a>)
Install iOS dependencies when needed.</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b75</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13863">#13863</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../FabianLars"><code>@​FabianLars</code></a>)
The AppImage bundler now pulls the AppRun binaries from our GitHub
mirror, fixing 404 errors.</li>
<li><a
href="bda8304107"><code>bda830410</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Fail with an error when trying to migrate from v2 alpha</li>
<li><a
href="bda8304107"><code>bda830410</code></a>
(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/13833">#13833</a>
by <a
href="https://www.github.com/tauri-apps/tauri/../../Legend-Master"><code>@​Legend-Master</code></a>)
Use v2 stable instead of v2-rc when migrating from v2-beta</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Upgraded to <code>tauri-cli@2.7.0</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fd63f229d5"><code>fd63f22</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13871">#13871</a>)</li>
<li><a
href="af95fb6014"><code>af95fb6</code></a>
fix: sign main binary after patching with bundle info (fix <a
href="https://redirect.github.com/tauri-apps/tauri/issues/13868">#13868</a>)
(<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13870">#13870</a>)</li>
<li><a
href="65bb24b9ae"><code>65bb24b</code></a>
fix(cli): fix metadata version</li>
<li><a
href="332ec355a1"><code>332ec35</code></a>
fix(cli): add default triplets to napi targets config</li>
<li><a
href="2c46b1873e"><code>2c46b18</code></a>
chore(deps): update dependency eslint-config-prettier to v10.1.8 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13855">#13855</a>)</li>
<li><a
href="96439c2c42"><code>96439c2</code></a>
chore(deps): Update <code>@​eslint/plugin-kit</code> to fix pnpm
audit</li>
<li><a
href="ab97f36b64"><code>ab97f36</code></a>
apply version updates (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13751">#13751</a>)</li>
<li><a
href="6a4451bcd9"><code>6a4451b</code></a>
fix(windows): isolation pattern create iframe loop (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13849">#13849</a>)</li>
<li><a
href="56277e4722"><code>56277e4</code></a>
chore(deps): update napi to v3 (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13852">#13852</a>)</li>
<li><a
href="7a6fd5b75d"><code>7a6fd5b</code></a>
fix(bundler): Move AppRun to mirror (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/13863">#13863</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.6.2...@tauri-apps/cli-v2.7.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-01 12:01:23 +00:00
Thomas Eizinger
17a18fdfbb feat(connlib): always use candidates in order of priority (#10063) 
To make things easier to debug, we enforce the order that candidates are
processed in. We want candidates to be processed in the order of their
inverse priority as higher priorities are better. For example, a host
candidate has a higher priority than a relay candidate.

This will make our logs more consistent because a `0-0` candidate pair
is always a `host-host` pair.

We enforce this with our own `IceCandidate` type which implements
`PartialOrd` and `Ord`. This now moves the deserialisation for the
portal messages to a `Deserialise` impl on this type. In order to ensure
that a single faulty candidate doesn't invalidate the entire list, we
use `serde_with` to skip over those elements that cannot be
deserialised.
 2025-08-01 01:57:29 +00:00
Thomas Eizinger
9b8efdcf08 chore(connlib): bump str0m (#10066) 
This bumps our str0m dependency to include improvements that I've been
making to the logs:

- https://github.com/algesten/str0m/pull/681
- https://github.com/algesten/str0m/pull/682
 2025-08-01 01:55:56 +00:00
Thomas Eizinger
52a9079d6a feat(snownet): use in-flight channels to relay data (#10062) 
In #7548, we added a feature to Firezone where TURN channels get bound
on-demand as they are needed. To ensure many communication paths work,
we also proactively bind them as soon as we receive a candidate from a
remote.

When a new remote candidate gets added, str0m forms pairs with all the
existing local candidates and starts testing these candidate pairs. For
local relay candidates, this means sending a channel data message from
the allocation.

At the moment, this results in the following pattern in the logs:

```
Received candidate from remote cid=20af9d29-c973-4d77-909a-abed5d7a0234 candidate=Candidate(relay=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759/udp raddr=[59A533B0D4D3CB3717FD3D655E1D419E1C9C0772]:0 prio=37492735)
No channel to peer, binding new one active_socket=462A7A508E3C99875E69C2519CA020330A6004EC:3478 peer=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759
Already binding a channel to peer active_socket=Some(462A7A508E3C99875E69C2519CA020330A6004EC:3478) peer=[3231E680683CFC98E69A12A60F426AA5E5F110CB]:62759
class=success response from=462A7A508E3C99875E69C2519CA020330A6004EC:3478 method=channel bind rtt=9.928424ms tid=042F52145848D6C1574BB997 
```

What happens here is:

1. We receive a new candidate and proactively bind a channel (this is a
silent operation and therefore not visible in the logs).
2. str0m formed new pairs for these candidates and starts testing them,
triggering a new channel binding because the previous one isn't
completed yet.
3. We refuse to make another channel binding because we see that we
already have one in-flight.
4. The channel binding succeeds.

