Bumps [serde](https://github.com/serde-rs/serde) from 1.0.223 to
1.0.228.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.228</h2>
<ul>
<li>Allow building documentation with
<code>RUSTDOCFLAGS='--cfg=docsrs'</code> set for the whole dependency
graph (<a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>)</li>
</ul>
<h2>v1.0.227</h2>
<ul>
<li>Documentation improvements (<a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>)</li>
</ul>
<h2>v1.0.226</h2>
<ul>
<li>Deduplicate variant matching logic inside generated Deserialize impl
for adjacently tagged enums (<a
href="https://redirect.github.com/serde-rs/serde/issues/2935">#2935</a>,
thanks <a
href="https://github.com/Mingun"><code>@Mingun</code></a>)</li>
</ul>
<h2>v1.0.225</h2>
<ul>
<li>Avoid triggering a deprecation warning in derived Serialize and
Deserialize impls for a data structure that contains its own
deprecations (<a
href="https://redirect.github.com/serde-rs/serde/issues/2879">#2879</a>,
thanks <a
href="https://github.com/rcrisanti"><code>@rcrisanti</code></a>)</li>
</ul>
<h2>v1.0.224</h2>
<ul>
<li>Remove private types being suggested in rustc diagnostics (<a
href="https://redirect.github.com/serde-rs/serde/issues/2979">#2979</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a866b336f1"><code>a866b33</code></a>
Release 1.0.228</li>
<li><a
href="5adc9e816c"><code>5adc9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>
from dtolnay/rustdocflags</li>
<li><a
href="ab581789f4"><code>ab58178</code></a>
Workaround for RUSTDOCFLAGS='--cfg=docsrs'</li>
<li><a
href="415d9fc560"><code>415d9fc</code></a>
Release 1.0.227</li>
<li><a
href="7c58427e12"><code>7c58427</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>
from dtolnay/inlinecoredoc</li>
<li><a
href="9d3410e3f4"><code>9d3410e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2992">#2992</a>
from dtolnay/inplaceseed</li>
<li><a
href="2fb6748bf1"><code>2fb6748</code></a>
Remove InPlaceSeed public re-export</li>
<li><a
href="f8137c79a2"><code>f8137c7</code></a>
Inline serde_core into serde in docsrs mode</li>
<li><a
href="b7dbf7e3cb"><code>b7dbf7e</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2990">#2990</a>
from dtolnay/integer128</li>
<li><a
href="7c836915fc"><code>7c83691</code></a>
No longer macro_use integer128 module</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.223...v1.0.228">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In order to make the flow logs emitted by the Gateway more useful and
self-contained, we extend the `authorize_flow` message sent to the
Gateway with some more context around the Client and Actor of that flow.
In particular, we now also send the following to the Gateway:
- `client_version`
- `device_os_version`
- `device_os_name`
- `device_serial`
- `device_uuid`
- `device_identifier_for_vendor`
- `device_firebase_installation_id`
- `identity_id`
- `identity_name`
- `actor_id`
- `actor_email`
We only extend the `authorize_flow` message with these additional
properties. The legacy messages for 1.3.x Clients remain as is. For
those Clients, the above properties will be empty in the flow logs.
Resolves: #10690
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps the netlink group in /rust with 3 updates:
[netlink-packet-core](https://github.com/rust-netlink/netlink-packet-core),
[netlink-packet-route](https://github.com/rust-netlink/netlink-packet-route)
and [rtnetlink](https://github.com/rust-netlink/rtnetlink).
Updates `netlink-packet-core` from 0.7.0 to 0.8.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/releases">netlink-packet-core's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.8.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>New release 0.8.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-core/blob/main/CHANGELOG">netlink-packet-core's
changelog</a>.</em></p>
<blockquote>
<h2>[0.8.1] - 2025-09-18</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Revert back to paste dependency. (4447216)</li>
</ul>
<h2>[0.8.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Changed <code>DecodeError</code> from enum to struct. (f55d7b7,
63da36a)</li>
<li>Merged <code>netlink-packet-utils</code> into
<code>netlink-packet-core</code>. (f55d7b7, 0951455,
ba127bf, a232478, 8027f63, 41fe03d, 260e596, cc6bf08, 63da36a,
410c61d)</li>
<li>Remove dependency of byteorder crate. (16d63fb)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support zero sized done message. (100413a)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e34595f54f"><code>e34595f</code></a>
New release 0.8.1</li>
<li><a
href="44472161c5"><code>4447216</code></a>
Revert back to paste dependency</li>
<li><a
href="b40f3d616f"><code>b40f3d6</code></a>
New release 0.8.0</li>
<li><a
href="46a3fee30b"><code>46a3fee</code></a>
Run cargo fmt</li>
<li><a
href="100413a1b7"><code>100413a</code></a>
Support zero sized done message</li>
<li><a
href="81b2d0f406"><code>81b2d0f</code></a>
CI: Fail to test for clippy warnings</li>
<li><a
href="663310a04c"><code>663310a</code></a>
Revert "ci: add code coverage support"</li>
<li><a
href="16d63fb0a8"><code>16d63fb</code></a>
Remove dependency of byteorder crate</li>
<li><a
href="410c61db71"><code>410c61d</code></a>
Changed Parseable to raise DecodeError</li>
<li><a
href="63da36a2fc"><code>63da36a</code></a>
Extend ErrorContext to accept <code>std::fmt::Display</code></li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-core/compare/v0.7.0...v0.8.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `netlink-packet-route` from 0.24.0 to 0.25.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/releases">netlink-packet-route's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.25.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>New release 0.25.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/netlink-packet-route/blob/main/CHANGELOG">netlink-packet-route's
changelog</a>.</em></p>
<blockquote>
<h2>[0.25.1] - 2025-08-29</h2>
<h3>Breaking changes</h3>
<ul>
<li>Set minimum supported rust version to 1.77. (6bd5418)</li>
</ul>
<h3>New features</h3>
<ul>
<li>N/A</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix compiling error on rust 1.77. (6bd5418)</li>
</ul>
<h2>[0.25.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Drop the dependency on <code>netlink-packet-utils</code>.