What we do now is:

If we want to send data to a peer through a channel, we check whether we
have a connected OR an in-flight channel and send it in both cases. If
the channel binding is still in-flight, we therefore just pipeline the
channel data message just after it. Chances are that - assuming no
packet re-orderings on the network - by the time our channel data
message arrives at the relay that binding is active and can be relayed.

This allows the very first binding attempt from str0m to already succeed
instead of waiting for the timeout and sending another binding request.
In addition, it makes these logs less confusing.
 2025-07-31 04:10:38 +00:00
Thomas Eizinger
e07e45ed29 chore(snownet): allow filtering TURN traffic in logs (#10061) 
Our TURN traffic is fairly minimal for this to be okay on DEBUG (instead
of TRACE). However, it can be quite noisy when one is just scanning
through the logs. Putting it on another target allows us to filter those
out later.

Note that these only concern the TURN control protocol. Channel data
messages are separate from this and **not** logged.
 2025-07-31 03:46:59 +00:00
Thomas Eizinger
5753b72a5e chore(snownet): fix typo in PeerSocket formatting (#10049) 2025-07-30 22:58:22 +00:00
Thomas Eizinger
551e687cc7 chore(rust): bump boringtun (#10052) 
This brings in https://github.com/firezone/boringtun/pull/109.
 2025-07-30 16:14:38 +00:00
Thomas Eizinger
6c1c42ea22 chore(snownet): fix handle_timeout span (#10046) 
Spans only attach to logs of lower severity, i.e. a DEBUG span is only
visible for DEBUG and TRACE statements. In order to see the connection
ID here with our INFO statements, we need to make it an INFO span.

Also, a span does nothing unless it is entered 🤦‍♂️
 2025-07-30 03:12:11 +00:00
Thomas Eizinger
2166c49033 chore(windows): remove noisy AccessDenied errors (#10043) 
These don't really tell us much. It appears that Windows is sometimes
failing to access the pipe but then succeeds on the next attempt, hence
why we have the retry loop in the first place. Logging a warning here
just spams Sentry unnecessarily.
 2025-07-29 12:48:58 +00:00
Thomas Eizinger
69f9a03ee8 refactor(connlib): simplify IpPacket struct (#9795) 
With the removal of the NAT64/46 modules, we can now simplify the
internals of our `IpPacket` struct. The requirements for our `IpPacket`
struct are somewhat delicate.

On the one hand, we don't want to be overly restrictive in our parsing /
validation code because there is a lot of broken software out there that
doesn't necessarily follow RFCs. Hence, we want to be as lenient as
possible in what we accept.

On the other hand, we do need to verify certain aspects of the packet,
like the payload lengths. At the moment, we are somewhat too lenient
there which causes errors on the Gateway where we have to NAT or
otherwise manipulate the packets. See #9567 or #9552 for example.

To fix this, we make the parsing in the `IpPacket` constructor more
restrictive. If it is a UDP, TCP or ICMP packet, we attempt to fully
parse its headers and validate the payload lengths.

This parsing allows us to then rely on the integrity of the packet as
part of the implementation. This does create several code paths that can
in theory panic but in practice, should be impossible to hit. To ensure
that this does in fact not happen, we also tackle an issue that is long
overdue: Fuzzing.

Resolves: #6667 
Resolves: #9567
Resolves: #9552
 2025-07-29 04:42:57 +00:00
Thomas Eizinger
879f68cf73 refactor(connlib): use extract_if to expire resources (#10039) 
Rust 1.88 shipped a new std-function on `HashMap` to conditionally
extract elements from a `HashMap`. This is handy for time-based expiry
of resources on the Gateway.
 2025-07-29 03:33:47 +00:00
Thomas Eizinger
5c3b15c1a9 chore(connlib): harmonise naming of IDs (#10038) 
When filtering through logs in Sentry, it is useful to narrow them down
by context of a client, gateway or resource. Currently, these fields are
sometimes called `client`, `cid`, `client_id` etc and the same for the
Gateway and Resources.

To make this filtering easier, name all of them `cid` for Client IDs,
`gid` for Gateway IDs and `rid` for Resource IDs.
 2025-07-29 03:33:09 +00:00
Thomas Eizinger
e9c74b1bfe chore(connlib): treat Invalid Argument as unreachable hosts (#10037) 
These appear to happen on systems that e.g. don't have IPv6 support or
where the destination cannot be reached. It is a bit of a catch-all but
all the ones I am seeing in Sentry are false-positives. To reduce the
noise a bit, we log these on DEBUG now.
 2025-07-29 03:04:13 +00:00
Thomas Eizinger
e81dc452f7 refactor(connlib): use a lock-free queue for the buffer pool (#9989) 
We use several buffer pools across `connlib` that are all backed by the
same buffer-pool library. Within that library, we currently use another
object-pool library to provide the actual pooling functionality.

Benchmarking has shown that spend quite a bit of time (a few % of total
CPU time), fighting for the lock to either add or remote a buffer from
the pool. This is unnecessary. By using a queue, we can remove buffers
from the front and add buffers at the back, both of which can be
implemented in a lock-free way such that they don't contend.

Using the well-known `crossbeam-queue` library, we have such a queue
directly available.

I wasn't able to directly measure a performance gain in terms of
throughput. What we can measure though, is how much time we spend
dealing with our buffer pool vs everything else. If we compare the
`perf` outputs that were recorded during an `iperf` run each, we can see
that we spend about 60% less time dealing with the buffer pool than we
did before.

|Before|After|
|---|---|
|<img width="1982" height="553" alt="Screenshot From 2025-07-24
20-27-50"
src="https://github.com/user-attachments/assets/1698f28b-5821-456f-95fa-d6f85d901920"
/>|<img width="1982" height="553" alt="Screenshot From 2025-07-24
20-27-53"
src="https://github.com/user-attachments/assets/4f26a2d1-03e3-4c0d-84da-82c53b9761dd"
/>|

The number in the thousands on the left is how often the respective
function was the currently executing function during the profiling run.

Resolves: #9972
 2025-07-28 21:39:11 +00:00
Thomas Eizinger
55304b3d2a refactor(snownet): learn host candidates from TURN traffic (#9998) 
Presently, for each UDP packet that we process in `snownet`, we check if
we have already seen this local address of ours and if not, add it to
our list of host candidates. This is a safe way for ensuring that we
consider all addresses that we receive data on as ones that we tell our
peers that they should try and contact us on.

Performance profiling has shown that hashing the socket address of each
packet that is coming in is quite wasteful. We spend about 4-5% of our
main thread time doing this. For comparison, decrypting packets is only
about 30%.

Most of the time, we will already know about this address and therefore,
spending all this CPU time is completely pointless. At the same time
though, we need to be sure that we do discover our local address
correctly.

Inspired by STUN, we therefore move this responsibility to the
`allocation` module. The `allocation` module is responsible for
interacting with our TURN servers and will yield server-reflexive and
relay candidates as a result. It also knows, what the local address is
that it received traffic on so we simply extend that to yield host
candidates as well in addition to server-reflexive and relay candidates.

On my local machine, this bumps us across the 3.5 Gbits/sec mark:

```
Connecting to host 172.20.0.110, port 5201
[  5] local 100.93.174.92 port 57890 connected to 172.20.0.110 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   319 MBytes  2.67 Gbits/sec   18    548 KBytes       
[  5]   1.00-2.00   sec   413 MBytes  3.46 Gbits/sec    4    884 KBytes       
[  5]   2.00-3.00   sec   417 MBytes  3.50 Gbits/sec    4   1.10 MBytes       
[  5]   3.00-4.00   sec   425 MBytes  3.56 Gbits/sec  415    785 KBytes       
[  5]   4.00-5.00   sec   430 MBytes  3.60 Gbits/sec  154    820 KBytes       
[  5]   5.00-6.00   sec   434 MBytes  3.64 Gbits/sec  251    793 KBytes       
[  5]   6.00-7.00   sec   436 MBytes  3.66 Gbits/sec  123    811 KBytes       
[  5]   7.00-8.00   sec   435 MBytes  3.65 Gbits/sec    2    788 KBytes       
[  5]   8.00-9.00   sec   423 MBytes  3.55 Gbits/sec    0   1.06 MBytes       
[  5]   9.00-10.00  sec   433 MBytes  3.63 Gbits/sec    8   1017 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-20.00  sec  8.21 GBytes  3.53 Gbits/sec  1728             sender
[  5]   0.00-20.00  sec  8.21 GBytes  3.53 Gbits/sec                  receiver

iperf Done.
```
 2025-07-28 21:38:39 +00:00
Thomas Eizinger
9c71026416 chore(connlib): gate more trace logs on debug_assertions (#10026) 
These are otherwise hit pretty often in the hot-path and slow packet
routing down because tracing needs to evaluate whether it should log the
statement.
 2025-07-28 21:38:23 +00:00
Thomas Eizinger
1317bbb9e2 refactor(gui-client): replace tslink with tauri-specta (#10031) 
Despite still being in development, the `tauri-specta` project already
proves to be quite useful. It allows us to generate TypeScript bindings
for our commands and events, creating a type-safe contract between the
frontend and the backend.

For example, this ensures that the TypeScript code calls a command
actually with the required parameters and thus avoids runtime failures.

Similarly, the frontend can listen on type-safe events without having to
use any magic strings.
 2025-07-28 21:37:24 +00:00
Firezone Bot
e6fc7e62da chore: publish apple-client 1.5.5 (#10035) 2025-07-28 20:14:12 +00:00