(e09acbd)</li>
<li>Add <code>non_exhaustive</code> to these bond options: (eacf67f)
<ul>
<li><code>BondArpValidate</code></li>
<li><code>BondPrimaryReselect</code></li>
<li><code>BondXmitHashPolicy</code></li>
<li><code>BondArpAllTargets</code></li>
<li><code>BondFailOverMac</code></li>
</ul>
</li>
<li>Changed <code>AfSpecInet6::AddrGenMode</code> to enum.
(7daf895)</li>
<li>Changed <code>LinkAttribute::Mode</code> to enum. (be2796c)</li>
</ul>
<h3>New features</h3>
<ul>
<li>Support <code>LWTUNNEL_ENCAP_IP6</code>. (0e49453)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Expose In6AddrGenMode. (faf9d39)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e3dc02da86"><code>e3dc02d</code></a>
New release 0.25.1</li>
<li><a
href="4dfe87d7cb"><code>4dfe87d</code></a>
CI: Change MSRV test not using metric</li>
<li><a
href="6bd5418da9"><code>6bd5418</code></a>
Set minimum supported rust version to 1.77</li>
<li><a
href="a473cca426"><code>a473cca</code></a>
New release 0.25.0</li>
<li><a
href="e09acbd440"><code>e09acbd</code></a>
Use netlink-packet-core 0.8.0</li>
<li><a
href="faf9d390f2"><code>faf9d39</code></a>
Fix private In6AddrGenMode</li>
<li><a
href="eacf67f90f"><code>eacf67f</code></a>
link: Add <code>non_exhaustive</code> to bond classes</li>
<li><a
href="eef9be7e7c"><code>eef9be7</code></a>
Add example code of dumping routes</li>
<li><a
href="0e49453468"><code>0e49453</code></a>
Add support for LWTUNNEL_ENCAP_IP6</li>
<li><a
href="7daf895552"><code>7daf895</code></a>
Change AddrGenMode into enum</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/netlink-packet-route/compare/v0.24.0...v0.25.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `rtnetlink` from 0.17.0 to 0.18.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/releases">rtnetlink's
releases</a>.</em></p>
<blockquote>
<h2>New release 0.18.1</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>New release 0.18.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-netlink/rtnetlink/blob/main/CHANGELOG">rtnetlink's
changelog</a>.</em></p>
<blockquote>
<h2>[0.18.1] - 2025-09-09</h2>
<h3>Breaking changes</h3>
<ul>
<li>N/A</li>
</ul>
<h3>New features</h3>
<ul>
<li>route: Support defining ECMP weight. (7fcba62)</li>
<li>route: Support defining ECMP flags. (18c4331)</li>
<li>route: allow IPv6 gateway in IPv4 route. (e1784a3)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>N/A</li>
</ul>
<h2>[0.18.0] - 2025-08-27</h2>
<h3>Breaking changes</h3>
<ul>
<li>Please check <code>netlink-packet-route</code> 0.25.0 breaking
changes.</li>
<li>Please check <code>netlink-packet-core</code> 0.8.0 breaking
changes.</li>
<li>Please check <code>netlink-proto</code> 0.12.0 breaking
changes.</li>
<li>Removed <code>rtnetlink::packet_utils</code>. (9373d77)</li>
</ul>
<h3>New features</h3>
<ul>
<li>ip: Introduced <code>AddressMessageBuilder</code>. (1fe2569)</li>
<li>macsec: Introduced <code>LinkMacSec</code>. (b9dd9d9)</li>
<li>Allow the user to specify their own socket. (6547f22)</li>
<li>Allow <code>TrafficGetFilterRequest</code> to get ingress or egress
filters. (45f9206)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Replace <code>impl TryStream</code> with <code>impl Stream</code>.
(513e8c3)</li>
<li>Fix android build. (3e270c6)</li>
<li>Should not set <code>NLM_F_EXCL</code> when deleting alt-name.
(7dd58dd)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28f321f40"><code>e28f321</code></a>
New release 0.18.1</li>
<li><a
href="18c433148d"><code>18c4331</code></a>
rotue: Add <code>RouteNextHopBuilder::flags()</code></li>
<li><a
href="e1784a308b"><code>e1784a3</code></a>
route: allow IPv6 gateway in IPv4 route</li>
<li><a
href="7fcba62c1c"><code>7fcba62</code></a>
route: Support defining ECMP weight</li>
<li><a
href="e1184c005f"><code>e1184c0</code></a>
New release 0.18.0</li>
<li><a
href="9373d773d9"><code>9373d77</code></a>
Use latest rust-netlink crates</li>
<li><a
href="96d381efa8"><code>96d381e</code></a>
Fix cargo fmt and cargo clippy warnings</li>
<li><a
href="1fe25698f4"><code>1fe2569</code></a>
Create AddressMessageBuilder</li>
<li><a
href="6485710c84"><code>6485710</code></a>
Fix document code for Macsec</li>
<li><a
href="c7598bef13"><code>c7598be</code></a>
fix format</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-netlink/rtnetlink/compare/v0.17.0...v0.18.1">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [secrecy](https://github.com/iqlusioninc/crates) from 0.8.0 to
0.10.3.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/iqlusioninc/crates/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [proptest-state-machine](https://github.com/proptest-rs/proptest)
from 0.4.0 to 0.5.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2885bc2f3d"><code>2885bc2</code></a>
new releases for proptest, proptest-macro, and state-machine</li>
<li><a
href="a85563f3cc"><code>a85563f</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/584">#584</a>
from wojciech-graj/main</li>
<li><a
href="5331517f52"><code>5331517</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/596">#596</a>
from alexanderkjall/fix-arithmetic-overflow</li>
<li><a
href="157f3c083f"><code>157f3c0</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a>
from ebegumisa/main</li>
<li><a
href="02fa1fcc45"><code>02fa1fc</code></a>
changelog: add <a
href="https://redirect.github.com/proptest-rs/proptest/issues/595">#595</a></li>
<li><a
href="27fd76fbbc"><code>27fd76f</code></a>
fix for 32 bit processors</li>
<li><a
href="d1716ca7b4"><code>d1716ca</code></a>
Add <code>ReferenceStateMachine</code> arg to
<code>SystemUnderTest::teardown</code></li>
<li><a
href="ea4ddeb0a8"><code>ea4ddeb</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/594">#594</a>
from proptest-rs/attr-macro-preserve-arg-names</li>
<li><a
href="f80c1e6e8d"><code>f80c1e6</code></a>
fix shorthand struct initialization lint</li>
<li><a
href="b7590fa642"><code>b7590fa</code></a>
add new test for complex patterns</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/proptest-state-machine-0.4.0...proptest-state-machine-0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite)
from 0.27.0 to 0.28.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's
changelog</a>.</em></p>
<blockquote>
<h1>0.28.0</h1>
<ul>
<li>Update <code>tungstenite</code> to <code>0.18.0</code>. See <a
href="https://github.com/snapview/tungstenite-rs/blob/master/CHANGELOG.md"><code>tungstenite</code>
release</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35d110c24c"><code>35d110c</code></a>
Implement into_inner to get the underlying stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/367">#367</a>)</li>
<li><a
href="f3ae75d1de"><code>f3ae75d</code></a>
Update <code>tungstenite</code> version and fix bugs</li>
<li><a
href="25b544e43f"><code>25b544e</code></a>
Allow getting a reference to the shared inner stream (<a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/363">#363</a>)</li>
<li>See full diff in <a
href="https://github.com/snapview/tokio-tungstenite/compare/v0.27.0...v0.28.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Upon moving the version string from PKG_VERSION and Cargo.toml, we lost
the bump version automation. To avoid more bugs here in the future, we
now check for the version marker across all Git-tracked files,
regardless of their extension.
Fixes#10748
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to
2.0.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/thiserror/releases">thiserror's
releases</a>.</em></p>
<blockquote>
<h2>2.0.17</h2>
<ul>
<li>Use differently named __private module per patch release (<a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="72ae716e6d"><code>72ae716</code></a>
Release 2.0.17</li>
<li><a
href="599fdce83a"><code>599fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>
from dtolnay/private</li>
<li><a
href="9ec05f6b38"><code>9ec05f6</code></a>
Use differently named __private module per patch release</li>
<li><a
href="d2c492b549"><code>d2c492b</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="fc3ab9501d"><code>fc3ab95</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li><a
href="819fe29dbb"><code>819fe29</code></a>
Update ui test suite to nightly-2025-09-12</li>
<li><a
href="259f48c549"><code>259f48c</code></a>
Enforce trybuild >= 1.0.108</li>
<li><a
href="470e6a681c"><code>470e6a6</code></a>
Update ui test suite to nightly-2025-08-24</li>
<li><a
href="544e191e6e"><code>544e191</code></a>
Update actions/checkout@v4 -> v5</li>
<li><a
href="cbc1ebad3e"><code>cbc1eba</code></a>
Delete duplicate cap-lints flag from build script</li>
<li>See full diff in <a
href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.40 to 1.0.41.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/quote/releases">quote's
releases</a>.</em></p>
<blockquote>
<h2>1.0.41</h2>
<ul>
<li>Improve compile error when repetition contains no interpolated value
that is an iterator (<a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="594c865ce8"><code>594c865</code></a>
Release 1.0.41</li>
<li><a
href="68956e650b"><code>68956e6</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/quote/issues/302">#302</a>
from dtolnay/hasiter</li>
<li><a
href="6a69784268"><code>6a69784</code></a>
Make diagnostic attribute conditional on compiler version</li>
<li><a
href="5f1924bd99"><code>5f1924b</code></a>
Tweak CheckHasIterator error message</li>
<li><a
href="c0adb26f41"><code>c0adb26</code></a>
Add diagnostic::on_unimplemented for no iterator in repetition</li>
<li><a
href="a1ddcab61b"><code>a1ddcab</code></a>
Combine HasIterator and ThereIsNoIteratorInRepetition to one type</li>
<li><a
href="bf48c854da"><code>bf48c85</code></a>
Switch to trait for checking iterator in repetition</li>
<li><a
href="d3b4777367"><code>d3b4777</code></a>
Update ui test suite to nightly-2025-09-27</li>
<li><a
href="3e6b04d98b"><code>3e6b04d</code></a>
Raise minimum tested compiler to rust 1.76</li>
<li><a
href="07deaaf89e"><code>07deaaf</code></a>
Opt in to generate-macro-expansion when building on docs.rs</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/quote/compare/1.0.40...1.0.41">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
To allow for better analysis of flow logs, we embed the resource name
and its address into the flow flogs. For the Internet Resource, the name
will be displayed as "Internet` and the address is either `0.0.0.0/0` or
`::/0` depending on the IP version of the packet. For CIDR resources,
the address is the subnet and for DNS resources, it is the domain
pattern.
Resolves: #10693
This improves the secret handling inside `firezone-cli` by using the
`rpassword` crate to hide the token from stdin and using `secrecy` to
zeroize the memory afterwards. To make it easier to test locally, we add
a dry run mode for local testing, hidden behind the `FZ_DRY_RUN` env
variable.
With this PR we add `cargo-deb` to our CI pipeline and build a debian
package for the Gateway. The debian package comes with several
configuration files that make it easy for admins to start and maintain a
Gateway installation:
- The embedded systemd unit file is essentially the same one as what we
currently install with the install script with some minor modifications.
- The token is read from `/etc/firezone/gateway-token` and passed as a
systemd credential. This allows us to set the permissions for this file
to `0400` and have it owned by `root:root`.
- The configuration is read from `/etc/firezone/gateway-env`.
- Both of these changes basically mean the user should never need to
touch the unit file itself.
- The `sysusers` configuration file ensures the `firezone` user and
group are present on the system.
- The `tmpfiles` configuration file ensures the necessary directories
are present.
All of the above is automatically installed and configured using the
post-installation script which is called by `apt` once the package is
installed.
In addition to the Gateway, we also package a first version of the
`firezone-cli`. Right now, `firezone-cli` (installed as `firezone`) has
three subcommands:
- `gateway authenticate`: Asks for the Gateway's token and installs it
at `/etc/firezone/gateway-token`. The user doesn't have to know how we
manage this token and can trust that we are using safe defaults.
- `gateway enable`: Enables and starts the systemd service.
- `gateway disable`: Disables the systemd service.
Right now, the `.deb` file is only uploaded to the preview APT
repository and not attached to the release. It should therefore not yet
be user-visible unless somebody pokes around a lot, meaning we can defer
documentation to a later PR and start testing it from the preview
repository for our own purposes.
Related: #10598Resolves: #8484Resolves: #10681
Currently, the default log level for both the Gateway and the headless
Client is actually `error` which basically means no logs at all. To
avoid having to create additional configuration as part of the Debian
packages, we set the default log level to `info`.
Unix tools often write a newline at the end of a file. When using the
file's contents as a token, they need to match byte-for-byte otherwise
we cannot authenticate to the portal. To ensure that, we trim the
content from the file before creating the `SecretString`.
Bumps [dns-lookup](https://github.com/keeperofdakeys/dns-lookup) from
2.1.1 to 3.0.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec8ceceb6b"><code>ec8cece</code></a>
Bump to version 3.0.0</li>
<li><a
href="8b650bd273"><code>8b650bd</code></a>
Bump to version 2.1.0</li>
<li><a
href="0d90628d54"><code>0d90628</code></a>
Update to 2021 edition</li>
<li><a
href="e4f5e19d80"><code>e4f5e19</code></a>
Apply clipply lints</li>
<li><a
href="1d02095eb7"><code>1d02095</code></a>
deps(socket2): update to 0.6 with windwos-sys 0.60</li>
<li><a
href="7745e71a61"><code>7745e71</code></a>
Update example lookup_host with collect in README</li>
<li><a
href="615ee8cc85"><code>615ee8c</code></a>
Downgrade windows-sys back to 0.52</li>
<li><a
href="aa1380981a"><code>aa13809</code></a>
Fix clippy errors</li>
<li><a
href="c5b86b6882"><code>c5b86b6</code></a>
Remove useless clippy feature</li>
<li><a
href="b581ca0c6a"><code>b581ca0</code></a>
Update deps</li>
<li>Additional commits viewable in <a
href="https://github.com/keeperofdakeys/dns-lookup/compare/2.1.1...3.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [winreg](https://github.com/gentoo90/winreg-rs) from 0.52.0 to
0.55.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gentoo90/winreg-rs/releases">winreg's
releases</a>.</em></p>
<blockquote>
<h2>0.55.0 (windows-sys)</h2>
<ul>
<li>Breaking change: Increate MSRV to 1.60</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.59
(<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/77">#77</a>)</li>
</ul>
<h2>0.54.0 (windows-sys)</h2>
<ul>
<li>Breaking change: Migrate to the 2021 edition of Rust (MSRV
1.56)</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.52
(closes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/63">#63</a>,
<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/70">#70</a>)</li>
</ul>
<h2>0.53.0 (windows-sys)</h2>
<ul>
<li>Don't stop deserialization of <code>Any</code> due to
<code>REG_NONE</code> (pullrequest <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/67">#67</a>,
fixes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/66">#66</a>)</li>
<li>Implement (de)serialization of <code>Option</code> (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/56">#56</a>)</li>
<li>Add <code>RegKey</code> methods for creating/opening subkeys with
custom options (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/65">#65</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/gentoo90/winreg-rs/blob/master/CHANGELOG.md">winreg's
changelog</a>.</em></p>
<blockquote>
<h2>0.55.0</h2>
<ul>
<li>Breaking change: Increate MSRV to 1.60</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.59
(<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/77">#77</a>)</li>
</ul>
<h2>0.54.0</h2>
<ul>
<li>Breaking change: Migrate to the 2021 edition of Rust (MSRV
1.56)</li>
<li>Breaking change: Upgrade <code>windows-sys</code> to version 0.52
(closes <a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/63">#63</a>,
<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/70">#70</a>)</li>
</ul>
<h2>0.15.0, 0.53.0</h2>
<ul>
<li>Don't stop deserialization of <code>Any</code> due to
<code>REG_NONE</code> (pullrequest <a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/67">#67</a>,
fixes <a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/66">#66</a>)</li>
<li>Implement (de)serialization of <code>Option</code> (<a
href="https://redirect.github.com/gentoo90/winreg-rs/issues/56">#56</a>)</li>
<li>Add <code>RegKey</code> methods for creating/opening subkeys with
custom options (<a
href="https://redirect.github.com/gentoo90/winreg-rs/pull/65">#65</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9243b23849"><code>9243b23</code></a>
Bump version to 0.55.0</li>
<li><a
href="f0440749e8"><code>f044074</code></a>
Upgrade <code>windows-sys</code> to version 0.59 (and MSRV to 1.60)</li>
<li><a
href="4574febe77"><code>4574feb</code></a>
Bump version to 0.54.0</li>
<li><a
href="105ca7aee3"><code>105ca7a</code></a>
Upgrade <code>windows-sys</code> to version 0.52</li>
<li><a
href="93aefdf523"><code>93aefdf</code></a>
Migrate to the 2021 edition of Rust</li>
<li><a
href="c9315d07f0"><code>c9315d0</code></a>
Clippy: remove unnecessary typecasts</li>
<li><a
href="e62111ee60"><code>e62111e</code></a>
Merge branch 'winapi'</li>
<li><a
href="049035fe94"><code>049035f</code></a>
Update the transaction example in the docs</li>
<li><a
href="5baac5d5a4"><code>5baac5d</code></a>
CI: upgrade actions to the latest versions</li>
<li><a
href="cbaeb4e00a"><code>cbaeb4e</code></a>
CI: check <code>Cargo.toml</code> formatting</li>
<li>Additional commits viewable in <a
href="https://github.com/gentoo90/winreg-rs/compare/v0.52.0...v0.55.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Whenever we route a packet from the Client to a DNS resource, we now
also capture the domain name. If this is the first packet and we are
thus creating a new flow, we'll save that domain in it. Later packets
for the same IP are rolled up under the same flow and thus don't need to
re-set the domain.
Resolves: #10691
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 24.5.0 to 24.5.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [etherparse](https://github.com/JulianSchmid/etherparse) from
0.17.0 to 0.19.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/JulianSchmid/etherparse/releases">etherparse's
releases</a>.</em></p>
<blockquote>
<h2>v0.19.0 Add basic ICMPv6 Neighbor Discovery Support</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: add ICMPv6 neighbour solicitation by <a
href="https://github.com/thomaseizinger"><code>@thomaseizinger</code></a>
in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/129">JulianSchmid/etherparse#129</a></li>
<li>Minor fixups for ICMPv6 NeighborSolicitation &
NeighborAdvertisement & Add RouterSolicitation &
RouterAdvertisement & Redirect by <a
href="https://github.com/JulianSchmid"><code>@JulianSchmid</code></a>
in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/130">JulianSchmid/etherparse#130</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/thomaseizinger"><code>@thomaseizinger</code></a>
made their first contribution in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/129">JulianSchmid/etherparse#129</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.18.2...v0.19.0">https://github.com/JulianSchmid/etherparse/compare/v0.18.2...v0.19.0</a></p>
<h2>v0.18.2 Add core::error::Error implementation to non_std build</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement core::error::Error for the error types by <a
href="https://github.com/xyzzyz"><code>@xyzzyz</code></a> in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/127">JulianSchmid/etherparse#127</a></li>
<li>Increment version 0.18.2 by <a
href="https://github.com/JulianSchmid"><code>@JulianSchmid</code></a>
in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/128">JulianSchmid/etherparse#128</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/xyzzyz"><code>@xyzzyz</code></a> made
their first contribution in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/127">JulianSchmid/etherparse#127</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.18.1...v0.18.2">https://github.com/JulianSchmid/etherparse/compare/v0.18.1...v0.18.2</a></p>
<h2>v0.18.1 Add LaxPacketHeader:: from_linux_sll</h2>
<h2>What's Changed</h2>
<ul>
<li>Add from_linux_sll for LaxPacketHeaders by <a
href="https://github.com/shu-kitamura"><code>@shu-kitamura</code></a>
in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/125">JulianSchmid/etherparse#125</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/shu-kitamura"><code>@shu-kitamura</code></a>
made their first contribution in <a
href="https://redirect.github.com/JulianSchmid/etherparse/pull/125">JulianSchmid/etherparse#125</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.18.0...v0.18.1">https://github.com/JulianSchmid/etherparse/compare/v0.18.0...v0.18.1</a></p>
<h2>v0.18.0 MACsec Support & ECN+DSCP Support for IPv6</h2>
<h2>What are the major changes?</h2>
<ul>
<li>Support for MACsec (IEEE 802.1AE)</li>
<li>The <code>vlan</code> field in <code>SlicedPacket</code>,
<code>LaxSlicedPacket</code>, <code>PacketHeaders</code>,
<code>LaxPacketHeaders</code> has been replaced with
<code>link_exts</code>.</li>
<li><code>Ipv4Ecn</code> & <code>Ipv4Dscp</code> have been replaced
by <code>IpEcn</code> & <code>IpDscp</code>.</li>
<li><code>Ipv6Header</code> & <code>Ipv6HeaderSlice</code> now
supports the reading & setting of <code>IpEcn</code> &
<code>IpDscp</code> (thanks to <a
href="https://github.com/baxterjo"><code>@baxterjo</code></a>)</li>
<li><code>LaxEtherPayloadSlice</code> has been introduced &
<code>len_source</code> added to <code>EtherPayloadSlice</code>.</li>
<li><code>source_addr()</code> & <code>destination_addr()</code>
methods of <code>IpSlice</code>, <code>Ipv4HeaderSlice</code>,
<code>Ipv6Header</code>, <code>Ipv6HeaderSlice</code>,
<code>LaxIpSlice</code> are now available in non-std mode (thanks to <a
href="https://github.com/Dominaezzz"><code>@Dominaezzz</code></a>)</li>
<li>Minimum supported Rust version as been configured to 1.83.0 (thanks
to <a
href="https://github.com/baxterjo"><code>@baxterjo</code></a>)</li>
</ul>
<h3>What is MACsec (IEEE 802.1AE)?</h3>
<p>MACsec is a protocol that allows the signing and/or encryption of
packet contents from the link layer downwards. The main difference
between MACsec and IPSec is that IPSec is located after the IP header
while MACsec is located above the IP header and can also encrypt the
contents of the IP header itself while IPSSec does not encrypt the IP
header. As such MACsec is usually used to secure local networks, while
IPSec is more commonly used for VPNs and alike that leave the local
network.</p>
<h3>Changes needed for MACsec Support</h3>
<p>Adding MACsec support required some breaking changes, specifically on
how VLAN headers are handled. The MACsec SECTAG is a header that can be
present in the same locations as "VLAN" headers. It has no
fixed position and can be located before or after VLAN headers or after
the Ethernet 2 header without a VLAN header being present at all. This
invalidates the assumption <code>etherparse</code> had in previous
versions that VLAN headers are always directly located after the
Ethernet2 header and that if there are multiple VLAN headers that they
are directly located after each other. Now there could be a MACsec
header present in between VLAN headers.</p>
<p>To support the different combinations of MACSec & VLAN headers
the <code>vlan</code> field in <code>SlicedPacket</code>,
<code>PacketHeaders</code>, <code>LaxSlicedPacket</code> &
<code>LaxPacketHeaders</code> has been replaced with a
<code>link_exts</code> field that can contain up to three "link
extensions":</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b76f71ac3e"><code>b76f71a</code></a>
Update version to 0.19.0 for etherparse</li>
<li><a
href="9fd5758f78"><code>9fd5758</code></a>
Merge pull request <a
href="https://redirect.github.com/JulianSchmid/etherparse/issues/130">#130</a>
from JulianSchmid/coverage-fixups</li>
<li><a
href="cd9266d03f"><code>cd9266d</code></a>
Add Router & Redirect ICMPv6 messages</li>
<li><a
href="e50e502898"><code>e50e502</code></a>
Renamed neighbour_discovery.rs to neighbor_advertisement_header.rs</li>
<li><a
href="46b4dfbfcf"><code>46b4dfb</code></a>
Further tests for coverage</li>
<li><a
href="d821f04435"><code>d821f04</code></a>
Further tests for coverage</li>
<li><a
href="454c35c271"><code>454c35c</code></a>
Increment version to 0.19.0</li>
<li><a
href="79b915aa2d"><code>79b915a</code></a>
Minor fixups for ICMPv6</li>
<li><a
href="9e967ba879"><code>9e967ba</code></a>
Merge pull request <a
href="https://redirect.github.com/JulianSchmid/etherparse/issues/129">#129</a>
from thomaseizinger/feat/icmpv6-neighbour-soliciation</li>
<li><a
href="e59fc8498b"><code>e59fc84</code></a>
Add ICMPv6 neighbour solicitation</li>
<li>Additional commits viewable in <a
href="https://github.com/JulianSchmid/etherparse/compare/v0.17.0...v0.19.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [ringbuffer](https://github.com/NULLx76/ringbuffer) from 0.15.0 to
0.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/NULLx76/ringbuffer/releases">ringbuffer's
releases</a>.</em></p>
<blockquote>
<h2>0.16.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement nth and nth_back to provide a O(1) way of skipping through
elements by <a
href="https://github.com/cdellacqua"><code>@cdellacqua</code></a> in <a
href="https://redirect.github.com/NULLx76/ringbuffer/pull/142">NULLx76/ringbuffer#142</a></li>
<li>Increase copy speed by orders of magnitude by <a
href="https://github.com/cdellacqua"><code>@cdellacqua</code></a> in <a
href="https://redirect.github.com/NULLx76/ringbuffer/pull/142">NULLx76/ringbuffer#142</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/NULLx76/ringbuffer/compare/0.15.0...v0.16.0">https://github.com/NULLx76/ringbuffer/compare/0.15.0...v0.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8aaaec89b0"><code>8aaaec8</code></a>
Merge pull request <a
href="https://redirect.github.com/NULLx76/ringbuffer/issues/145">#145</a>
from NULLx76/v0.16.0</li>
<li><a
href="b6adc9520f"><code>b6adc95</code></a>
bump version to 0.16.0</li>
<li><a
href="5250e7bca3"><code>5250e7b</code></a>
fix toml</li>
<li><a
href="ecdc089764"><code>ecdc089</code></a>
Merge branch 'main' of github.com:NULLx76/ringbuffer</li>
<li><a
href="c89c9ae35d"><code>c89c9ae</code></a>
fix readme msrv</li>
<li><a
href="9f4b442a78"><code>9f4b442</code></a>
Merge pull request <a
href="https://redirect.github.com/NULLx76/ringbuffer/issues/141">#141</a>
from cdellacqua/main</li>
<li><a
href="400dac6032"><code>400dac6</code></a>
Merge pull request <a
href="https://redirect.github.com/NULLx76/ringbuffer/issues/144">#144</a>
from NULLx76/fix-ci</li>
<li><a
href="27ddaea900"><code>27ddaea</code></a>
update ci workflows</li>
<li><a
href="f0224853e1"><code>f022485</code></a>
Merge remote-tracking branch 'origin/main' into cdellacqua/main</li>
<li><a
href="a9383ff84e"><code>a9383ff</code></a>
Merge branch 'main' of github.com:NULLx76/ringbuffer</li>
<li>Additional commits viewable in <a
href="https://github.com/NULLx76/ringbuffer/compare/0.15.0...v0.16.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.22.0 to
3.23.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md">tempfile's
changelog</a>.</em></p>
<blockquote>
<h2>3.23.0</h2>
<ul>
<li>Remove need for the "nightly" feature to compile with
"wasip2".</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fe9f4a305b"><code>fe9f4a3</code></a>
chore: release v3.23.0 (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/381">#381</a>)</li>
<li><a
href="006c3fd55a"><code>006c3fd</code></a>
fix: use std::os::fd instead of std::os::wasi (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/380">#380</a>)</li>
<li><a
href="b0e6309a58"><code>b0e6309</code></a>
doc: Update COPYRIGHT link (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/377">#377</a>)</li>
<li><a
href="2d6fc3fb57"><code>2d6fc3f</code></a>
Fix formatting in Builder::disable_cleanup documentation (<a
href="https://redirect.github.com/Stebalien/tempfile/issues/375">#375</a>)</li>
<li>See full diff in <a
href="https://github.com/Stebalien/tempfile/compare/v3.22.0...v3.23.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Even prior to #10373, failures in resolving a name on the Gateway for a
DNS resource resulted in a failure of setting up the DNS resource NAT.
Without the DNS resource NAT, packets for that resource bounced on the
Gateway because we didn't have any traffic filters.
A non-existent filter is being treated as a "traffic not allowed" error
and we respond with an ICMP permission denied error. For domains where
both the A and AAAA query result in NXDOMAIN, that isn't necessarily
appropriate. Instead, I am proposing that for such cases, we want to
return a regular "address/host unreachable" ICMP error instead of the
more specific "permission denied" variant.
To achieve that, we refactor the Gateway's peer state to be able to hold
an `Option<IpAddr>` inside the `TranslationState`. This allows us to
always insert an entry for each proxy IP, even if we did not resolve any
IPs for it. Then, when receiving traffic for a proxy IP where the
resolved IP is `None`, we reply with the appropriate ICMP error.
As part of this, we also simplify the assignment of the proxy IPs. With
the NAT64 module removed, there is no more reason to cross-assign IPv4
and IPv6 addresses. We can simply leave the mappings for e.g. IPv6 proxy
addresses empty if the AAAA query didn't resolve anything.
From the Client's perspective, not much changes. The DNS resource NAT
setup will now succeed, even for domains that don't resolve to anything.
This doesn't change any behaviour though as we are currently already
passing packets through for failed DNS resource NAT setups. The main
change is that we now send back a different ICMP error. Most
importantly, the "address/host unreachable variant" does not trigger
#10462.
Bumps
[futures-bounded](https://github.com/thomaseizinger/rust-futures-bounded)
from 0.2.4 to 0.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/thomaseizinger/rust-futures-bounded/blob/main/CHANGELOG.md">futures-bounded's
changelog</a>.</em></p>
<blockquote>
<h2>0.3.0</h2>
<ul>
<li>Allow for multiple timer implementations.
See <a
href="https://redirect.github.com/thomaseizinger/rust-futures-bounded/pull/5">PR
5</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/thomaseizinger/rust-futures-bounded/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [proptest-state-machine](https://github.com/proptest-rs/proptest)
from 0.3.1 to 0.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c073d523dc"><code>c073d52</code></a>
new releases for all crates (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/578">#578</a>)</li>
<li><a
href="cea7a0215d"><code>cea7a02</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/574">#574</a>
from Nicolapps/nicolas/fix-proptest-derive-urls-in-er...</li>
<li><a
href="ff04a9e842"><code>ff04a9e</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/576">#576</a>
from proptest-rs/rand-0.9</li>
<li><a
href="febd329dc7"><code>febd329</code></a>
fix state-machine shrinking on <= 1 transitions</li>
<li><a
href="ba38531db8"><code>ba38531</code></a>
Fix not seeding custom RNG algorithm properly</li>
<li><a
href="0730e7e98d"><code>0730e7e</code></a>
Move from deprecated <code>Rng::gen()</code> to
<code>Rng::random()</code></li>
<li><a
href="d6a14ff8af"><code>d6a14ff</code></a>
Custom <code>usize</code> and <code>isize</code> implementation</li>
<li><a
href="fc7543e62c"><code>fc7543e</code></a>
update rand to 0.9</li>
<li><a
href="7683f5b693"><code>7683f5b</code></a>
Fix URLs in proptest-derive error messages</li>
<li><a
href="f7f3600133"><code>f7f3600</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/573">#573</a>
from Nicolapps/nicolas/fix-test-name</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/proptest-state-machine-0.3.1...proptest-state-machine-0.4.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Network flow logs are a common feature of VPNs. Due to the nature of a
shared exit node, it is of great interest to a network analyst, which
TCP connections are getting routed through the tunnel, who is initiating
them, for long do they last and how much traffic is sent across them.
With this PR, the Firezone Gateway gains the ability of detecting the
TCP and UDP flows that are being routed through it. The information we
want to attach to these flows is spread out over several layers of the
packet handling code. To simplify the implementation and not complicate
the APIs unnecessarily, we chose to rely on TLS (thread-local storage)
for gathering all the necessary data as a packet gets passed through the
various layers. When using a const initializer, the overhead of a TLS
variable over an actual local variable is basically zero. The entire
routing state of the Gateway is also never sent across any threads,
making TLS variables a particularly good choice for this problem.
In its MVP form, the detected flows are only emitted on stdout and also
that only if `flow_logs=trace` is set using `RUST_LOG`. Early adopters
of this feature are encouraged to enable these logs as described and
then ingest the Gateway's logs into the SIEM of their choice for further
analysis.
Related: #8353
When working on the `client-ffi` module on a Linux or Windows machine,
we currently see a lot of "unused code" warnings. We could feature-gate
the remaining functions too but that would result in not having
code-completion on those platforms at all.
To make working on this module more ergonomic, we add a dummy
constructor for the session.
The crates from https://github.com/open-i18n/rust-unic are unmaintained but they are still being pulled in via `tauri`. Unfortunately, we have to wait for an MSRV bump from `tauri` before the update of `urlpattern` can be completed. Until then, we need to ignore these advisories to keep our CI passing.
Related: https://github.com/tauri-apps/tauri/pull/14195
As far as I can tell, the `async_runtime` config option doesn't exist in
UniFFI, hence we remove that.
Whilst going through the UniFFI docs, I also noticed that there is a
specific flag about Android that we can toggle on. Effectively, this
uses the shared
[`SystemCleaner`](https://developer.android.com/reference/android/system/SystemCleaner)
instead of a per-thread one which is supposed to be more performant.
Finally, using immutable records seems like a good idea as mutating any
FFI-originated field is not going to be reflected in connlib's state.
Preventing that at compile-time has a good chance of reducing bugs.
This code appears to be configured out in CI and thus we don't run
clippy there. My IDE pointed these out however so it seems fair enough
to fix them. It is just unnecessary references, doesn't actually have an
impact on the functionality.
In the spirit of making Firezone as robust as possible, we make the FFI
calls infallible and complete as much of the task as possible. For
example, we don't fail `setDns` entirely just because we cannot parse a
single DNS server's IP.
Resolves: #10611
dependabot[bot]